diff --git a/.gitignore b/.gitignore
index 656e2e629..3ee8c4417 100644
--- a/.gitignore
+++ b/.gitignore
@@ -30,8 +30,15 @@ www/**/.yarn/*
 .eslintcache
 
 .idea
+.vscode
 .turbo
 .yarn
 build/**
 **/dist
 **/stats
+
+# ZCP local-mode runtime state — written by `zcp init` / `zcp serve`
+.zcp/
+
+# Generated full-text knowledge artifact (built via `zerops-llm-script.ts` prebuild)
+knowledge/
diff --git a/apps/docs/content/features/coding-agents.mdx b/apps/docs/content/features/coding-agents.mdx
new file mode 100644
index 000000000..6e8efb8ae
--- /dev/null
+++ b/apps/docs/content/features/coding-agents.mdx
@@ -0,0 +1,219 @@
+---
+title: 'Infrastructure for Coding Agents'
+description: 'Real project infrastructure for coding agents — runtimes, managed services, private networking, deploys, logs, and verification, exposed through MCP.'
+---
+
+import Icons from '@theme/Icon';
+import CodingAgentsTopology from '@site/src/components/CodingAgentsTopology';
+import IntroAgentVisual from '@site/src/components/IntroAgentVisual';
+
+Zerops was built on the idea of **environment parity** — giving developers the full development lifecycle, from remote development to highly available production, with the observability and developer tools for maximum flexibility, and sensible defaults so the configs stay reasonable. Turns out that's **exactly what coding agents need** to produce and iterate on production-ready applications.
+
+<br/>
+
+## What is it
+
+An **[MCP server](/zcp/overview)** for your agents — with an optional remote cloud development environment container to run them in — that makes use of the flexibility and processes Zerops provides. There's no "Zerops system prompt" hogging your context window. The MCP server is a thin layer that makes **your agent a Zerops platform power user** — when needed — so it understands:
+
+- how networking, scaling, debugging, build & deployment, environment variables, and service provisioning work on the platform
+- the development loop: start a dev server → implement → deploy to stage → verify
+
+The depth of the platform underneath is what gives the agent room to actually work. A single agent can scaffold and iterate on projects with multiple runtimes (`app`, `api`, `worker`) backed by multiple [managed services](/features/infrastructure) (object storage `storage`, Postgres `db`, Elasticsearch `search`, NATS `broker`, Valkey `cache`) — just as easily as it can work on a simple Next.js presentational website.
+
+A **[recipe ecosystem](https://app.zerops.io/recipes)** covering the most popular frameworks — pre-prepared for the whole lifecycle — gives the agent a baseline to start from, or a guide for setting up any stack on Zerops.
+
+<IntroAgentVisual />
+
+<Note type="tip" title="Platform-first, not agent-first">
+
+Most coding-agent platforms went agent-first, then bolted on infrastructure — where it runs, how it reaches the database, how its output becomes production-ready, which third-party services to wire up. **Zerops went platform-first.** The complete development lifecycle existed before coding agents did; we taught them to operate it — **not just how to call APIs, but how to ship software the way a senior developer would.**
+
+</Note>
+
+<br/><br/>
+
+## Main features
+
+### Your agent, your subscription
+
+Bring whichever agent you already use. Claude Code today; Codex, Gemini CLI, opencode, and any MCP-capable client next. The container is a regular Ubuntu — install your own CLI tools, drop in your `.claude` / `.cursor` configs, attach your IDE over SSH. **Zerops doesn't resell tokens or proxy your model calls** — sign in with your own Anthropic / OpenAI / Google subscription and the agent talks to its provider directly.
+
+### An ordinary Zerops project underneath
+
+The agent operates inside a normal Zerops project — same shape as production. Managed databases (PostgreSQL, MariaDB, ClickHouse), key-value stores (KeyDB, Valkey), search (Elasticsearch, Meilisearch, Typesense), vector store (Qdrant), message queues (NATS, Kafka), object and shared storage, managed Nginx — all on a private network, addressable by hostname. The same pipeline that deploys here can deploy to a separate HA production project with no `zcp` service attached. Not a sandbox the work outgrows.
+
+### Human ↔ agent handover
+
+The agent and the human share the same workspace — same filesystem, same SSH key, same Cloud IDE in the browser, same remote-dev attach from your local IDE. Take over mid-session, set something up before the agent runs, debug in the same container the agent just left. Nothing reaches production until you merge the PR — the agent opens it, you gate it.
+
+### Recipes for any stack
+
+Runtimes for Bun, Deno, Node.js, Go, Python, Rust, Java, .NET, PHP, Elixir, Gleam — with curated recipes for the framework on top: Next.js, Nuxt, Astro, Svelte, React, Vue, Angular, Solid, Qwik, Analog, NestJS, Laravel, and more. Pick a recipe, select the **AI Agent** environment, and the project comes up with a working dev runtime, a stage runtime, the right managed services wired in, and a coding agent briefed on the Zerops surface.
+
+<br/><br/>
+
+## How it works in practice
+
+The agent reaches your project's private network one of two ways:
+
+- **Remote** — a `zcp` service deployed into the project runs the agent. You attach to it with Claude Code's IDE extension, with any IDE that supports remote development (Cursor, Windsurf, VS Code Remote), or by running [`zcli vpn up`](/references/networking/vpn) and ssh-ing into `zcp` to drive the rest of the project from a shell.
+- **Local** — install the `zcp` MCP on your machine and run `zcli vpn up` to join the network. From there your IDE, agent, and shell can ssh directly into any container.
+
+Either way, the agent reaches [managed services by hostname](/references/networking/internal-access) (`db:5432`, `cache:6379`), deploys through the [Zerops pipeline](/features/pipeline), and reads logs and events the same way you would.
+
+<CodingAgentsTopology />
+
+The agent runs through two workflows. **Bootstrap** settles which services and runtime targets the app needs. **Develop** is the short work loop — edit code on `appdev`, deploy to `appstage`, check it's reachable, verify behavior against `db:5432` and `cache:6379`, fix from evidence. A session ends with a URL you can open, or a specific blocker — failure category, attempts, what's still needed. Same hostnames, same managed services, same pipeline as production — just at smaller scale. See [Workflows in depth](/zcp/reference/agent-workflow) for both.
+
+<AsciiGraph ariaLabel="Develop workflow loop">{`    `}<span className="ascii-graph__highlight">{`zcp (local or remote)`}</span>{`
+             │
+             ▼
+    edit code on `}<span className="ascii-graph__highlight">{`appdev`}</span>{`   ◀────────────────────────┐
+       └ dev server, hot reload                    │
+             │                                     │
+             ▼                                     │
+    deploy to `}<span className="ascii-graph__highlight">{`appstage`}</span>{`                             │
+             │                                     │
+             ▼                                     │
+    check reachability                             │
+             │                                     │
+             ▼                                     │
+    verify behavior   ─── fail ─────┐              │
+             │                      │              │
+             │ pass                 ▼              │
+             ▼               read logs / events    │
+    URL (proof)             fix from evidence ─────┘`}</AsciiGraph>
+
+Once the loop produces verified work, the agent doesn't push to production. It hands off — through whichever path your team uses: a tag push, a protected-branch merge, a manual `zcli` release, a pull request, or a CI job. **A human gates the release**, and the production deploy runs into a [separate production project](/zcp/security/production-policy) that has no `zcp` service at all.
+
+<AsciiGraph ariaLabel="From dev project through GitHub PR to prod project">{`      Dev project                 GitHub                  Prod project
+
+┌─────────────────────┐       ┌──────────────┐       ┌─────────────────────┐
+│  appdev             │       │              │       │   app    (HA)       │
+│  appstage           │       │  Pull        │       │                     │
+│                     │ push  │  Request     │ CI/CD │   db     (HA)       │
+│  db, cache          │ ────▶ │              │ ────▶ │                     │
+│                     │       │  `}<span className="ascii-graph__highlight">{`+ human`}</span>{`     │       │   cache  (HA)       │
+│  `}<span className="ascii-graph__highlight">{`zcp service`}</span>{`        │       │    `}<span className="ascii-graph__highlight">{`review`}</span>{`    │       │                     │
+│                     │       │              │       │   (no zcp service)  │
+└─────────────────────┘       └──────────────┘       └─────────────────────┘`}</AsciiGraph>
+
+<br/><br/>
+
+## Where does this fit in the agent landscape
+
+With the model clear, here's where ZCP sits among adjacent tools. People say "agent infrastructure," "infra for Claude agents," "agent hosting," or "agent sandboxes" to mean different things — usually one of the categories below.
+
+<section className="zcp-landscape-section">
+  <header>
+    <h4>PaaS MCPs</h4>
+    <div className="zcp-landscape-section__logos">
+      <img src="/img/landscape/aws.png" alt="AWS" />
+      <img src="/img/landscape/railway.png" alt="Railway" />
+      <img src="/img/landscape/fly.png" alt="Fly.io" />
+      <img src="/img/landscape/render.svg" alt="Render" />
+    </div>
+    <p className="zcp-landscape-section__examples">AWS MCP servers · Railway MCP · Fly.io MCP · Render MCP</p>
+  </header>
+  <p>Most major PaaS providers have shipped an MCP — provision services, deploy code, list resources, read operational state. Great for "let my agent ship to my Railway account." These are *deploy and operate* surfaces, driven from outside the platform — and they reflect what's underneath: platforms optimized for day-one deploy that tuck the infrastructure behind a wall. Once an agent needs to actually *develop* against that infrastructure — debug a failed health check, follow real logs, hit Postgres from inside the network, inspect what a build is doing, run the dev loop before it ships anything — the wall stops it. That's by design on those platforms, not a missing feature.</p>
+
+  <p>ZCP exposes the full **Bootstrap and Develop** loop as MCP-addressable primitives because Zerops was built around the development lifecycle from the start — not a dev loop retrofitted onto a deploy-first platform.</p>
+</section>
+
+<section className="zcp-landscape-section">
+  <header>
+    <h4>Cloud VPS MCPs</h4>
+    <div className="zcp-landscape-section__logos">
+      <img src="/img/landscape/hetzner.ico" alt="Hetzner" />
+      <img src="/img/landscape/digitalocean.png" alt="DigitalOcean" />
+      <img src="/img/landscape/linode.png" alt="Linode" />
+      <img src="/img/landscape/vultr.png" alt="Vultr" />
+    </div>
+    <p className="zcp-landscape-section__examples">Hetzner Cloud MCP · DigitalOcean MCP · Linode MCP · raw SSH/server MCPs</p>
+  </header>
+  <p>"Let your agent manage your Hetzner VPS." An MCP gives the agent access to a Linux box — provision it, SSH in, install Docker and Postgres and nginx, set up systemd units, point a domain at it. Maximum control, lowest cost, full Linux to play with. The same reason senior developers reach for managed platforms applies here: even if you *can* harden SSH, write nginx configs, tune `pg_hba.conf`, rotate TLS, set firewall rules, run fail2ban, and stay on top of CVEs across kernel, OpenSSL, Docker, Postgres, and nginx — you usually don't want to. Each layer is its own domain with its own gotchas, each is a security surface that drifts the moment you stop tending it, and every project becomes a snowflake. Hand that work to an agent and you also hand it the blast radius: misconfigured firewall, debug endpoint left open, port 5432 exposed to the internet, keys never rotated. ZCP is the inverse trade-off — the **guardrails** of a managed platform. Private networking, TLS, isolated services, safe defaults, managed backups, no exposed ports unless you opt in — all built in. The agent operates through [project-scoped MCP tools](/zcp/reference/mcp-operations) instead of `sudo` on a fresh Ubuntu box, so the mistakes that matter on a VPS aren't reachable from where it sits.</p>
+</section>
+
+<section className="zcp-landscape-section">
+  <header>
+    <h4>Cloud dev environments with AI</h4>
+    <div className="zcp-landscape-section__logos">
+      <img src="/img/landscape/github.png" alt="GitHub Codespaces" />
+      <img src="/img/landscape/gitpod.ico" alt="Gitpod" />
+      <img src="/img/landscape/coder.svg" alt="Coder" />
+    </div>
+    <p className="zcp-landscape-section__examples">GitHub Codespaces + Copilot Workspace · Gitpod · Coder</p>
+  </header>
+  <p>A managed Linux container in the cloud with your editor and an AI assistant attached. Solves "where the agent runs" so state survives between sessions and machine setup stops being a question. The `zcp` service is the closest thing in this category — managed Linux container, Cloud IDE, your agent of choice — except it lives *inside* a Zerops project, addressing the project's runtimes, database, and cache by hostname, with deploys and logs as primitives the agent can call.</p>
+</section>
+
+<section className="zcp-landscape-section">
+  <header>
+    <h4>Bundled agent platforms</h4>
+    <div className="zcp-landscape-section__logos">
+      <img src="/img/landscape/replit.png" alt="Replit Agent" />
+      <img src="/img/landscape/lovable.png" alt="Lovable" />
+      <img src="/img/landscape/bolt.png" alt="Bolt.new" />
+      <img src="/img/landscape/v0.png" alt="v0" />
+      <img src="/img/landscape/devin.ico" alt="Devin" />
+      <img src="/img/landscape/openhands.png" alt="OpenHands" />
+    </div>
+    <p className="zcp-landscape-section__examples">Replit Agent · Lovable · Bolt.new · v0 · Devin · OpenHands</p>
+  </header>
+  <p>The agent, the workspace, the stack, and (often) the hosting target are fused into one closed product. Fast for prototypes. Decisions are made for you. Switching agents usually means switching platforms, and production-grade primitives — a real dev/stage/prod release flow, private networking, observability — tend to be limited or absent. **ZCP doesn't bundle**: the agent and model stay yours on your own subscription, and the platform underneath is normal Zerops with the full stack of managed services, networking, deploys, and observability.</p>
+</section>
+
+<section className="zcp-landscape-section">
+  <header>
+    <h4>Local coding agents</h4>
+    <div className="zcp-landscape-section__logos">
+      <img src="/img/landscape/cursor.png" alt="Cursor" />
+      <img src="/img/landscape/claude.png" alt="Claude Code" />
+      <img src="/img/landscape/windsurf.png" alt="Windsurf" />
+      <img src="/img/landscape/zed.png" alt="Zed" />
+      <img src="/img/landscape/aider.png" alt="Aider" />
+      <img src="/img/landscape/cline.png" alt="Cline" />
+    </div>
+    <p className="zcp-landscape-section__examples">Cursor · Windsurf · Zed · Claude Code · Codex CLI · Aider · Cline</p>
+  </header>
+  <p>The agent runs on your machine, edits your local checkout, runs local commands. Excellent at code changes. Anything beyond your machine — databases, networking, deploy targets, runtime logs — is yours to wire in. Install the ZCP MCP locally and run `zcli vpn up`, and any of these agents can now reach a real Zerops project alongside your local code: services addressed by hostname, deploys, logs, events.</p>
+</section>
+
+<section className="zcp-landscape-section">
+  <header>
+    <h4>Code-execution sandboxes</h4>
+    <div className="zcp-landscape-section__logos">
+      <img src="/img/landscape/e2b.ico" alt="E2B" />
+      <img src="/img/landscape/modal.png" alt="Modal" />
+      <img src="/img/landscape/daytona.ico" alt="Daytona" />
+      <img src="/img/landscape/codesandbox.svg" alt="CodeSandbox SDK" />
+    </div>
+    <p className="zcp-landscape-section__examples">E2B · Modal · Daytona · CodeSandbox SDK</p>
+  </header>
+  <p>Ephemeral Linux environments that AI *applications* spin up — often per request — to execute generated code safely. The right primitive when you're building a product that needs a model to run untrusted code and hand back the output. They're a building block for AI applications, not somewhere a coding agent settles in to iterate on your project. Different shape from ZCP; they show up here because the names cluster nearby.</p>
+</section>
+
+<section className="zcp-landscape-section">
+  <header>
+    <h4>Agent SDKs and frameworks</h4>
+    <div className="zcp-landscape-section__logos">
+      <img src="/img/landscape/cloudflare.png" alt="Cloudflare Agents" />
+      <img src="/img/landscape/vercel.ico" alt="Vercel AI SDK" />
+      <img src="/img/landscape/mastra.png" alt="Mastra" />
+      <img src="/img/landscape/anthropic.ico" alt="Anthropic Agent SDK" />
+    </div>
+    <p className="zcp-landscape-section__examples">Cloudflare Agents · Vercel AI SDK · Mastra · Anthropic Agent SDK</p>
+  </header>
+  <p>Libraries for building and shipping agents to *your* users — tool calling, memory, orchestration, model providers, sometimes hosting. They're how somebody would build a product like ZCP, not where a coding agent runs against a project. Same disambiguation — adjacent on the shelf, different shape.</p>
+</section>
+
+<br/><br/>
+
+## Where to start
+
+<DocCardList items={[
+  { type: 'link', href: '/zcp/quickstart', label: 'Quickstart', customProps: { icon: Icons['rocket-launch'], description: 'AI Agent recipe, Claude Code, and a real product change in about five minutes.' } },
+  { type: 'link', href: '/zcp/overview', label: 'ZCP MCP overview', customProps: { icon: Icons['sparkles'], description: 'What the `zcp` MCP gives the agent, where it runs, and how a run ends in proof or a blocker.' } },
+  { type: 'link', href: '/zcp/setup/choose-workspace', label: 'Remote or local setup', customProps: { icon: Icons['computer-desktop'], description: 'Choose where the `zcp` MCP runs — inside Zerops with bundled tools, or beside your local editor.' } },
+  { type: 'link', href: '/zcp/workflows/build-with-zcp', label: 'Build and ship', customProps: { icon: Icons['circle-stack'], description: 'Runtime layout, development, delivery, packaging, and production release.' } },
+]} />
diff --git a/apps/docs/content/features/local-remote-development.mdx b/apps/docs/content/features/local-remote-development.mdx
new file mode 100644
index 000000000..af7cc8269
--- /dev/null
+++ b/apps/docs/content/features/local-remote-development.mdx
@@ -0,0 +1,138 @@
+---
+title: Local & Remote Development
+description: Three ways to develop on Zerops — local with VPN, Cloud IDE, or your native IDE over SSH. Same network, same managed services, same pipeline as production.
+---
+
+import Icons from '@theme/Icon';
+
+Zerops development is network-first. Keep your editor on your laptop, work fully inside Zerops, or use a native editor over SSH — in each case you join the same project-private network with the same hostnames, credentials, managed services, and deploy pipeline that staging and production use. What changes between environments is policy: credentials, resources, access rules, data, and release authority — not the platform underneath.
+
+## How development on Zerops works
+
+Every project ships with a private network. Services reach each other by hostname (`db:5432`, `api:3000`, `redis:6379`), with credentials injected as environment variables.
+
+The development question is how you get onto that network. Three paths give you the same project-private reach, with different filesystem, tooling, and credential boundaries.
+
+- **Local + VPN.** Your laptop joins the private network via WireGuard. Editor, toolchain, and processes stay where they are. A hosted workspace is not required.
+- **Cloud IDE.** A Linux workspace in the project, accessed through VS Code Server in the dashboard. Zero local setup.
+- **Native IDE over SSH.** SSH from your local VS Code, JetBrains Gateway, Cursor, or plain `ssh` into a workspace or directly into a runtime service container.
+
+Switch paths without reprovisioning the project. A teammate on Local + VPN and another in the Cloud IDE are hitting the same `db:5432`.
+
+<AsciiGraph ariaLabel="Three access paths converging on the project private network">{`   Laptop + editor          Browser tab          Laptop + native IDE
+          │                      │                        │
+     `}<span className="ascii-graph__highlight">{`zcli vpn up`}</span>{`          `}<span className="ascii-graph__highlight">{`VS Code Server`}</span>{`             `}<span className="ascii-graph__highlight">{`zcli vpn up`}</span>{`
+     (WireGuard)          on the project             + `}<span className="ascii-graph__highlight">{`ssh apidev`}</span>{`
+          │                      │                        │
+          └──────────────────────┴────────────────────────┘
+                                 │
+                                 ▼
+         ┌─────────── project private network ───────────┐
+         │                                               │
+         │     `}<span className="ascii-graph__highlight">{`api:3000`}</span>{`      `}<span className="ascii-graph__highlight">{`db:5432`}</span>{`      `}<span className="ascii-graph__highlight">{`cache:6379`}</span>{`     │
+         │                                               │
+         └───────────────────────────────────────────────┘`}</AsciiGraph>
+
+## Local + VPN
+
+**Best for:** keeping your existing editor, dotfiles, and toolchain — and offloading just the dependencies that are painful to run locally.
+
+```bash
+zcli vpn up <project-id>
+
+psql "postgresql://app:secret@db:5432/myapp"
+redis-cli -h cache -p 6379
+ssh apidev
+```
+
+Your laptop can reach project services by hostname: Postgres, Valkey, S3-compatible storage, runtime containers, and any other service in the project. You can keep your normal dev loop and point it at `db:5432` instead of a local mock or Docker Compose dependency.
+
+You do not need a hosted workspace, `zcli push`, or a new editor for this path.
+
+**Source control.** Use git on your laptop the way you always have. Commits, pushes, SSH agent against GitHub, your existing credentials — nothing about Zerops sits between you and the remote.
+
+:::info Complete VPN setup
+See the [VPN reference guide](/references/networking/vpn).
+:::
+
+## Cloud IDE in Zerops
+
+**Best for:** zero local setup, working from a machine that isn't yours, or wanting a pristine environment that doesn't touch your laptop.
+
+A hosted workspace is a normal Zerops service in the project. It gives you a project-contained Linux environment with private-network access, optional Browser VS Code, `zcli`, git tooling, database CLIs, and shell utilities.
+
+The workspace can also mount runtime service files, so you can inspect or edit code that runs in another container without moving it to your laptop:
+
+```bash
+ls /var/www/apidev
+ls /var/www/frontenddev
+vim /var/www/apidev/src/server.ts
+```
+
+The dev server in the runtime container hot-reloads, the database is the same `db:5432`, and staging deploys still go through the Zerops deploy pipeline.
+
+The Cloud IDE itself is configurable. Two access methods:
+
+- **VPN Only.** The IDE is reachable through `zcli vpn up`, no public exposure. Most secure.
+- **Public Access.** The IDE is reachable on a `.zerops.app` subdomain, gated by an auto-generated password.
+
+**Source control.** The hosted workspace isn't on your laptop, so your local SSH keys don't follow it. Two patterns work:
+
+- **GitHub via `gh`.** The GitHub CLI is preinstalled. Run `gh auth login` once and `gh` handles HTTPS auth, PR creation, and review flows from the container.
+- **Token in env vars.** Save a fine-grained personal access token to the workspace service's secret environment variables; `git` reads it through a credential helper.
+
+Either pattern keeps your token in the workspace service, not in your project's source.
+
+## Native IDE over SSH
+
+**Best for:** native editor UX without carrying the toolchain or databases on your laptop.
+
+Once `zcli vpn up` is connected, every container on the project's private network is reachable from your laptop over SSH. Any editor that speaks Remote SSH can use it: VS Code Remote SSH, JetBrains Gateway, Cursor, Zed, or plain `vim`.
+
+```bash
+ssh apidev               # any runtime service in the project
+ssh frontenddev
+```
+
+In this path, a hosted workspace is convenient but not required. You can connect straight to `apidev`, edit the source there, and run the dev server in the same container. A hosted workspace is only a convenience layer when you want shared tools, runtime file mounts, or Cloud IDE.
+
+**Source control.** SSH agent forwarding works the same way it does to any other machine. Add your local SSH key to your agent (`ssh-add`), and `git push` from inside `apidev` or the workspace service uses your laptop's GitHub key over the forwarded agent socket — no token storage required.
+
+```ssh-config
+# Local ~/.ssh/config
+Host apidev.zerops
+    HostName apidev
+    ForwardAgent yes
+```
+
+:::info SSH access details
+See the [SSH reference guide](/references/networking/ssh).
+:::
+
+## Picking a path
+
+|                       | Local + VPN        | Cloud IDE                  | Native IDE over SSH               |
+| --------------------- | ------------------ | -------------------------- | --------------------------------- |
+| Editor runs           | Local              | Browser                    | Local                             |
+| Toolchain             | Local              | Hosted workspace           | Hosted workspace or service container |
+| Network entry         | WireGuard VPN      | Browser into the project   | WireGuard VPN, then SSH           |
+| Hosted workspace required | No              | Yes                        | No (convenience)                  |
+| Git auth              | Local credentials  | `gh` or token in env       | SSH agent forwarding              |
+| Best for              | Keeping your setup | Disposable environments    | Native UX, lighter laptop         |
+
+## Why this is not just a cloud IDE
+
+If you've used GitHub Codespaces or Gitpod, Cloud IDE looks similar: a Linux container in the cloud, accessed from a browser or local IDE. Two structural differences matter.
+
+**You don't have to be in the editor.** Codespaces and Gitpod are editor-first. Zerops is network-first. Cloud IDE is one way to reach the project's private network; `zcli vpn up` lets you skip the editor environment entirely and consume the project's managed services from your existing local setup. The hosted workspace itself is just another Zerops service — SSH in, install packages, run processes, configure it however you want.
+
+**Your dev environment runs the same platform as production.** On a CDE, your dev container is one platform and the deployment target is another — making "works on my machine" a fact of life. On Zerops, dev Postgres, queue, cache, or object storage is the same managed service type the app meets later in stage and prod, on the same private network, with the same `zerops.yaml`. Policy differs across environments; the platform underneath doesn't.
+
+## Where to start
+
+<DocCardList items={[
+  { type: 'link', href: '/references/networking/vpn', label: 'VPN reference', customProps: { icon: Icons['link'], description: 'Connect your laptop to a Zerops project-private network.' } },
+  { type: 'link', href: '/references/networking/ssh', label: 'SSH reference', customProps: { icon: Icons['command-line'], description: 'Use a native editor or shell over SSH.' } },
+  { type: 'link', href: '/features/pipeline', label: 'Build & deploy pipeline', customProps: { icon: Icons['circle-stack'], description: 'Build and deploy from the same project model.' } },
+  { type: 'link', href: '/features/coding-agents', label: 'Infrastructure for Coding Agents', customProps: { icon: Icons['sparkles'], description: 'The sibling feature: agents working on Zerops projects through the same access model.' } },
+]} />
diff --git a/apps/docs/content/guides/local-development.mdx b/apps/docs/content/guides/local-development.mdx
deleted file mode 100644
index d0f8d0292..000000000
--- a/apps/docs/content/guides/local-development.mdx
+++ /dev/null
@@ -1,131 +0,0 @@
----
-title: "Local Development with Zerops"
-description: "Develop locally with hot reload while connecting to Zerops managed services (DB, cache, storage) via VPN. ZCP generates `.env` with real credentials. Deploy to Zerops with `zerops_deploy` which uses `zcli push` under the hood."
----
-
-Develop locally with hot reload while connecting to Zerops managed services (DB, cache, storage) via VPN. ZCP generates `.env` with real credentials. Deploy to Zerops with `zerops_deploy` which uses `zcli push` under the hood.
-
----
-
-## Setup
-
-### Prerequisites
-- **zcli** installed: `npm i -g @zerops/zcli` or [docs.zerops.io/references/cli](https://docs.zerops.io/references/cli)
-- **VPN**: WireGuard (installed by zcli automatically on first `zcli vpn up`)
-- **Project-scoped token**: Create in Zerops GUI → Settings → Access Tokens → Custom access per project
-
-### Configuration
-```json
-// .mcp.json (in project root)
-{
-  "mcpServers": {
-    "zcp": {
-      "command": "zcp",
-      "env": { "ZCP_API_KEY": "<project-scoped-token>" }
-    }
-  }
-}
-```
-
----
-
-## Workflow
-
-### 1. Connect to Zerops services
-```bash
-zcli vpn up <project-id>
-```
-- All services accessible by hostname (e.g., `db`, `cache`)
-- One project at a time — switching disconnects the current
-- **Env vars NOT available via VPN** — use `.env` file instead
-
-### 2. Load credentials
-ZCP generates `.env` from `zerops_discover`:
-```
-db_host=db
-db_port=5432
-db_password=<actual-password>
-db_connectionString=postgresql://db:<actual>@db:5432/db
-```
-
-How to load:
-| Runtime | Method |
-|---------|--------|
-| Node.js 20+ | `node --env-file .env app.js` |
-| Next.js, Vite, Nuxt | Automatic (reads `.env`) |
-| PHP/Laravel | Automatic (reads `.env`) |
-| Python | `python-dotenv` or `django-environ` |
-| Go | `godotenv.Load()` or `source .env && go run .` |
-| Java/Spring | `spring-dotenv` or `application.properties` |
-
-### 3. Develop locally
-Start your dev server as usual — hot reload works against Zerops managed services over VPN.
-
-### 4. Deploy to Zerops
-```
-zerops_deploy targetService="appstage"
-```
-Uses `zcli push` under the hood. Blocks until build completes.
-
----
-
-## zerops.yml for Local Mode
-
-The same `zerops.yml` works for both local push and container deploy:
-
-```yaml
-zerops:
-  - setup: appstage
-    build:
-      base: nodejs@22
-      buildCommands:
-        - npm ci
-        - npm run build
-      deployFiles: ./dist
-    run:
-      start: node dist/server.js
-      ports:
-        - port: 3000
-          httpSupport: true
-      envVariables:
-        DB_URL: ${db_connectionString}
-```
-
-`${hostname_varName}` references are resolved by Zerops at container runtime — they work regardless of push source (local or container).
-
----
-
-## Connection Troubleshooting
-
-| Symptom | Diagnosis | Fix |
-|---------|-----------|-----|
-| `nc -zv db 5432` times out | VPN not connected | `zcli vpn up <project-id>` |
-| VPN connected, still timeout | Wrong project | `zcli vpn up <correct-project-id>` |
-| Connected but auth fails | Stale .env | Regenerate from `zerops_discover includeEnvs=true` |
-| Service unreachable | Service stopped | `zerops_manage action="start" serviceHostname="db"` |
-
-### Diagnostic sequence
-1. `zerops_discover service="db"` — is service RUNNING?
-2. `nc -zv db 5432 -w 3` — network reachable?
-3. Compare `.env` vs `zerops_discover includeEnvs=true` — credentials current?
-
----
-
-## Multi-Project
-
-Each project directory has its own `.mcp.json` + `.zcp/state/`. VPN is one per machine — switch manually:
-```bash
-zcli vpn up <project-a-id>  # work on project A
-zcli vpn up <project-b-id>  # auto-disconnects A, connects B
-```
-
----
-
-## Gotchas
-
-1. **VPN = network only**: Env vars must come from `.env` file, not VPN connection
-2. **`.env` contains secrets**: Add to `.gitignore` immediately — never commit
-3. **Deploy = new container**: Local files on Zerops are lost on every deploy. Only `deployFiles` content persists
-4. **One VPN project at a time**: Connecting to project B disconnects project A
-5. **Object storage (S3)**: Uses HTTPS apiUrl — may work without VPN but not fully verified. Include VPN as fallback
-6. **zcli must be installed**: `zerops_deploy` requires zcli in PATH. Error message includes install link if missing
diff --git a/apps/docs/content/zcp/concept/how-it-works.mdx b/apps/docs/content/zcp/concept/how-it-works.mdx
new file mode 100644
index 000000000..c1124ff8d
--- /dev/null
+++ b/apps/docs/content/zcp/concept/how-it-works.mdx
@@ -0,0 +1,175 @@
+---
+title: 'How it works'
+description: 'The work loop: live state, runtime target, service setup, app work, verification, recovery, and delivery.'
+---
+
+The ZCP MCP setup gives a coding agent a **work loop** for Zerops app work. The agent reads live state, chooses the app runtime and dependencies, changes the app, deploys through Zerops, verifies real behavior, and returns proof or a blocker.
+
+The loop is carried by project-scoped Zerops operations, Zerops-specific knowledge, and instructions for what to inspect, what to change, when to ask, and what counts as done. You describe the product outcome; the agent uses the loop to make its decisions visible while it works.
+
+The source of truth is the real project: runtimes, managed services, env references, logs, events, and deploy results. A separate preview sandbox is not the source of truth.
+
+## The work loop
+
+```mermaid
+flowchart TD
+  intent["Product intent<br/><code>Build a task board for my team.</code>"]
+  state["Live state<br/>services, runtime layout, env vars,<br/>logs, events, saved work state"]
+  scope["Runtime target<br/>which app service changes"]
+  setup{"Missing or unsuitable<br/>services?"}
+  provision["Service setup<br/>use existing services or create<br/>missing runtimes/dependencies"]
+  appwork["App work<br/>code, <code>zerops.yaml</code>, env refs,<br/>migrations, seeds, framework config"]
+  deploy["Direct deploy through Zerops"]
+  reachability{"Runtime reachable?<br/>status, logs, HTTP probe"}
+  behavior{"Requested behavior works?<br/>endpoint, UI flow, worker result,<br/>persisted state"}
+  evidence["Evidence<br/>build logs, runtime logs,<br/>events, verify output"]
+  proof["Proof<br/>URL, endpoint result,<br/>UI state, or stored result"]
+  delivery["Delivery after proof<br/>keep direct deploy, push to git,<br/>or hand off"]
+  blocker["Blocker<br/>credential, decision,<br/>unsupported fit,<br/>repeated failure"]
+
+  intent --> state --> scope --> setup
+  setup -->|yes| provision --> appwork
+  setup -->|no| appwork
+  appwork --> deploy --> reachability
+  reachability -->|no, fixable| evidence --> appwork
+  reachability -->|yes| behavior
+  behavior -->|no, fixable| evidence
+  behavior -->|yes| proof --> delivery
+  setup -->|needs decision| blocker
+  reachability -->|needs human| blocker
+  behavior -->|needs human| blocker
+
+  classDef user fill:#f7fbff,stroke:#2d72d9,stroke-width:1.5px,color:#172033;
+  classDef zcpbox fill:#eef7f1,stroke:#32845a,stroke-width:1.5px,color:#172033;
+  classDef work fill:#fffaf0,stroke:#c47f17,stroke-width:1.5px,color:#172033;
+  classDef done fill:#f5f3ff,stroke:#7157d9,stroke-width:1.5px,color:#172033;
+  classDef stop fill:#fff1f2,stroke:#d33f49,stroke-width:1.5px,color:#172033;
+
+  class intent user;
+  class state,scope zcpbox;
+  class setup,provision,appwork,deploy,reachability,behavior,evidence work;
+  class proof,delivery done;
+  class blocker stop;
+```
+
+The loop keeps the agent working from evidence instead of a guessed checklist: current state, Zerops wiring rules, deploy evidence, and the distinction between proof and blocker.
+
+## What "live state" means
+
+The MCP tools read Zerops instead of asking you to paste a service inventory into the prompt. Useful state includes:
+
+- runtime services and managed services,
+- whether the app has one runtime, a dev+stage pair, or local files linked to a Zerops runtime,
+- env-var keys and Zerops references,
+- recent build/deploy events,
+- build logs, runtime logs, and verification output,
+- saved work state after an interrupted session.
+
+This is why a short prompt can be enough. The agent can ask what exists, which runtime was last deployed, which checks passed, and where a previous run stopped.
+
+Chat history is not the source of truth. If the agent sounds confused, starts from an old assumption, or a session was interrupted, the recovery move is:
+
+```text
+Read current project status and tell me where this project stands before changing anything.
+```
+
+## What the workflow handles
+
+The workflow handles the things an agent must resolve during app work so you do not have to name them in the prompt. The tools and instructions supply the state, guidance, operations, and verification surface so the agent can work from evidence.
+
+| What the workflow handles | What the agent gets                                                                                                 | What that means for you                                                       |
+| ------------------------- | ------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------- |
+| Live state       | Services, env-var keys, Zerops references, recent events, logs, verification output, and saved work state.          | You do not have to paste a service inventory or reconstruct what happened.    |
+| Runtime target   | Rules for choosing the app runtime that should receive code changes.                                                | The agent can identify where app work belongs before editing or deploying.    |
+| Managed services | Knowledge and env wiring patterns for database, cache, queue, search, storage, mail, and similar services.          | Product intent can imply real dependencies without a manual wiring checklist. |
+| Service setup    | Operations for using existing services or creating missing runtimes and dependencies.                               | Runtime layout and dependencies can be established before app work starts.    |
+| App wiring       | Zerops-specific rules for `zerops.yaml`, env references, ports, commands, public access, and build/deploy behavior. | The app is wired for Zerops rather than for a generic cloud template.         |
+| Deploy evidence  | Build logs, runtime logs, platform events, service status, HTTP checks, and structured verification output.         | A failed deploy becomes a diagnosis surface instead of guesswork.             |
+| Behavior proof   | The proof gate is the requested behavior, not only a successful build or reachable root URL.                        | The final answer can point to what was actually checked.                      |
+| Delivery handoff | Direct proof first; then git push, CI, or human handoff when that is the chosen delivery choice.                    | Shipping setup follows a verified running result.                             |
+
+The exact labels for layouts, delivery modes, and setup routes live in the [Glossary](/zcp/glossary) and [Workflows in depth](/zcp/reference/agent-workflow).
+
+## Service setup prepares the project layout
+
+Before app code work starts, the workflow makes three decisions visible:
+
+- Which runtime service is the app target?
+- Which managed services are dependencies?
+- Does the existing project layout fit the request?
+
+If the services already exist, the agent can use them. If a needed runtime or dependency is missing, the tools can create it. If the choice affects cost, product scope, credentials, a destructive action, or which stage/runtime should be used, the agent should stop and ask.
+
+Service setup is finished when the app runtime and dependencies are known. It is the layout that lets app work happen in the right place.
+
+## App work changes code and platform wiring together
+
+After the runtime target is known, the agent gets the platform knowledge needed to make the application change. In practice this often spans both source code and Zerops wiring:
+
+- app files,
+- `zerops.yaml` build and run setup,
+- env references to managed services,
+- migrations, seeds, and framework config,
+- start commands, ports, and public HTTP support,
+- local `.env` generation when using local setup.
+
+That guidance matters because Zerops is its own platform. Service references, build/deploy behavior, public access, scaling, and env resolution do not follow Docker Compose or Kubernetes conventions.
+
+The first functional deploy goes directly through MCP so the agent has a running result to verify. A repository push or CI handoff can follow, but it should not replace the first proof.
+
+## Recovery is evidence-driven
+
+When something fails, the workflow puts the agent on the matching evidence surface — build logs for build failures, prepare/runtime logs for start failures, verify output and request-time logs for behavior failures, transport surfaces for network failures, field-level rejection for config, and the named credential surface for credential failures. The full categories, what to read first, and what to avoid live in [Troubleshooting](/zcp/reference/troubleshooting).
+
+Retrying the same deploy without new evidence is not progress. The loop pushes toward one of three outcomes: fix from a cause, ask for the missing decision, or report a blocker with the category, evidence read, and attempts made.
+
+## Verification has two layers
+
+A successful deploy proves that Zerops accepted the build and started the runtime. Reachability checks prove the service is running and reachable. They still do not prove the product request.
+
+For a task-board app, useful behavior proof might be:
+
+- create a task,
+- move it between columns,
+- refresh the page,
+- confirm the task is still there.
+
+For an API task, proof might be a JSON response from the requested endpoint and stored data behind it. For a worker task, proof might be a processed job and the resulting database or object-storage state. For a staging request, proof belongs on the stage runtime, not only on dev.
+
+The final answer should make proof inspectable: runtime name, URL or endpoint, behavior checked, and delivery choice if one was set.
+
+## Delivery happens after proof
+
+Delivery choice controls how future changes ship after a verified runtime exists: keep direct deploy, push to git, or hand off to CI/release/human action. The user-facing version of this choice and what to tell the agent for each option lives in [Build and ship → Choose delivery after proof](/zcp/workflows/build-with-zcp#choose-delivery-after-proof).
+
+Packaging a running service turns a deployed runtime into a re-importable bundle for another Zerops project. It is useful for handoff or reuse after proof, not for deploying the next app change; see [Package a running service](/zcp/workflows/package-running-service).
+
+## Remote and local setup use the same loop
+
+The same `zcp` binary can run in two places. The control loop stays the same; filesystem and network access change. A human can take over from the same evidence either way: files, runtime target, logs, events, verification result, and delivery state.
+
+| Setup        | What runs where                                                                                                                                             | Practical effect                                                                                                                                                                                     |
+| ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Remote setup | A `zcp@1` service runs the `zcp` binary inside Zerops. **Include Coding Agent** adds the bundled agent CLI; **Cloud IDE** adds Browser VS Code. | Work happens inside the remote workspace, with private networking and runtime file mounts. |
+| Local setup  | The `zcp` binary runs on your laptop after `zcp init`, and your local editor or CLI agent talks to it.                                         | App files, deploy source, and git credentials stay local. Managed services are reached over Zerops VPN, and `.env` generation bridges credentials into your local app. |
+
+Choose setup by where the agent and filesystem should live: [Remote or local setup](/zcp/setup/choose-workspace).
+
+## Signs of a healthy run
+
+A well-shaped run should:
+
+- name the runtime target before editing or deploying,
+- use existing services when they fit,
+- create missing services only before app work starts,
+- read logs, events, and verify output when failure occurs,
+- distinguish runtime reachability from requested behavior,
+- stop before destructive actions, ambiguous runtime/stage choices, or missing credentials,
+- end with proof or a blocker.
+
+That is the practical difference between "the agent wrote code" and "the app task is done".
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) — normal app work after setup.
+- [Workflows in depth](/zcp/reference/agent-workflow) — process gates, generated files, runtime layouts, delivery labels, and completion evidence.
diff --git a/apps/docs/content/zcp/glossary.mdx b/apps/docs/content/zcp/glossary.mdx
new file mode 100644
index 000000000..b9012bcdc
--- /dev/null
+++ b/apps/docs/content/zcp/glossary.mdx
@@ -0,0 +1,134 @@
+---
+title: 'Glossary'
+description: 'Short definitions for ZCP MCP, remote setup, local setup, workflow, delivery, production, and credential terms.'
+---
+
+Use these definitions when a page, workflow status, agent handoff, or policy needs exact wording. In normal prompts, describe the outcome you want.
+
+## Core names
+
+**ZCP MCP** - Zerops Control Plane MCP: the MCP tool surface that exposes project-scoped Zerops operations to coding agents.
+
+**MCP server** - the Model Context Protocol server exposed by the `zcp` binary.
+
+**ZCP MCP tools** - the project-scoped Zerops operations exposed to an agent or MCP-capable client. In MCP clients, this usually appears as the `zerops` server.
+
+**`zcp` binary** - the executable that can run inside remote setup or on your machine in local setup.
+
+**`zcp` service** - the service instance in a Zerops project that hosts remote setup.
+
+**`zcp@1` service** - the Zerops service type used for remote setup.
+
+**zCLI** - the Zerops command-line client for humans, scripts, VPN, and CI. It is separate from ZCP MCP.
+
+**zsc** - the in-container Zerops Setup Control utility used from `zerops.yaml`.
+
+## Setup and workspace
+
+**Remote setup** - the `zcp` binary running inside a Zerops `zcp@1` service.
+
+**Include Coding Agent** - remote setup option that adds the bundled agent CLI, currently Claude Code, and preconfigures it to use ZCP MCP tools.
+
+**Cloud IDE** - browser-based VS Code served by remote setup.
+
+**Browser VS Code** - dashboard entry point into the Cloud IDE.
+
+**AI Agent environment** - recipe environment preset that creates app services plus remote setup with **Include Coding Agent** enabled.
+
+**Local setup** - the `zcp` binary running on your machine after `zcp init`, while your local editor or CLI agent talks to it.
+
+**Env bridge** - local setup behavior that writes a local `.env` snapshot from Zerops env vars and references so local app code can reach managed services over VPN.
+
+**Agent client** - the editor, CLI, hosted agent runtime, or custom MCP client that connects to ZCP MCP.
+
+## Generated files and state
+
+**Generated workflow block** - the managed section in `CLAUDE.md` between `<!-- ZCP:BEGIN -->` and `<!-- ZCP:END -->`. Durable project instructions belong outside it.
+
+**`.mcp.json`** - local MCP server config. It points the local agent client at `zcp serve` and stores `ZCP_API_KEY`; keep it out of git.
+
+**`.zcp/state/`** - local workflow metadata for a project directory: known runtimes, pairing, delivery choice, sessions, deploy attempts, verify attempts, and coordination locks. It is not source code.
+
+**Workflow state** - saved metadata that lets the agent resume, audit, or close a guided run after interruption.
+
+## Workflow
+
+**Bootstrap** - workflow phase that reads the current project and settles which runtime services and managed services the app should use before app code work starts.
+
+**Service setup** - the phase that decides which runtime services and managed services the app should use before app code work starts.
+
+**Develop** - workflow phase that changes app code/config, deploys, verifies reachability and behavior, and fixes failures from evidence.
+
+**Runtime target** - the app runtime selected for the current change, such as `appdev`, `appstage`, `app`, or a linked local target.
+
+<span id="runtime-layout"></span>**Runtime layout** - which app runtime services the workflow should use:
+
+- `standard` - dev runtime plus explicit stage runtime.
+- `dev` - one mutable development runtime.
+- `simple` - one runtime with no dev/stage split.
+- `local-stage` - local source directory linked to one Zerops runtime as deploy target.
+- `local-only` - local source directory with no linked runtime yet.
+
+**Managed service** - database, cache, queue, search, storage, mail, or similar dependency. It provides connection details; it is not an app deploy target.
+
+**Direct deploy** - deploy from the current source to the scoped runtime through ZCP MCP. The first verified running result uses direct deploy before delivery setup is applied.
+
+**Reachability verification** - checks that the runtime exists, is running, has no recent blocking errors, and can answer an HTTP probe when it is an HTTP service.
+
+**Behavior verification** - checks that the requested app behavior works on the real URL, endpoint, worker result, or stored state.
+
+**Proof** - user-inspectable completion evidence, such as a URL, endpoint result, UI state, processed job, or stored result.
+
+**Blocker** - a clear stop state with evidence: failure category, runtime in scope, what was tried, and what decision or credential is needed.
+
+## Delivery and production
+
+**Delivery choice** - what happens after a verified deploy: keep direct deploy, push to git, or hand off to CI/release/human process.
+
+**Delivery mode** - exact reference label for delivery choice:
+
+- `auto` - keep direct deploy for future changes.
+- `git-push` - commit and push to a configured remote, then observe/verify any tracked build.
+- `manual` - external CI, release process, or a human owns future delivery.
+
+**Git-push capability** - whether remote setup has enough remote URL and credential setup to push from remote setup. It can exist even when the current delivery mode is `auto`.
+
+**Build integration** - repository-triggered build/deploy path that ZCP MCP may configure or observe, such as a Zerops dashboard webhook or GitHub Actions. It is separate from git-push capability and delivery mode.
+
+**Package a running service** - workflow that turns one verified runtime and its managed dependencies into a re-importable, git-backed Zerops bundle.
+
+**Production release** - the release operation that moves verified dev or stage work into a separate production Zerops project. It is set up once per project (production infrastructure) and once per runtime (production deploy trigger), then runs every release.
+
+**Production boundary** - policy that production should live in a separate Zerops project without a `zcp` service and receive promoted work through CI, release process, or human action.
+
+## Platform and failure terms
+
+**Service scaling mode** - Zerops scaling setting such as `HA` or `NON_HA`. Different from runtime layout.
+
+**Public subdomain access** - Zerops `.zerops.app` URL access for an eligible HTTP runtime. Workers and non-HTTP services do not get useful public URLs.
+
+<span id="failure-category"></span>**Failure category** - label that points to the first useful evidence surface:
+
+- `build` - build phase failed.
+- `start` - build passed, but runtime start or prepare failed.
+- `verify` - runtime exists, but reachability or behavior failed.
+- `network` - transport, DNS, VPN, SSH, or service-to-service reach failed.
+- `config` - `zerops.yaml`, env vars, setup block, or service settings mismatch.
+- `credential` - Zerops, git, SSH, managed-service, or external API credential failed.
+- `other` - no known category matched.
+
+**Confirmation gate** - an operation that pauses until the user explicitly confirms the named target or consequence.
+
+**Destructive import override** - import action that would replace an existing service stack. ZCP MCP refuses first, names affected services, and requires a matching acknowledgement before proceeding.
+
+## Credentials
+
+**Single-project token** - Zerops token that can access exactly one project. ZCP MCP expects this shape.
+
+**`ZCP_API_KEY`** - single-project Zerops token used by ZCP MCP.
+
+**`GIT_TOKEN`** - git provider credential used by remote git-push delivery when needed.
+
+**`ZEROPS_TOKEN`** - Zerops token commonly used by GitHub Actions or external CI that runs `zcli`.
+
+**External secret** - third-party credential such as Stripe, OpenAI, Mailgun, or GitHub API access. The agent can wire placeholders and env vars, but the secret value remains your responsibility.
diff --git a/apps/docs/content/zcp/overview.mdx b/apps/docs/content/zcp/overview.mdx
new file mode 100644
index 000000000..fbaf5ebe0
--- /dev/null
+++ b/apps/docs/content/zcp/overview.mdx
@@ -0,0 +1,152 @@
+---
+title: 'ZCP MCP for Zerops projects'
+description: 'How the ZCP MCP server lets a coding agent work with one real Zerops project.'
+---
+
+import Image from '/src/components/Image';
+
+:::info Public preview
+ZCP MCP is a public preview and is under active development. If you hit a bug, confusing behavior, or a missing workflow, please report it on <a href="/discord" target="_blank" rel="noopener noreferrer">Discord</a>; feedback from real projects is especially useful.
+:::
+
+This section covers, in order:
+
+<div className="zcp-claim-grid">
+
+<div className="zcp-claim-card">
+
+<span>GET STARTED</span>
+
+<h3>Quickstart and concept</h3>
+
+[Quickstart](/zcp/quickstart) for hands-on; [How it works](/zcp/concept/how-it-works) for the work loop.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>SETUP</span>
+
+<h3>Remote or local workspace</h3>
+
+[Remote or local setup](/zcp/setup/choose-workspace), [Trust model](/zcp/security/trust-model), and [Production boundary](/zcp/security/production-policy).
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>WORKFLOWS</span>
+
+<h3>Build, package, promote</h3>
+
+[Build and ship](/zcp/workflows/build-with-zcp), [Package a running service](/zcp/workflows/package-running-service), [Promote to production](/zcp/workflows/promote-to-production).
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>REFERENCE</span>
+
+<h3>Troubleshooting and lookup</h3>
+
+[Workflows in depth](/zcp/reference/agent-workflow), [ZCP MCP tools](/zcp/reference/mcp-operations), [Troubleshooting](/zcp/reference/troubleshooting), [Glossary](/zcp/glossary).
+
+</div>
+
+</div>
+
+For the broader feature concept — why coding agents need real project infrastructure rather than a sandbox or generated artifact — start with [Infrastructure for Coding Agents](/features/coding-agents).
+
+With the generated workflow instructions enabled, an app task ends in proof or a blocker. **Proof** is a deployed runtime plus the URL, endpoint response, UI state, worker result, or stored data that shows the requested behavior works. A **blocker** is the agent reading the relevant Zerops evidence and naming the missing credential, decision, unsupported fit, or repeated failure.
+
+Your prompt can stay about the product. Name the stack, runtime layout, acceptance criteria, delivery path, external credentials, or risky approval only when those decisions matter.
+
+## What the agent gets
+
+<div className="zcp-claim-grid">
+
+<div className="zcp-claim-card">
+
+<span>STATE</span>
+
+### Current state
+
+Services, runtime layout, managed dependencies, env-var keys and references, logs, events, deploy history, verification state, and saved work state.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>CONTROLS</span>
+
+### Zerops operations
+
+Project-scoped tools for discovering services, changing env vars, managing runtimes, deploying, verifying, scaling, public access, and delivery setup.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>INSTRUCTIONS</span>
+
+### Workflow
+
+The generated instructions combine service setup and app development: inspect state, choose the runtime target, use or create services, wire code and `zerops.yaml`, deploy, verify, and choose delivery. The Zerops work stays behind the product task instead of becoming another checklist.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>EVIDENCE</span>
+
+### Evidence-based completion
+
+A build or deploy is not the finish line. A completed app task should end with a working URL, endpoint result, UI proof, or a blocker backed by logs, events, and verification evidence.
+
+</div>
+
+</div>
+
+## What you no longer have to script
+
+Without this layer, an app prompt often turns into an operations runbook. With MCP tools and workflow instructions enabled, you should not need to paste:
+
+- the service map, runtime target, dev/stage state, or managed-service inventory,
+- database credentials, private hostnames, env-var references, or generated connection strings,
+- build logs, runtime logs, event timelines, or a guess about why the last deploy failed,
+- a deploy/verify/recovery script for every task,
+- a recap after the chat loses context; the agent can read current workflow status.
+
+**You still own the decisions that need human judgment:** product intent, technology constraints, acceptance criteria, external credentials, repository policy, and approval for destructive actions.
+
+## Where it runs
+
+The **same `zcp` binary** runs in both setups. In [remote setup](/zcp/setup/hosted-workspace), Zerops packages it as a `zcp@1` service with Browser VS Code and bundled agent wiring. In [local setup](/zcp/setup/local-agent-bridge), you install it on your machine and connect your own editor or CLI agent. The project surface is the same; the workspace, network access, deploy source, and safety profile differ.
+
+To start, add remote setup in Zerops or initialize local setup beside your editor or CLI agent. The [Quickstart](/zcp/quickstart) uses remote setup because it needs no local install.
+
+<figure style={{ textAlign: 'center', margin: '1.5rem 0' }}>
+  <Image
+    lightImage="/img/zcp/remote-setup-claude-code.jpg"
+    darkImage="/img/zcp/remote-setup-claude-code.jpg"
+    alt="Remote setup with the zcp service in Zerops and Claude Code running in browser VS Code"
+    style={{ width: '95%', height: 'auto' }}
+    caption="Remote setup keeps the zcp service, browser workspace, and bundled agent inside Zerops."
+  />
+</figure>
+
+## Your agent, credentials, and workspace
+
+**Agent account.** Remote setup can include a bundled agent CLI, currently Claude Code, already configured for MCP. Zerops wires the agent to the tools; you still authenticate with your own subscription login or API credentials.
+
+**Zerops token.** The MCP server connects through `ZCP_API_KEY`, a Zerops token limited to one project. Remote setup gets it from the platform; local setup reads it from `.mcp.json`. Token details live in [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+**Workspace freedom.** The `zcp@1` service is still a normal Zerops service. You can install another agent CLI, add private MCP servers or helper tools, edit `CLAUDE.md`, add team dotfiles, and adapt the workspace. Details live in [What remote workspace gives you](/zcp/setup/hosted-workspace#make-customization-persistent).
+
+:::caution Production boundary
+Use this setup for development or staging work. Production should stay in a separate Zerops project and receive released work through your CI or release process; see [Promote to production](/zcp/workflows/promote-to-production) for the practical flow and [Production boundary](/zcp/security/production-policy) for the policy.
+:::
+
+## What stays outside
+
+This section is not a replacement for Zerops platform references. The Zerops [build and deploy pipeline](/features/pipeline), [permissions](/features/rbac), networking, scaling, and service references remain canonical for platform behavior.
diff --git a/apps/docs/content/zcp/quickstart.mdx b/apps/docs/content/zcp/quickstart.mdx
new file mode 100644
index 000000000..c41570832
--- /dev/null
+++ b/apps/docs/content/zcp/quickstart.mdx
@@ -0,0 +1,126 @@
+---
+title: 'Quickstart'
+description: 'Try ZCP with a ready-made AI Agent recipe, Browser VS Code, Claude Code, and one product change.'
+---
+
+import Image from '/src/components/Image';
+import Icons from '@theme/Icon';
+
+Use this when you want the fastest hands-on ZCP loop: deploy an **AI Agent** recipe, authorize Claude Code, open Browser VS Code, and ask for one product change.
+
+Some [Zerops recipes](https://app.zerops.io/recipes) include an **AI Agent** environment. That preset creates app services, managed services, the `zcp@1` workspace, Browser VS Code, and bundled agent wiring in one deploy.
+
+This quickstart uses [Laravel showcase](https://app.zerops.io/recipes/laravel-showcase?environment=ai-agent) because it includes real managed services. The same flow works for other recipes that offer AI Agent (local variants exist too).
+
+## Prerequisites
+
+- A Zerops account with permission to create a project.
+- A Claude Code subscription login or API authentication. Zerops wires Claude Code to ZCP, but your agent subscription or model credentials stay yours.
+
+## 1. Choose the AI Agent recipe
+
+1. Open the [Zerops recipes catalog](https://app.zerops.io/recipes).
+2. Open a recipe with an **AI Agent** environment. For example, open [Laravel showcase](https://app.zerops.io/recipes/laravel-showcase?environment=ai-agent).
+3. Select **AI Agent**.
+4. Keep **Coding Agent** and **Cloud IDE** enabled.
+5. Deploy the recipe.
+
+<figure style={{ textAlign: 'center', margin: '1.5rem 0' }}>
+  <Image
+    lightImage="/img/zcp/quickstart-laravel-ai-agent-recipe.png"
+    darkImage="/img/zcp/quickstart-laravel-ai-agent-recipe.png"
+    alt="Laravel showcase recipe with the AI Agent environment selected and ZCP configuration enabled"
+    style={{ width: '95%', height: 'auto' }}
+    caption="The AI Agent environment adds app services plus remote setup with Coding Agent and Cloud IDE enabled."
+  />
+</figure>
+
+The deploy creates app runtimes, managed dependencies, and a `zcp@1` workspace. In this recipe it appears as the `zcp` service. The agent, terminal, and browser IDE run there. App code still deploys to the app runtimes, not to `zcp`.
+
+## 2. Authorize Claude Code
+
+When provisioning finishes, the dashboard opens the Claude Code authentication flow. Use your own Claude Code subscription login or API credentials.
+
+This is separate from `ZCP_API_KEY`, the Zerops token used by ZCP. Your Claude login or API key is used only by the bundled agent.
+
+If you close the prompt, open the `zcp` service in the dashboard. Its panel shows the browser workspace, web terminal, SSH access, desktop editor access, and agent authorization state.
+
+<figure style={{ textAlign: 'center', margin: '1.5rem 0' }}>
+  <Image
+    lightImage="/img/zcp/quickstart-zcp-service-ready.png"
+    darkImage="/img/zcp/quickstart-zcp-service-ready.png"
+    alt="Claude Code authorization dialog shown over the ZCP service control plane and Browser VS Code terminal"
+    style={{ width: '100%', height: 'auto' }}
+    caption="Claude Code opens an authorization flow inside the workspace. Use your own Claude login or API credentials; ZCP credentials are handled separately."
+  />
+</figure>
+
+## 3. Open the workspace
+
+After authentication, continue into **Browser VS Code**. The workspace opens with files, ZCP configuration, terminal access, and the Claude Code panel.
+
+<figure style={{ textAlign: 'center', margin: '1.5rem 0' }}>
+  <Image
+    lightImage="/img/zcp/quickstart-cloud-ide-claude-code.jpg"
+    darkImage="/img/zcp/quickstart-cloud-ide-claude-code.jpg"
+    alt="Browser VS Code workspace with the Claude Code panel open"
+    style={{ width: '95%', height: 'auto' }}
+    caption="Remote setup keeps the browser IDE and bundled agent inside Zerops."
+  />
+</figure>
+
+You are now inside the remote workspace. The agent can read live state, use the MCP tools, reach private services, and deploy app changes to the runtimes created by the recipe.
+
+## 4. Ask for a product outcome
+
+In Claude Code, ask for the app behavior in natural language. A good first prompt is intentionally short:
+
+```text
+Build a task board for my team.
+Tasks should stay saved after refresh.
+```
+
+The agent should deploy, verify, read evidence, and return proof for the app task. Add detail only when it changes the work.
+
+Add details when they change the product, stack, runtime layout, acceptance criteria, or delivery preference:
+
+```text
+In this Laravel app, add a task board backed by the existing PostgreSQL service.
+A user can create a task, refresh the page, and still see it.
+```
+
+:::note Prompt shape
+
+Quickstart prompts are short so you can see what ZCP carries behind the request. Longer, detailed prompts are fine for larger engineering work, especially when they change product behavior, stack, runtime layout, acceptance criteria, delivery preference, credentials, or safety approvals.
+:::
+
+## 5. Read the proof
+
+The final answer should give you a real URL, endpoint, UI state, stored result, or blocker. Open the URL and try the behavior the agent says it verified.
+
+For the task-board prompt, create a task, refresh the page, and confirm the task is still there. If it disappears, the app is not done; ask the agent to verify that exact behavior again and continue from current evidence rather than starting over.
+
+If the agent cannot finish, useful output names the blocker: missing credential, missing decision, unsupported runtime choice, or repeated failure it could not recover from.
+
+## Next steps
+
+<DocCardList items={[
+  {
+    type: 'link',
+    href: '/zcp/workflows/build-with-zcp',
+    label: 'Build and ship',
+    customProps: { icon: Icons['circle-stack'], description: 'Runtime layout, development work, delivery, packaging, and production release.' },
+  },
+  {
+    type: 'link',
+    href: '/zcp/concept/how-it-works',
+    label: 'How it works',
+    customProps: { icon: Icons['cog-six-tooth'], description: 'Live state, runtime fit, app wiring, deploy evidence, behavior proof, and blockers.' },
+  },
+  {
+    type: 'link',
+    href: '/zcp/security/trust-model',
+    label: 'Trust model',
+    customProps: { icon: Icons['users'], description: 'What the project-scoped token lets the agent do, and where the safety boundary sits.' },
+  },
+]} />
diff --git a/apps/docs/content/zcp/reference/agent-workflow.mdx b/apps/docs/content/zcp/reference/agent-workflow.mdx
new file mode 100644
index 000000000..e2ed76ebe
--- /dev/null
+++ b/apps/docs/content/zcp/reference/agent-workflow.mdx
@@ -0,0 +1,173 @@
+---
+title: 'Workflows in depth'
+description: 'The bootstrap and develop process behind generated-workflow ZCP MCP agent runs.'
+---
+
+Use this page when you want the process and exact labels behind a run that follows the generated workflow. Normal prompts should still describe outcomes. The workflow exists so the agent can read the project, prepare the right runtime and services, make the app change, deploy, verify, recover from evidence, and stop with proof or a concrete blocker.
+
+The useful mental split is:
+
+| Phase | What it settles | What should be true when it ends |
+| ----- | --------------- | -------------------------------- |
+| **Bootstrap** | Where the app should run and which services it depends on. | Runtime target and managed dependencies are known. |
+| **Develop** | Code, `zerops.yaml`, env wiring, deploy, verification, recovery, and delivery choice. | The requested behavior is proved, or the blocker is concrete. |
+
+For the loop itself, see [How it works](/zcp/concept/how-it-works). This page catalogs the exact phases, routes, layouts, labels, and gates.
+
+## Session layers
+
+Most workflow mistakes come from confusing these layers:
+
+| Layer | What it is | What changes here |
+| ----- | ---------- | ----------------- |
+| **Workspace** | Where `zcp` and the agent run: remote `zcp@1` service or local machine. | Agent config, tools, local workflow state. App code should not be deployed to the workspace itself. |
+| **Target runtime service** | The app runtime in scope: `appdev`, `appstage`, `app`, or a linked local deploy target. | App files, `zerops.yaml`, deploys, runtime logs, verification target. |
+| **Managed services** | Databases, caches, queues, search, storage, mail, and similar dependencies. | Schema/data operations and credentials, never app code deploys. |
+
+The `zcp` service is the control surface, not the app runtime.
+
+## What drives the workflow
+
+The generated workflow is made from four pieces:
+
+| Piece | Role |
+| ----- | ---- |
+| **MCP tools** | Project-scoped Zerops operations: discover, deploy, read logs/events, manage env vars, verify, import/export, and related actions. |
+| **Generated instructions** | Agent policy for when to inspect, when to ask, when to deploy, what evidence to read, and what counts as done. |
+| **Saved workflow state** | Local metadata about bootstrap sessions, runtime pairing, delivery choice, deploy attempts, verify attempts, and interrupted work. |
+| **Live Zerops project** | Source of truth for services, status, env refs, logs, events, deploys, runtime files, and public access. |
+
+The workflow does not replace judgment from the user or the agent. It gives the agent a process and evidence surface so app work does not depend on stale chat memory or a pasted runbook.
+
+## Bootstrap
+
+Bootstrap starts before app code changes when the workflow needs to understand or prepare the project layout.
+
+```mermaid
+flowchart TD
+  start(["Read live project state"])
+  interrupted{"Interrupted bootstrap<br/>to resume?"}
+  runtime{"Runtime services<br/>already exist?"}
+  known{"Request matches<br/>known recipe or stack?"}
+  resume(["resume"])
+  adopt(["adopt"])
+  recipe(["recipe"])
+  classic(["classic"])
+  done(["Runtime target and dependencies known"])
+
+  start --> interrupted
+  interrupted -- yes --> resume --> done
+  interrupted -- no --> runtime
+  runtime -- yes --> adopt --> done
+  runtime -- no --> known
+  known -- yes --> recipe --> done
+  known -- no --> classic --> done
+```
+
+| Route | Use when | Wrong signal |
+| ----- | -------- | ------------ |
+| `adopt` | Runtime services already exist, including recipe-created projects. | Recreating services that already fit, or targeting the `zcp` service as the app. |
+| `recipe` | The project is empty or only has remote setup, and the request matches a known stack recipe. | Treating an unchanged starter as the finished requested product. |
+| `classic` | The project is empty and needs a custom service plan. | Writing app code before service ownership and runtime target are known. |
+| `resume` | A previous bootstrap was interrupted. | Starting from scratch without checking live services and saved state. |
+
+Bootstrap ends when the app runtime target and managed dependencies are known. It should also make visible any choice that needs human judgment: cost, credentials, data, runtime layout, production risk, or destructive behavior.
+
+## Runtime layouts
+
+Runtime layout describes which app runtime services the workflow should use. Exact layout labels (`standard`, `dev`, `simple`, `local-stage`, `local-only`) and the runtime names they map to live in the [Glossary](/zcp/glossary#runtime-layout). The user-facing three (dev, dev + stage, stage / linked target) are in [Build and ship → Choose the runtime layout](/zcp/workflows/build-with-zcp#choose-the-runtime-layout). Service scaling mode (`HA`/`NON_HA`) is a separate service setting.
+
+In `standard`, stage is explicit. Work scoped to `appdev` does not silently touch `appstage`; a release or stage verification happens when the user asks for it.
+
+## Develop
+
+Develop is the main app-work loop. It begins after bootstrap has a runtime target and dependencies. It closes only when runtime reachability and requested behavior both pass, or when the agent has a blocker that needs a human decision. The loop itself is in [How it works → The work loop](/zcp/concept/how-it-works#the-work-loop). The labeled steps are:
+
+1. **Name runtime target.** State which runtime is in scope: `appdev`, `appstage`, `app`, or a linked local target.
+2. **Change code and config.** Edit app files, `zerops.yaml`, env references, migrations, seeds, framework config, or local `.env` bridge when needed.
+3. **Deploy directly first.** The first verified runtime deploy goes through MCP tools. Git or CI handoff comes after proof.
+4. **Start or restart if needed.** Dynamic dev runtimes may need an explicit start or restart after deploy. Built-in webserver runtimes do not need a separate dev-server step unless the framework requires one.
+5. **Verify runtime reachability.** Check service status, recent error logs, and HTTP readiness when the runtime is an HTTP service.
+6. **Verify requested behavior.** Check endpoint body, UI state, job result, persisted data, or another result tied to the user request.
+7. **Fix from evidence.** Read failure category, logs, events, and check output. Repeating the same deploy without new evidence is not progress.
+
+Reachability and requested behavior are separate gates. A green deploy with a broken route is not done.
+
+## Failure categories
+
+Failure categories (`build`, `start`, `verify`, `network`, `config`, `credential`, `other`) point the agent to the first useful evidence surface. The full read-first / avoid playbook is in [Troubleshooting → Evidence order](/zcp/reference/troubleshooting#evidence-order); the term definitions are in the [Glossary](/zcp/glossary#failure-category).
+
+Categorization is what turns retries into evidence-driven fixes.
+
+## Delivery after proof
+
+Delivery mode applies after a verified deploy. It does not replace the first proof.
+
+| Exact mode | User-facing choice | Meaning |
+| ---------- | ------------------ | ------- |
+| `auto` | Keep direct deploy | The agent keeps deploying future changes directly to the target runtime. |
+| `git-push` | Push to git | The agent commits and pushes to a configured remote; any resulting build still needs observation and verification. |
+| `manual` | External handoff | CI, release process, or a human owns future delivery; the workflow records evidence but does not initiate the next deploy. |
+
+Git-push capability, delivery mode, and build integration are separate. A project can have git-push configured while still using direct deploy for a given session.
+
+Packaging and production release are deliberate handoffs after proof. Packaging turns a verified runtime into a git-backed import bundle. A production release moves verified work into a separate production project through GUI setup, git/CI triggers, or the team's release process.
+
+## Generated files and state
+
+Remote setup and `zcp init` create configuration around the MCP server and workflow guidance.
+
+| File or directory | Created where | Purpose |
+| ----------------- | ------------- | ------- |
+| `CLAUDE.md` | Remote workspace or local project directory | Claude Code instruction surface. ZCP MCP writes a managed block between `<!-- ZCP:BEGIN -->` and `<!-- ZCP:END -->`. User content outside that block is preserved. |
+| `.claude/settings.local.json` | Remote workspace or local project directory | Claude Code per-project settings and ZCP MCP tool permissions for that directory. |
+| `.mcp.json` | Local project directory | Project-local MCP server config. It contains the local `zcp` command and the project-scoped `ZCP_API_KEY`; keep it out of git. |
+| `~/.claude.json` and SSH config | Remote setup | Workspace-level Claude Code and SSH wiring used inside the Zerops-hosted workspace. |
+| `.zcp/state/` | Working directory where the MCP server runs | Workflow state and service metadata for that project directory. |
+
+The managed `CLAUDE.md` block is refreshed by `zcp init` and by the MCP server when the block already exists. Put durable project instructions outside the ZCP markers. Edits inside the managed block are treated as generated content.
+
+`.zcp/state/` is not application source code and should not be committed. It stores metadata such as known runtime services, local/stage pairing, delivery preference, git-push setup, build integration, first-deploy stamps, workflow sessions, deploy attempts, verify attempts, and local coordination locks.
+
+ZCP MCP does not use `.zcp/state/` as a stale copy of the Zerops project. Service status, logs, events, runtime files, env-var values, and current platform configuration are read from Zerops or from the local filesystem when tools run. Local `.env` files are generated separately and may contain secrets.
+
+Do not edit `.zcp/state/` by hand during normal work. Use workflow operations to reset, resume, iterate, or reconfigure state. Deleting it intentionally discards local memory of services and delivery setup for that directory; the tools can rediscover live Zerops state, but delivery preferences and workflow history may need to be set again.
+
+## Completion evidence
+
+A completed app task should answer:
+
+- which bootstrap route was used when setup was needed,
+- which runtime target changed,
+- which managed services were used or created,
+- which deploy passed,
+- which reachability check passed,
+- which requested behavior passed,
+- which URL, endpoint, UI state, worker result, or stored value proves it,
+- which delivery choice applies next,
+- or which blocker remains and what evidence supports it.
+
+A clear blocker is acceptable completion only when it names the runtime in scope, failure category, evidence read, fixes tried, and human decision or credential still needed.
+
+## Confirmation gates
+
+Two operations pause because the loss is not safely reversible from inside the conversation: **service deletion** (named approval) and **destructive import override** (refuse-then-acknowledge). See [Tokens and credentials → What ZCP enforces for destructive actions](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions) for the user-facing confirmation flow.
+
+## Auditing a workflow
+
+A workflow run is well-shaped if the evidence answers:
+
+| Question | Evidence |
+| -------- | -------- |
+| Where did bootstrap start? | Live service list, saved workflow state, and bootstrap route. |
+| Where did bootstrap end? | Runtime target, managed dependencies, and any human decisions. |
+| Which runtime was developed and deployed? | Runtime target, deploy result, events, and logs. |
+| What proved reachability? | Verify output, service status, public URL, or HTTP probe. |
+| What proved behavior? | Endpoint, UI flow, job result, database/object state, or other requested proof. |
+| What controls future delivery? | Delivery mode, git-push state, build integration, package bundle, or production release handoff note. |
+
+## Related reference
+
+- [ZCP MCP tools](/zcp/reference/mcp-operations) — operation names and direct tool calls.
+- [Troubleshooting](/zcp/reference/troubleshooting) — recovery order when a run gets stuck.
+- [Glossary](/zcp/glossary) — exact terms used across the ZCP MCP reference.
diff --git a/apps/docs/content/zcp/reference/index.mdx b/apps/docs/content/zcp/reference/index.mdx
new file mode 100644
index 000000000..e11240461
--- /dev/null
+++ b/apps/docs/content/zcp/reference/index.mdx
@@ -0,0 +1,83 @@
+---
+title: "Reference"
+description: "Process details, MCP tool names, recovery guidance, and glossary for ZCP MCP."
+---
+
+import Icons from '@theme/Icon';
+
+Reference pages exist for the moments when an exact label, tool name, or recovery step matters. For day-to-day app work, start in [Build and ship](/zcp/workflows/build-with-zcp); for the loop itself, [How it works](/zcp/concept/how-it-works).
+
+<DocCardList items={[
+  {
+    type: 'link',
+    href: '/zcp/reference/agent-workflow',
+    label: 'Workflows in depth',
+    customProps: {
+      icon: Icons['arrow-path'],
+      description: 'Catalog of phases, routes, layouts, and labels behind a generated-workflow run.',
+    },
+  },
+  {
+    type: 'link',
+    href: '/zcp/reference/mcp-operations',
+    label: 'ZCP MCP tools',
+    customProps: {
+      icon: Icons['command-line'],
+      description: 'Exact tool names and surface for custom MCP clients or agent policy.',
+    },
+  },
+  {
+    type: 'link',
+    href: '/zcp/reference/troubleshooting',
+    label: 'Troubleshooting',
+    customProps: {
+      icon: Icons['beaker'],
+      description: 'When the agent is stuck, a session was interrupted, deploys keep failing, or you are taking over manually.',
+    },
+  },
+  {
+    type: 'link',
+    href: '/zcp/glossary',
+    label: 'Glossary',
+    customProps: {
+      icon: Icons['book-open'],
+      description: 'Definitions for terms across pages and workflow status (`appdev`, `local-stage`, `delivery mode`, etc.).',
+    },
+  },
+]} />
+
+## Common scenarios
+
+<div className="zcp-claim-grid">
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Debugging a stuck deploy
+
+[Troubleshooting → Evidence order](/zcp/reference/troubleshooting#evidence-order) names what to read first; [Workflows in depth → Failure categories](/zcp/reference/agent-workflow#failure-categories) maps the labels.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Building a custom MCP client
+
+[ZCP MCP tools](/zcp/reference/mcp-operations) for the tool surface; [Workflows in depth → What drives the workflow](/zcp/reference/agent-workflow#what-drives-the-workflow) for what the generated workflow adds on top of bare tools.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Auditing a finished run
+
+[Workflows in depth → Completion evidence](/zcp/reference/agent-workflow#completion-evidence) for what should be in the final answer; [Trust model → Audit evidence](/zcp/security/trust-model#audit-evidence) for what Zerops records platform-side.
+
+</div>
+
+</div>
diff --git a/apps/docs/content/zcp/reference/mcp-operations.mdx b/apps/docs/content/zcp/reference/mcp-operations.mdx
new file mode 100644
index 000000000..582b61ad5
--- /dev/null
+++ b/apps/docs/content/zcp/reference/mcp-operations.mdx
@@ -0,0 +1,103 @@
+---
+title: 'ZCP MCP tools'
+description: 'Use ZCP MCP as a direct MCP tool surface: what the tools do, what they do not decide, and which operations exist.'
+---
+
+Most app work should be phrased as an outcome: build this, fix that, deploy and prove it. Operation names matter when you configure agent-client policy, debug an MCP integration, build a custom client, or use ZCP MCP pragmatically as a set of project-scoped Zerops tools.
+
+ZCP MCP is the MCP server exposed by the `zcp` binary. Any MCP-capable client can connect to it and call tools such as `zerops_discover`, `zerops_logs`, `zerops_events`, `zerops_deploy`, or `zerops_verify`.
+
+## Tool-only use
+
+The MCP server exposes operations. It does not, by itself, decide the whole app lifecycle.
+
+Claude Code with the generated workflow uses its instructions to decide sequencing: inspect state before changing things, choose the runtime target, use existing services or create missing ones, deploy, read failure evidence, verify requested behavior, and stop with proof or a blocker.
+
+Tool-only use is valid when you want a custom MCP client, script, dashboard, policy-gated agent, or narrow operational task. In that setup, your integration owns the sequencing:
+
+- which project services are in scope,
+- when a deploy is allowed,
+- what counts as verification,
+- which logs or events should be read after failure,
+- when to ask a human,
+- when to stop.
+
+Tool-level gates still apply. Service deletion requires explicit named approval, and destructive import override requires an acknowledgement of the exact targets.
+
+If you use Claude Code but do not want the generated workflow guidance, keep the MCP connection and remove the ZCP-managed workflow block from `CLAUDE.md`, or keep your own policy outside the ZCP markers. What you lose is the generated instruction layer that makes the agent plan around live state, deploy with bounded retries, verify behavior, and report proof or a concrete blocker.
+
+Generated files and workflow state are documented in [Workflows in depth](/zcp/reference/agent-workflow#generated-files-and-state).
+
+## What the tools can do
+
+| Area | Tools | Typical use |
+| ---- | ----- | ----------- |
+| Discover | `zerops_discover` | Read services, service metadata, env-var keys, and project topology. |
+| Observe | `zerops_logs`, `zerops_events`, `zerops_verify`, `zerops_process` | Diagnose deploys, read runtime/build evidence, run health checks, and watch async processes. |
+| Deploy | `zerops_deploy` | Push source through Zerops build/deploy pipeline and return build/deploy evidence. |
+| Configure | `zerops_env`, `zerops_subdomain`, `zerops_scale`, `zerops_manage` | Change env vars, public subdomain access, scaling, lifecycle, reload/restart, and storage attachment. |
+| Import/export | `zerops_import`, `zerops_export`, `zerops_preprocess` | Import project/service YAML, read export YAML, and expand Zerops preprocessor expressions. |
+| Workspace | `zerops_mount` | Mount or unmount runtime filesystems in remote setup. |
+| Workflow | `zerops_workflow` | Track, recover, or configure workflow sessions and packaging/export flow. |
+| Destructive | `zerops_delete` | Delete one named service after explicit user approval. |
+
+Recipe-authoring and ZCP-internal maintenance operations are intentionally out of scope for this public reference.
+
+## Read-only operations
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_discover` | Read services, ports, env-var keys, and current state. |
+| `zerops_export` | Read platform project/service export YAML and service metadata. |
+| `zerops_logs` | Read runtime/build logs filtered by service, severity, time, or search. |
+| `zerops_events` | Read service activity, deploys, builds, scaling, and failures. |
+| `zerops_verify` | Run service health, recent error log, and HTTP-readiness checks. |
+| `zerops_knowledge` | Fetch ZCP MCP guidance or platform knowledge for the current state. |
+| `zerops_process` | Check a known async process; cancel is a mutating action. |
+
+## Mutating operations
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_deploy` | Ship code through the Zerops build and deploy pipeline. |
+| `zerops_env` | Read, set, delete, or generate env vars and local `.env` files. |
+| `zerops_manage` | Start, stop, restart, reload, or connect storage. |
+| `zerops_scale` | Change CPU, RAM, disk, CPU mode, or container autoscaling where supported. `HA`/`NON_HA` is set at service creation. |
+| `zerops_subdomain` | Enable or disable public subdomain access. |
+| `zerops_delete` | Delete a service. Explicit named approval is required. |
+
+## Operational setup
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_workflow` | Track, recover, or configure workflow sessions; also carries the package-running-service export flow. |
+| `zerops_import` | Import project/service definitions. Destructive override is gated. |
+| `zerops_mount` | Mount or unmount runtime filesystems in remote setup. |
+| `zerops_preprocess` | Expand Zerops preprocessor expressions. |
+
+## Remote and local tool differences
+
+The operation names are the same, but the filesystem and network boundary differ.
+
+| Area | Remote setup | Local setup |
+| ---- | ------------ | ----------- |
+| Files | Runtime files through SSHFS or remote containers. | Local working directory. |
+| Deploy source | Remote service or batch deploy inside Zerops. | Local `workingDir`. |
+| Dev server | Remote setup can run or inspect remote dev processes. | Your local tool owns the dev server. |
+| Env bridge | Env vars are already available in Zerops. | `.env` generation resolves Zerops references for local use. |
+| Git | Workspace-managed credentials. | User's local git credentials. |
+
+## Confirmation gates
+
+Two operations require explicit care:
+
+- **Service deletion** requires explicit user approval in the current conversation, by service name.
+- **Destructive import override** first refuses and names what would be replaced; a second call must acknowledge the same targets.
+
+See [Tokens and credentials](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions) for the user-facing confirmation flow.
+
+## Related reference
+
+- [Workflows in depth](/zcp/reference/agent-workflow) - how a generated-workflow run uses these tools.
+- [Troubleshooting](/zcp/reference/troubleshooting) - evidence order when a run gets stuck.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, and confirmation gates.
diff --git a/apps/docs/content/zcp/reference/troubleshooting.mdx b/apps/docs/content/zcp/reference/troubleshooting.mdx
new file mode 100644
index 000000000..a575472fd
--- /dev/null
+++ b/apps/docs/content/zcp/reference/troubleshooting.mdx
@@ -0,0 +1,94 @@
+---
+title: 'Troubleshooting'
+description: 'A recovery playbook for stuck ZCP MCP sessions: status first, evidence order, local setup checks, and stop conditions.'
+---
+
+Use troubleshooting when the agent is confused, a session was interrupted, deploy keeps failing, verification does not match the final answer, or you are taking over manually.
+
+Start from current state, not chat memory:
+
+```text
+Read current project status and tell me where things stand before changing anything.
+```
+
+That should make the agent read live services, saved workflow state, recent deploys, logs, events, and verification output before it edits anything else.
+
+## Find where the run is stuck
+
+| Stuck point | Ask for | What you should get |
+| ----------- | ------- | ------------------- |
+| Agent lost context | Current project status and services in scope. | Runtime target, managed services, last deploy, last verify result, and any saved workflow state. |
+| Service setup is unclear | Runtime target and dependency plan. | Which existing services will be used, which missing services are needed, and what needs human approval. |
+| Deploy failed | Failure category plus build logs, runtime logs, and recent service events. | A cause or next diagnostic step, not another blind deploy. |
+| Runtime is reachable but app behavior fails | The failing behavior check and request-time runtime logs. | Endpoint/UI/job/data evidence tied to the product request. |
+| Local app cannot reach services | VPN state, generated `.env`, and selected runtime/setup. | Whether MCP auth works separately from private service access. |
+| Delivery is ambiguous | Delivery mode, git-push state, build integration, or handoff note. | What will happen after proof: direct deploy, git push, CI, package, or production handoff. |
+
+Useful prompt:
+
+```text
+Show me the runtime in scope, failure category, evidence read, fixes tried, and the next decision needed.
+```
+
+## Evidence order
+
+The useful evidence depends on the failure category surfaced by deploy or verify tools.
+
+| Category | Read first | Avoid |
+| -------- | ---------- | ----- |
+| `build` | Build logs, build commands, dependency manifests, deploy file list. | Runtime logs; the runtime did not start yet. |
+| `start` | Prepare/runtime logs, start command, ports, env references. | Rebuilding without checking why the process exited. |
+| `verify` | Failing check detail, HTTP response, request-time runtime logs, stored state. | Calling a green deploy "done" before behavior passes. |
+| `network` | VPN, SSH, DNS, subdomain readiness, service status, transport error. | Editing app code before proving connectivity. |
+| `config` | Field-level rejection, `zerops.yaml`, setup name, env references, service settings. | Guessing from service names or dashboard memory. |
+| `credential` | The named credential surface: `ZCP_API_KEY`, git, SSH, managed-service, CI, or external API. | Rotating unrelated secrets. |
+| `other` | Raw events/logs and the exact phase that failed. | Repeating the same attempt after the same unknown reason. |
+
+Failure categories come from the deploy/verify evidence surface. They are not a verdict; they tell the agent where the next useful signal is.
+
+## Local setup checks
+
+Local setup has two separate connections:
+
+- MCP uses `ZCP_API_KEY` to talk to the Zerops API.
+- Your local app and shell use `zcli vpn up` to reach private service hostnames such as `db` or `cache`.
+
+That means MCP can work while the app cannot reach the database.
+
+| Symptom | Check |
+| ------- | ----- |
+| Agent does not list the `zerops` MCP server. | Relaunch the agent from the directory containing `.mcp.json`. |
+| MCP startup says the token reaches multiple projects. | Replace `ZCP_API_KEY` with a single-project token. |
+| Re-running `zcp init` made MCP disappear. | Re-add the `ZCP_API_KEY` env block to `.mcp.json` and restart the agent. |
+| Local app cannot reach `db`, `cache`, or storage hostnames. | Run `zcli vpn up <project-id>` again. |
+| Local app reads stale credentials. | Regenerate `.env`; it is a snapshot, not a live sync. |
+| `zcp` is not found after install. | Add `~/.local/bin` or the install target to `PATH`, then restart the shell/agent. |
+
+For local setup details, use [Run locally](/zcp/setup/local-agent-bridge).
+
+## Manual takeover
+
+If you take over from the agent, read evidence in this order:
+
+1. Service list and runtime target.
+2. Service-scoped events for the runtime in question.
+3. Build logs for build failures, runtime logs for start or request failures.
+4. Verify output for reachability and requested behavior.
+5. Git history only when delivery uses git-push or CI.
+
+Do not inspect every service first. Start with the runtime in scope and expand only when the evidence points to a dependency.
+
+## When to stop
+
+Stop the loop when:
+
+- the same failure repeats without new evidence,
+- the agent needs an external credential,
+- the target runtime or stage choice is ambiguous,
+- a destructive action would delete or replace a service,
+- production release authority is needed,
+- the request no longer fits the current project layout.
+
+A blocker is acceptable only when it names the runtime in scope, failure category, evidence read, fixes attempted, and the human decision or credential still needed.
+
+Before destructive recovery, read service-scoped events, logs, deploy/verify result, and git history when delivery uses git-push. Token scope and destructive confirmations are covered in [Tokens and credentials](/zcp/security/tokens-and-project-access).
diff --git a/apps/docs/content/zcp/security/production-policy.mdx b/apps/docs/content/zcp/security/production-policy.mdx
new file mode 100644
index 000000000..202716c20
--- /dev/null
+++ b/apps/docs/content/zcp/security/production-policy.mdx
@@ -0,0 +1,93 @@
+---
+title: 'Production boundary'
+description: 'Keep ZCP in development or staging. Promote verified work to production through CI, release tooling, or a deliberate human action.'
+---
+
+Use the MCP setup in development or staging. Keep production in a separate Zerops project without a `zcp` service. Production deploys should come from CI, a release pipeline, or a deliberate human `zcli` push using production credentials.
+
+Zerops does not prevent you from adding `zcp` to production. The policy exists because ZCP MCP gives a coding agent operational access. In production, that is the wrong blast radius for normal app development.
+
+The production boundary does not make ZCP output disposable. The intended path is production-shaped dev or stage infrastructure, verified behavior, and then a controlled production release outside the agent loop.
+
+## Recommended project layout
+
+| Project                       | Contains                                                                                                | Who operates it                |
+| ----------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------------ |
+| Development / staging project | `zcp` service, agent workspace, dev runtime, optional stage runtime, non-production managed services    | Agent plus humans              |
+| Production project            | Production runtimes, production managed services, production env values, production backups and scaling | CI/release process plus humans |
+
+The two projects use different Zerops tokens. A development token cannot reach production. A production token should not be placed in the development `zcp` service or a local `.mcp.json` used by the agent.
+
+## Why production is a separate project
+
+- **The Zerops project is the security boundary.** ZCP binds to one project at startup. Keeping production separate prevents a development agent from touching it by accident.
+- **Secrets stay clean.** Production env values, database credentials, object-storage keys, and third-party secrets stay in the production project.
+- **Operational policies can differ.** Production often needs HA services, stronger backup retention, stricter scaling, alerts, and release approvals. Development can stay cheaper and more flexible.
+- **Audit trails stay readable.** Development experiments and agent retries do not mix with production deploy evidence.
+
+This separation matters even when the same source repository deploys to both projects.
+
+## What stage proves
+
+Stage is the production-like rehearsal inside development or staging. It is where the agent proves the change before the release leaves the ZCP loop.
+
+Use stage to match production where it matters:
+
+- same runtime family and version,
+- same managed service types,
+- same build and start command pattern,
+- same deploy route,
+- behavior checks against a real running service.
+
+Stage is not production. It should use non-production data and non-production secrets. A green stage means the change is ready for release, not that the agent should deploy to production itself.
+
+## The release
+
+After stage verifies, ZCP's job is done for that change. The production release happens outside the agent loop:
+
+- CI deploys a merged commit or release tag to the production project.
+- A release pipeline runs `zcli push` with a production-scoped `ZEROPS_TOKEN`.
+- A human runs `zcli push` against the production project with production credentials.
+
+The agent can prepare the handoff by pushing code, summarizing verification evidence, and naming the runtime and URL it verified. It should not bridge development to production.
+
+For the practical workflow, see [Promote to production](/zcp/workflows/promote-to-production).
+
+## Credential rules
+
+| Credential                          | Production policy                                                                                        |
+| ----------------------------------- | -------------------------------------------------------------------------------------------------------- |
+| Development `ZCP_API_KEY`           | Never grants production access. Keep it scoped to the development/staging project.                       |
+| Production `ZEROPS_TOKEN`           | Store only in the production CI/release secret store. Do not place it in the development `zcp` service.  |
+| Agent subscription or model API key | May be used by the agent, but it does not grant Zerops production access by itself.                      |
+| Git credentials                     | May push source changes, but production deploy authority should stay with the release process.           |
+
+If a production deploy fails, investigate in the production project with production logs, events, backups, and CI output. Do not attach the development agent directly to production as a shortcut.
+
+## Production separation rules
+
+| Rule                                                              | Why it matters                                                                        |
+| ----------------------------------------------------------------- | ------------------------------------------------------------------------------------- |
+| Keep the production project without a `zcp` service               | Production should not host an agent workspace with operational access.                |
+| Keep production tokens out of local `.mcp.json`                   | Local agents should operate development or staging projects, not production.          |
+| Keep production `ZEROPS_TOKEN` in the release secret store        | Development tooling should not deploy to production outside the release process.      |
+| Treat stage proof as release evidence, not production approval    | Stage is the rehearsal; production approval is a separate release decision.           |
+| Promote through CI, release tooling, or a deliberate human action | Production execution should use production credentials.                               |
+
+## Acceptable agent involvement
+
+The agent can still help before the production release:
+
+- make the code change in development,
+- deploy and verify dev/stage runtimes,
+- produce the URL, endpoint result, or UI proof it verified,
+- push or prepare the branch your team uses for review,
+- summarize release notes and known blockers for the human or CI handoff.
+
+ZCP's involvement stops at the handoff. Production execution belongs to the release process.
+
+## Related security
+
+- [Promote to production](/zcp/workflows/promote-to-production) - practical production release paths after ZCP proof.
+- [Trust model](/zcp/security/trust-model) - the boundary that makes this policy enforceable.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - production and development credentials stay separate.
diff --git a/apps/docs/content/zcp/security/tokens-and-project-access.mdx b/apps/docs/content/zcp/security/tokens-and-project-access.mdx
new file mode 100644
index 000000000..266dd630e
--- /dev/null
+++ b/apps/docs/content/zcp/security/tokens-and-project-access.mdx
@@ -0,0 +1,162 @@
+---
+title: 'Tokens and credentials'
+description: 'ZCP_API_KEY, agent credentials, git credentials, CI tokens, and destructive-action confirmations.'
+---
+
+ZCP uses a Zerops API token to operate exactly one project. The important rule is simple: `ZCP_API_KEY` is the Zerops credential for ZCP, not an agent login, not a git token, and not a general account token.
+
+Remote setup gets `ZCP_API_KEY` from Zerops. Local setup reads it from `.mcp.json`. In both setups, ZCP validates the token at startup and refuses tokens that resolve to no project or multiple projects.
+
+## Credential map
+
+| Name                         | What it authorizes                           | Where it belongs                                                            |
+| ---------------------------- | -------------------------------------------- | --------------------------------------------------------------------------- |
+| `ZCP_API_KEY`                | ZCP against one Zerops project               | Remote: `zcp` service env injected by Zerops. Local: `.mcp.json` env block. |
+| Agent login or model API key | The coding agent itself                      | The bundled agent in remote setup, or your local agent client.              |
+| `GIT_TOKEN`                  | Git push from remote setup to a git provider | Secret env var on the `zcp` service when remote git-push delivery needs it. |
+| `ZEROPS_TOKEN`               | `zcli` in GitHub Actions or external CI      | Separate Zerops delivery token stored in the CI/release secret store.       |
+
+Keeping these names separate prevents most setup and delivery failures.
+
+## Recommended `ZCP_API_KEY` shape
+
+Use a Zerops API token with **Custom access per project**, exactly one selected project, and **Full access** for normal agent work.
+
+Read-only tokens can authenticate, but they fail as soon as the agent needs to deploy, write env vars, restart services, scale, or change public access. Account-wide or multi-project tokens are refused before the agent can operate.
+
+To generate the token:
+
+1. Open [Settings -> Access Tokens Management](https://app.zerops.io/settings/token-management).
+2. Create a token and name it for the project, for example `zcp-<project-slug>`.
+3. Choose **Custom access per project**.
+4. Add exactly one project.
+5. Set that project to **Full access** for normal ZCP MCP work.
+6. Create the token and copy the value. Zerops shows it only at creation time.
+
+The token's blast radius equals the project and its granted permissions. Other projects, organization settings, and billing stay out of reach. Zerops [Roles & Permissions](/features/rbac#integration-tokens) remain the platform authority.
+
+## Rejected token shapes
+
+ZCP validates token shape at startup.
+
+| Token shape                         | What happens                                | Fix                                                                  |
+| ----------------------------------- | ------------------------------------------- | -------------------------------------------------------------------- |
+| Account-wide or multi-project token | ZCP refuses to start.                       | Generate a token scoped to exactly one project.                      |
+| Token with no project access        | ZCP refuses to start.                       | Grant one project or create a new single-project token.              |
+| Expired or revoked token            | ZCP refuses to start or receives HTTP 401.  | Replace the token and restart the agent or ZCP process.              |
+| Read-only project token             | Startup may pass, but mutations fail later. | Use full access for normal agent work, or expect read-only behavior. |
+
+Common messages:
+
+| Message                                                        | Meaning                                           |
+| -------------------------------------------------------------- | ------------------------------------------------- |
+| `Token accesses N projects; use project-scoped token`          | The token can see more than one project.          |
+| `Token has no project access`                                  | The token authenticates but reaches no project.   |
+| `No authentication found: set ZCP_API_KEY or log in with zcli` | The `zcp` process did not receive a usable token. |
+| `AUTH_TOKEN_EXPIRED` or HTTP 401                               | The token expired, was revoked, or is invalid.    |
+
+For ZCP MCP setup, provide `ZCP_API_KEY`. `zcli` login is a diagnostic fallback, not the normal agent setup.
+
+## Where the token lives - remote vs local {#where-the-token-lives--remote-vs-local}
+
+ZCP reads `ZCP_API_KEY` from its process environment at startup. It does not write the token somewhere else or exchange it for a derived credential.
+
+| Setup                                        | Where `ZCP_API_KEY` comes from                          | Who provisions it                                        |
+| -------------------------------------------- | ------------------------------------------------------- | -------------------------------------------------------- |
+| [Remote setup](/zcp/setup/hosted-workspace)  | The `zcp` service environment                           | Zerops injects it automatically when the service starts. |
+| [Local setup](/zcp/setup/local-agent-bridge) | The `env` block of `.mcp.json` in the app directory     | You add it after `zcp init`.                             |
+
+In remote setup, do not hand-edit `ZCP_API_KEY`. Replace or rotate it through the Zerops-managed surface so the service keeps the intended project boundary.
+
+In local setup, `zcp init` writes a token-less `.mcp.json`. Add the token manually:
+
+```json
+{
+  "mcpServers": {
+    "zerops": {
+      "command": "zcp",
+      "args": ["serve"],
+      "env": {
+        "ZCP_API_KEY": "<your-single-project-token>"
+      }
+    }
+  }
+}
+```
+
+Add `.mcp.json` to `.gitignore`. Each app directory should have its own file and token. Switching projects means switching directories, not editing one shared credential.
+
+## Agent credentials are separate
+
+The bundled agent in remote setup may ask you to sign in or provide a model API key. That is not `ZCP_API_KEY`.
+
+Zerops wires the agent to ZCP. It does not provide your model subscription, store your agent login, or rotate your agent provider credentials. Treat the agent account exactly as you would outside Zerops.
+
+## Git and CI credentials
+
+`GIT_TOKEN` matters only when remote setup pushes to a git remote. It authorizes git provider access from the `zcp` service. In local setup, your local git CLI uses your normal SSH key or credential helper, so ZCP does not need `GIT_TOKEN`.
+
+`ZEROPS_TOKEN` is a Zerops API token used by GitHub Actions or another CI system when that system runs `zcli` against Zerops. It is not a GitHub token. Use a separate delivery token so ZCP sessions and CI/release workflows can be named, rotated, and audited independently.
+
+For production delivery, `ZEROPS_TOKEN` should reach production only and live only in the production CI or release secret store.
+
+With GitHub CLI, the secret shape is:
+
+```bash
+gh secret set ZEROPS_TOKEN -b "$ZEROPS_DELIVERY_TOKEN"
+```
+
+Use the GitHub UI or your CI secret manager instead if your team does not allow local CLI secret writes.
+
+## Rotation
+
+Rotate in the Zerops dashboard, then update the surface that consumes the token.
+
+| Surface              | Rotation step                                                                                                                            |
+| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- |
+| Remote `ZCP_API_KEY` | Reconfigure or redeploy the remote workspace through the dashboard-managed flow, then restart the `zcp` service so the process gets the new value. |
+| Local `ZCP_API_KEY`  | Paste the new token into `.mcp.json`, then restart the local agent client.                                                               |
+| `ZEROPS_TOKEN` in CI | Replace the repository or CI secret. The next workflow run uses the new value.                                                           |
+| `GIT_TOKEN`          | Replace the git-provider credential stored for remote setup.                                                                             |
+
+Rotation is picked up on the next process start or CI run, not in the middle of a live agent session.
+
+## What ZCP enforces for destructive actions
+
+A valid token does not remove every guardrail. ZCP MCP adds explicit confirmation for operations where the loss is not safely reversible from inside the conversation.
+
+| Operation                                                 | Gate                                                                                                                                                   |
+| --------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| Service deletion                                          | Requires explicit approval in the same conversation, including the service name. Remote setup also blocks deleting the `zcp` service it is running in. |
+| Wholesale service replacement after failed deploy history | The first request refuses, surfaces what would be replaced, and requires the agent to read failure evidence before asking you to confirm.              |
+
+Deploys, env changes, lifecycle actions, restarts, scaling, and public-access changes do not get an additional ZCP-specific confirmation gate. They are normal operations for a full-access token and should be reviewed through service events, logs, verification output, and team policy.
+
+Approval from a previous chat does not carry forward. A new conversation needs a new approval.
+
+## Evidence before destructive recovery
+
+When a service has recent failure history, ZCP enforces one recovery rule: read the platform evidence before destroying or replacing the service.
+
+The agent should inspect service events, build logs, runtime logs, and failure summaries, then either fix the cause or show you the evidence before asking for destructive confirmation. The point is to preserve the failure context the next session needs.
+
+A service waiting for first code deploy is not the same thing as a failed service. The gate is about recorded failure history, not idle state.
+
+Threat model and boundaries: [Trust model](/zcp/security/trust-model).
+
+## Credential checks
+
+- **Account-wide full-access tokens are refused.** ZCP needs one project, not a broad account credential.
+- **`zcp init` regenerates `.mcp.json`.** Re-add `ZCP_API_KEY` after rerunning it.
+- **`GIT_TOKEN` is not `ZCP_API_KEY`.** One authorizes git provider access; the other authorizes Zerops operations.
+- **`ZEROPS_TOKEN` in GitHub Actions is not a GitHub PAT.** It is a Zerops API token for `zcli`.
+- **A rotated token needs a restart.** The live ZCP process keeps the old environment value until it starts again.
+- **A successful confirmation is still destructive.** Backups, git history, and service events are your recovery evidence; ZCP does not auto-rollback a confirmed deletion or replacement.
+
+## Related pages
+
+- [Trust model](/zcp/security/trust-model) - the access boundary this page enforces.
+- [What remote workspace gives you](/zcp/setup/hosted-workspace) - automatic token injection.
+- [Run locally](/zcp/setup/local-agent-bridge) - local `.mcp.json` token setup.
+- [Production boundary](/zcp/security/production-policy) - why production gets separate credentials.
+- [GitHub integration](/references/github-integration) - CI secret usage with Zerops.
diff --git a/apps/docs/content/zcp/security/trust-model.mdx b/apps/docs/content/zcp/security/trust-model.mdx
new file mode 100644
index 000000000..f7fc945f8
--- /dev/null
+++ b/apps/docs/content/zcp/security/trust-model.mdx
@@ -0,0 +1,110 @@
+---
+title: 'Trust model'
+description: 'How MCP access is limited, and how remote and local setup change the surrounding blast radius.'
+---
+
+The trust model starts with one rule: one ZCP process operates one Zerops project. `ZCP_API_KEY` decides that boundary at startup, and ZCP refuses tokens that resolve to no project or multiple projects.
+
+That boundary is strong on the Zerops side. It does not make the agent harmless. A valid token can still deploy, change env vars, restart services, read logs, scale services, and change public access when Zerops permissions allow it. Treat it like an operations credential.
+
+## Boundary summary
+
+| Question                             | Answer                                                                                      |
+| ------------------------------------ | ------------------------------------------------------------------------------------------- |
+| What project can ZCP see?            | Exactly one project resolved from `ZCP_API_KEY` at startup.                                 |
+| What can ZCP change?                 | Whatever Zerops RBAC grants that token inside the project.                                  |
+| What is outside reach?               | Other projects, organization-wide settings, billing, and any operation Zerops RBAC rejects. |
+| What network can remote setup reach? | Private services from inside the `zcp` service.                                             |
+| What network can local setup reach?  | The Zerops API directly, plus private services only when your laptop VPN is up.             |
+| Who owns the agent login?            | You. The agent subscription or model API key is separate from `ZCP_API_KEY`.                |
+
+Zerops [RBAC](/features/rbac) remains the authority. ZCP does not bypass platform permissions; it exposes project operations to the agent only through the token it was given.
+
+## Remote and local blast radius
+
+Remote setup and local setup share the same Zerops boundary, but not the same surroundings.
+
+| Area                       | Remote setup                                                                 | Local setup                                                     |
+| -------------------------- | ---------------------------------------------------------------------------- | --------------------------------------------------------------- |
+| Agent location             | Inside the `zcp@1` service when **Include Coding Agent** is enabled          | On your machine through your editor or CLI agent                |
+| Files visible to the agent | Workspace files and mounted runtime files                                    | Local files and anything your client permits                    |
+| Private service access     | Private network without laptop VPN                                           | `zcli vpn up <project-id>` from your machine                    |
+| Local machine exposure     | No direct access to your laptop                                              | Agent client runs as your local user                            |
+| Best safety posture        | Keep ZCP in a development/staging project and avoid mounting unrelated files | Restrict client permissions, shell access, and filesystem scope |
+
+Remote setup is contained inside Zerops by design. Local setup is supervise-the-client by design. Either can be right, but local setup requires more attention to your agent client's local permissions.
+
+## Credential ownership
+
+There are three separate credential surfaces people often mix together:
+
+| Credential                          | Owner                        | Purpose                                                |
+| ----------------------------------- | ---------------------------- | ------------------------------------------------------ |
+| `ZCP_API_KEY`                       | Zerops token                 | Lets ZCP operate one Zerops project.                   |
+| Agent subscription or model API key | You / the agent provider     | Lets the coding agent run. Zerops does not provide it. |
+| Git or CI credentials               | You / your repository system | Lets finished work push to git or deploy through CI.   |
+
+In both setups, the agent account is still authenticated through the agent's own login flow. For where each credential lives (remote injection vs `.mcp.json`), rotation, rejected token shapes, and `GIT_TOKEN` / `ZEROPS_TOKEN`, see [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## What the token lets the agent do
+
+The agent can perform normal operational work when the token has permission:
+
+- discover runtime and managed services,
+- create or adjust services when the task requires it,
+- read and write service env vars,
+- deploy app code to runtime services,
+- read build logs, runtime logs, and service events,
+- restart, reload, stop, start, or scale services,
+- enable or disable public access,
+- prepare delivery such as git push or CI handoff.
+
+This is why development and staging projects are the right place for ZCP. Production should be a separate project without a `zcp` service; see [Production boundary](/zcp/security/production-policy).
+
+## Remote setup specifics
+
+- **`zcp` service is not the app.** It is the workspace and control surface. Deploys target app runtimes, not the `zcp` service.
+- **The service has operational reach.** A terminal in the `zcp` service can use the same ZCP access as the agent. Review the dashboard's additional changes before deploying the service; they are what give the workspace its operating surface.
+- **Network reach is broader than file reach.** The workspace can reach private services, but it only sees runtime files that are mounted into it.
+- **Do not hand-edit `ZCP_API_KEY`.** Remote setup gets the value from Zerops. Manual replacement can break the intended one-project boundary.
+
+## Local setup specifics
+
+- **The agent inherits local reach.** ZCP MCP is limited to one project, but the local agent client can read files, run commands, and use credentials allowed by your client settings.
+- **Each local directory has its own config.** `.mcp.json` and `.zcp/state/` belong to one app directory. Launching from the wrong directory can connect the wrong token or no token.
+- **VPN is outside MCP authority.** Bringing up Zerops VPN needs your operating-system approval. The tools cannot grant that for the agent.
+- **`.env` files are snapshots.** They contain real project credentials and should stay out of git.
+
+## Human confirmation gates
+
+Most project operations do not get an extra ZCP-specific confirmation prompt. Deploys, env changes, restarts, scaling, and public-access changes are normal project operations and are audited through platform evidence.
+
+ZCP MCP adds hard gates where the loss is not safely reversible from the conversation: **service deletion** (explicit same-conversation approval by service name; remote setup also blocks deleting the `zcp` service it is running in) and **wholesale service replacement after failed deploy history** (refuse-then-acknowledge with failure evidence first). Approval from an old chat does not carry forward. The full enforcement rules are in [Tokens and credentials → What ZCP enforces for destructive actions](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions).
+
+## Audit evidence
+
+Zerops records platform-side evidence. It does not record the agent's private reasoning, every shell edit, browser-helper action, or prompt history outside your agent client.
+
+When taking over from an agent, read evidence in this order:
+
+1. service-scoped events,
+2. build logs,
+3. runtime logs,
+4. deploy and verification output,
+5. git history when delivery uses git-push.
+
+| Surface        | What it proves                                                            | What it does not prove                       |
+| -------------- | ------------------------------------------------------------------------- | -------------------------------------------- |
+| Service events | Deploy lifecycle, failures, restarts, scaling, and public-access changes. | The exact source edit that caused the event. |
+| Build logs     | Dependency install, build commands, compile/package failures.             | Runtime request behavior after deploy.       |
+| Runtime logs   | Start crashes, port binding, request-time app errors.                     | Why the build failed.                        |
+| Verify output  | Whether reachability and requested behavior passed.                       | That unrelated app flows work.               |
+| Git history    | Source changes pushed during git-push delivery.                           | Uncommitted shell edits.                     |
+
+Filter by service hostname when possible. Project-level timelines can include unrelated services and older failures.
+
+## Related security
+
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, rotation, and confirmation gates.
+- [Remote or local setup](/zcp/setup/choose-workspace) - compare blast radius before setup.
+- [Production boundary](/zcp/security/production-policy) - keep production outside the agent loop.
diff --git a/apps/docs/content/zcp/setup/choose-workspace.mdx b/apps/docs/content/zcp/setup/choose-workspace.mdx
new file mode 100644
index 000000000..143bb9ccf
--- /dev/null
+++ b/apps/docs/content/zcp/setup/choose-workspace.mdx
@@ -0,0 +1,73 @@
+---
+title: 'Remote or local setup'
+description: 'Where the zcp binary and agent workspace run: inside Zerops or on your machine.'
+---
+
+Use this page to decide where the agent workspace lives: inside Zerops, or on your machine beside the local app directory.
+
+Both setups connect the agent to one Zerops project and the same project-scoped operations. The tradeoff is where the agent works: filesystem ownership, private-service access, credential location, bundled tooling, and shell blast radius. The runtime layout is a separate app-work decision.
+
+## What you are choosing
+
+**Remote setup** always includes the `zcp@1` workspace service. If the chosen **runtime layout** has a development runtime, the agent works with that service too.
+
+**Local setup** does not need the workspace service or a separate development runtime. It runs beside your **local source tree** and deploys to the Zerops runtime you choose to link.
+
+Remote setup is the **safer default** for broader agent autonomy because the agent shell, private networking, and workspace files stay **inside Zerops** instead of on your machine. Use local setup when local files, data, desktop tools, git credentials, or a **local-only agent client** need to stay local.
+
+## Setup comparison
+
+|                         | Remote setup                                      | Local setup                                  |
+| ----------------------- | ------------------------------------------------- | -------------------------------------------- |
+| Workspace service       | Always has `zcp@1`.                               | Not required.                                |
+| Development runtime     | Only if the runtime layout includes one.          | Not required for local work.                 |
+| `zcp` process           | Runs in Zerops.                                   | Runs on your machine.                        |
+| Agent process           | Runs in the remote workspace.                     | Runs in your local editor or CLI.            |
+| Files the agent edits   | Workspace files and mounted runtime files.        | Files on your machine.                       |
+| Private service access  | Private Zerops network from the workspace.        | Zerops VPN from your machine.                |
+| Token storage           | Injected into the workspace service.              | `.mcp.json` in the local app directory.      |
+| Git credentials         | Configured inside the workspace service.          | Your local git credentials.                  |
+| Safety posture          | Broad agent shell permissions stay in Zerops.     | Agent shell permissions affect your machine. |
+
+## Starting points
+
+Remote setup can start from:
+
+- **Recipe with AI Agent environment.** A guided path for a known stack. A recipe creates app services, managed services, and the `zcp@1` workspace together.
+- **New Zerops setup with remote setup enabled.** Start from blank services or a custom stack and add the `zcp@1` service during creation.
+- **Existing development or staging setup.** Add the `zcp` workspace next to services that already exist. Do not add ZCP to production; promote verified work through your release process instead.
+
+Local setup can start from:
+
+- **Empty local directory.** The agent creates the app structure from a product request and uses ZCP to select or create Zerops services.
+- **Existing app directory.** The app code, editor setup, local data, and git credentials already live on your machine.
+- **Recipe prepared for local setup.** The recipe creates the Zerops service baseline, while the agent and files stay local.
+
+## Runtime layout is separate
+
+Remote or local only answers where the agent and `zcp` process run. The project can still use:
+
+- one mutable dev runtime,
+- a dev + stage pair,
+- a single app runtime,
+- local files linked to a stage target.
+
+That choice belongs to app work: [Build and ship](/zcp/workflows/build-with-zcp#choose-the-runtime-layout).
+
+Stage is not production. Keep production in a separate Zerops project and promote work through your release process; see [Production boundary](/zcp/security/production-policy).
+
+## Switching later
+
+Remote and local setup are not permanent, but switching is a handoff between workspaces, not a sync operation. Before switching, make the handoff explicit:
+
+- Preserve the current source tree through git or another explicit copy path.
+- Choose one deploy source for the next task: the remote workspace, mounted runtime files, or the local app directory.
+- Do not edit mounted runtime files and a local repo in parallel unless you have a merge plan.
+- Regenerate local `.env` snapshots after Zerops env changes.
+- If the local deploy target changed, have the agent inspect the current local link before deploying.
+
+## Next steps
+
+- [What remote workspace gives you](/zcp/setup/hosted-workspace) - remote setup, Browser VS Code, bundled agent CLI, and workspace persistence.
+- [Run locally](/zcp/setup/local-agent-bridge) - local install, `zcp init`, `.mcp.json`, VPN, env snapshots, and deploy target linking.
+- [Trust model](/zcp/security/trust-model) - how the safety boundary changes between remote setup and local setup.
diff --git a/apps/docs/content/zcp/setup/hosted-workspace.mdx b/apps/docs/content/zcp/setup/hosted-workspace.mdx
new file mode 100644
index 000000000..e49473183
--- /dev/null
+++ b/apps/docs/content/zcp/setup/hosted-workspace.mdx
@@ -0,0 +1,121 @@
+---
+title: 'What remote workspace gives you'
+description: 'What the zcp@1 workspace provides: Claude Code, Browser VS Code, private networking, and ZCP access inside Zerops.'
+---
+
+A remote workspace puts the agent, terminal, and optional browser IDE inside Zerops, next to private networking and ZCP access.
+
+The `zcp@1` service runs the same `zcp` binary used by local setup, but broad shell permissions and private service access stay in a clean Zerops service instead of on your laptop.
+
+Use remote setup when you want the default workspace, a safer boundary for broad agent permissions, or a preconfigured environment with Claude Code and Browser VS Code.
+
+App code still deploys to your app runtime services. The `zcp` service is the workspace and control surface; it is not the application runtime.
+
+Taking over is straightforward in this setup. You open the same workspace, terminal, files, and workflow status the agent used, then continue, inspect, or stop the work from there.
+
+## What it includes
+
+- **`zcp@1` workspace service.** Runs ZCP inside Zerops and gives the agent project-scoped operations.
+- **Platform-injected `ZCP_API_KEY`.** Zerops injects the token into the workspace; you normally do not set it by hand.
+- **Bundled Claude Code when enabled.** The **Include Coding Agent** option installs and preconfigures Claude Code. You authenticate with your own Claude subscription login or API key.
+- **Browser VS Code when enabled.** The **Cloud IDE** option gives you a browser editor, terminal, and a place to supervise or take over the agent session.
+- **Private networking.** The workspace can reach managed services by hostname without laptop VPN.
+- **Open workspace model.** You can add other agent CLIs, private MCP servers, helper processes, dotfiles, package installs, or a derived team image.
+
+For the local alternative, see [Run locally](/zcp/setup/local-agent-bridge). For the tradeoffs, see [Remote or local setup](/zcp/setup/choose-workspace).
+
+## Choose a starting point
+
+### First-time trial
+
+Use the [Quickstart](/zcp/quickstart) when you want the guided recipe route. It covers the recipe catalog, **AI Agent** environment, Claude Code authentication, Browser VS Code, first product prompt, and proof.
+
+After provisioning, continue with a product prompt in [Build and ship](/zcp/workflows/build-with-zcp).
+
+### Recipe with AI Agent environment
+
+Use this when you want a guided stack baseline for development or staging. A recipe with an **AI Agent** environment creates app services, managed services, and the `zcp@1` workspace together.
+
+Keep **Coding Agent** enabled when you want bundled Claude Code. Keep **Cloud IDE** enabled when you want Browser VS Code.
+
+### New Zerops setup with remote setup enabled
+
+Use this when you want blank services or a custom stack.
+
+1. Open [Add new project](https://app.zerops.io/dashboard/project-add).
+2. Enter the project name, region, and tags.
+3. Enable the `zcp@1` remote setup service.
+4. Keep **Include Coding Agent** enabled if you want bundled Claude Code.
+5. Keep **Cloud IDE** enabled if you want browser VS Code.
+6. Create the project.
+
+This gives you the `zcp@1` workspace. App runtimes and managed services may still be created later by normal ZCP app work.
+
+### Existing development or staging setup
+
+Use this when runtime or managed services already exist in development or staging. Do not add `zcp` to production; promote verified work through your release process.
+
+Add a `zcp` service from the dashboard the same way you add another Zerops service. The workspace appears next to the existing services and receives ZCP access from the platform.
+
+The agent should still read current state before changing anything. Existing services are context, not instructions for the next task.
+
+## Open the workspace
+
+For a returning remote workspace, open the existing `zcp` service:
+
+1. Open the project in the [Zerops dashboard](https://app.zerops.io/).
+2. Open the `zcp` service.
+3. Use **Browser VS Code** when **Cloud IDE** is enabled.
+4. Complete the Claude Code login or API-token flow if prompted.
+
+After authentication, Claude Code is connected to ZCP and ready to work from the Browser VS Code terminal. If the workspace was already authorized, use the same route to resume, supervise, or take over work.
+
+First load can take a minute while the image, Cloud IDE, and bundled agent finish starting. If the page opens before the service is ready, wait until the service is running and reload.
+
+## Use your own editor or tools
+
+Browser VS Code is the quickest entry point, not the only one.
+
+Editors that support remote development can connect to the workspace or runtime services over SSH, depending on how your team wants to work. Common options include VS Code Remote SSH, JetBrains Gateway, Cursor, Zed, and plain SSH.
+
+This keeps the agent and private network inside Zerops while letting you use a desktop editor UI. Broader editor patterns live in [Local & Remote Development](/features/local-remote-development#native-ide-over-ssh).
+
+You can also install another agent CLI or additional MCP servers inside the `zcp` service. The bundled Claude Code flow is a convenience, not a closed product boundary.
+
+## Advanced customization guardrails
+
+Tools installed inside the `zcp` service may see workspace environment variables, private networking, and any runtime files mounted into the workspace. Use trusted and pinned tools. Keep model credentials, git delivery tokens, external API keys, and production credentials out of the workspace unless the current task explicitly needs them.
+
+## What belongs where
+
+| Concern              | Where it belongs                                                                                                            |
+| -------------------- | --------------------------------------------------------------------------------------------------------------------------- |
+| Agent workspace      | The `zcp@1` service: agent CLI, browser VS Code, shell tools, MCP servers, helper processes, dotfiles.                      |
+| App code deploys     | Your app runtime services; not the `zcp` workspace service.                                                                 |
+| `ZCP_API_KEY`        | Injected by Zerops into the `zcp` workspace.                                                                                |
+| Agent account        | Your Claude subscription login or model API credential. Zerops wires the agent to ZCP, but the agent account remains yours. |
+| Git credentials      | Configured inside the workspace when the agent should commit or push from remote setup.                                     |
+| Production release   | A separate production project and release process.                                                                          |
+
+## Runtime file access
+
+Remote setup can mount runtime service filesystems into the `zcp` workspace after the first setup pass. Each mounted runtime appears as its own folder. Editing a mounted file changes the file inside that runtime service, with no upload step from your laptop.
+
+Filesystem reach is narrower than network reach. The workspace can reach services over the private network, but it only sees runtime files mounted into it.
+
+## Make customization persistent
+
+The `zcp@1` service is a normal Zerops service. One-off shell installs disappear when the service is rebuilt unless you make them part of the service setup.
+
+Use these patterns:
+
+- **Small additions:** put package installs, dotfiles, or bootstrap scripts into service init commands.
+- **Team-standard workspace:** build a derived image based on `zcp@1` with required tools already present.
+- **Helper processes:** run private helpers next to the agent and editor workspace when your team needs internal integrations.
+
+Keep app runtime build steps with the runtime services. The remote workspace carries the agent, tools, and ZCP access; runtime services own app builds and deploys.
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) - normal app work after setup.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - how `ZCP_API_KEY`, git credentials, and CI secrets differ.
diff --git a/apps/docs/content/zcp/setup/local-agent-bridge.mdx b/apps/docs/content/zcp/setup/local-agent-bridge.mdx
new file mode 100644
index 000000000..80fc61f2d
--- /dev/null
+++ b/apps/docs/content/zcp/setup/local-agent-bridge.mdx
@@ -0,0 +1,175 @@
+---
+title: 'Run locally'
+description: 'Install the zcp binary, initialize a local app directory, add ZCP_API_KEY, and connect a local agent to Zerops.'
+---
+
+Local setup installs the `zcp` binary on your machine and runs it from the app directory where your agent works.
+
+Use it when the agent should work next to local files, local data, your desktop editor, terminal tools, and git credentials. The MCP server limits Zerops operations to one project, but the agent client runs as your local user, so local approvals and filesystem allowlists matter.
+
+[Remote setup](/zcp/setup/hosted-workspace) is the safer default when the agent does not need local files or tools. Use local setup when local control is the point.
+
+:::warning Public preview
+Local setup has more moving parts than remote setup and may change faster. The binary install path, `.mcp.json` shape, and files written by `zcp init` are still settling between releases.
+:::
+
+## Choose a local starting point
+
+Pick the folder that should own app work:
+
+- **Empty local directory.** Start with no app code yet. The agent can create the app structure and use the MCP tools to select or create Zerops services.
+- **Existing app directory.** Use this when app code, local data, editor setup, test fixtures, and git credentials already live on your machine.
+- **Recipe prepared for local setup.** Use a recipe to create the Zerops service baseline, then run the agent locally from the directory that should own source changes.
+
+After that choice, the mechanics are the same: install `zcp`, run `zcp init`, add `ZCP_API_KEY`, start VPN when private service access is needed, and link a runtime when the agent should deploy.
+
+## What local setup gives the agent
+
+- **Local files as source.** The agent edits the directory on your machine, and deploys use that working directory.
+- **Your editor and terminal.** Framework CLIs, test runners, local data, and local feedback stay under your normal tools.
+- **Your git credentials.** Pushes use your local git CLI, SSH agent, or credential helper.
+- **Zerops operations.** The MCP tools let the agent discover services, generate env snapshots, deploy to linked runtimes, read logs, and verify.
+- **Private service access through VPN.** Your local app and shell reach private service hostnames through `zcli vpn up`.
+
+Security note: local setup cannot protect your laptop from the agent client. Configure approvals as you would for any local coding agent.
+
+## Prerequisites
+
+- A Zerops project. Create one from the [Zerops dashboard](https://app.zerops.io/dashboard/project-add), from a [recipe](https://app.zerops.io/recipes), or use an existing development/staging setup.
+- [zCLI](/references/cli) installed and authenticated on your machine.
+- A compatible local agent client installed and logged in.
+- A **single-project Zerops token**. Multi-project tokens are refused at startup.
+- A local directory where the agent should run.
+
+You do not need MCP just to develop locally against Zerops services as a human. `zcli vpn up` plus your editor is enough. Add MCP when a local coding agent should also understand and operate Zerops.
+
+## 1. Get `ZCP_API_KEY`
+
+The MCP server needs a Zerops API token that reaches exactly one project. For normal agent work, use a full-access token; read-only tokens can authenticate but fail on deploys, env changes, lifecycle actions, and other mutations. Token generation, rejected shapes, and rotation are covered in [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## 2. Install `zcp`
+
+```bash
+curl -sSfL https://raw.githubusercontent.com/zeropsio/zcp/main/install.sh | sh
+```
+
+The installer downloads the latest release for your platform into `~/.local/bin`, or `/usr/local/bin` when run as root. Verify the install:
+
+```bash
+zcp version
+```
+
+If your shell cannot find `zcp`, add the install directory to `PATH` and reload the shell.
+
+## 3. Run `zcp init`
+
+From the local directory the agent should operate:
+
+```bash
+zcp init
+```
+
+`zcp init` writes local MCP config and agent instructions:
+
+- `.mcp.json` - MCP server config for this directory.
+- `CLAUDE.md` - agent instructions for Zerops work.
+- `.claude/settings.local.json` - Claude Code per-project settings when that client is used.
+- `~/.config/zerops/aliases` plus a shell-rc sourcing line - helper aliases for launching the agent here.
+- `.zcp/state/` - workflow state created when MCP first writes local state.
+
+Re-running `zcp init` may refresh generated config. `CLAUDE.md` preserves edits outside managed markers, but `.mcp.json` is regenerated from the token-less template. If you rerun it, re-check the `ZCP_API_KEY` block before launching the agent.
+
+## 4. Add `ZCP_API_KEY`
+
+`zcp init` writes a token-less `.mcp.json`. Add the project token under the `env` block:
+
+```json
+{
+  "mcpServers": {
+    "zerops": {
+      "command": "zcp",
+      "args": ["serve"],
+      "env": {
+        "ZCP_API_KEY": "<your-single-project-token>"
+      }
+    }
+  }
+}
+```
+
+Add `.mcp.json` to `.gitignore`. It contains a live Zerops credential and should not leave the machine. Each app directory should have its own `.mcp.json` and token.
+
+The server name `zerops` is intentional. Do not rename it unless your agent client requires a different name and you understand the prompt/instruction changes.
+
+## 5. Launch the agent from the app directory
+
+Start the agent from the directory that contains `.mcp.json`. The client should list `zerops` as an available MCP server.
+
+Sanity check:
+
+```text
+List the Zerops services through MCP.
+```
+
+A working connection answers with the runtime and managed services. If not, check the launch directory, token scope, and whether the client loaded `.mcp.json`.
+
+## 6. Bring up VPN when private services are needed
+
+The MCP server can talk to the Zerops API without VPN. Your local app, shell, tests, database clients, and framework commands need VPN to reach private hostnames such as `db` or `cache`.
+
+```bash
+zcli vpn up <project-id>
+```
+
+VPN setup needs admin or root approval on macOS and Linux. The tools can tell the agent which command is needed, but they cannot approve or start it for you. After the tunnel is up, service hostnames resolve from your machine; rerun the command when local service connections fail.
+
+## 7. Generate local env when needed
+
+When the local app needs service credentials, ask the agent for the app work and let the tools generate the env bridge. For a standalone check:
+
+```text
+Generate a .env file for my local app from Zerops env references.
+```
+
+Env generation needs `zerops.yaml` in the working directory, the runtime or setup the local app should use, a matching `setup:` entry, and non-empty `run.envVariables` under that setup.
+
+The tools read `run.envVariables`, resolve Zerops references such as `${db_user}`, `${db_password}`, and `${db_hostname}`, and write the resulting values into `.env`. Cross-service references resolve recursively, so a `DATABASE_URL` can land as a complete local connection string.
+
+If those inputs are missing, the agent should fix `zerops.yaml` or ask for the target runtime/setup. It should not invent env values from service names or dashboard memory.
+
+The file is a snapshot, not a live sync. Regenerate it after changing env variables in Zerops. VPN is still required for your local app to use private service hostnames from that `.env`.
+
+Keep `.env` out of git. It contains real connection values.
+
+## 8. Link a deploy target
+
+Local setup needs a Zerops runtime when the agent should deploy from your working directory. A stage runtime is the usual target because it lets local work prove itself before the production release.
+
+If there is exactly one runtime, the agent can use it automatically. If multiple runtimes exist, it should ask which one to link:
+
+```text
+Link this local directory to appstage for deploys.
+```
+
+Without a linked runtime, the tools can still inspect services and generate env snapshots, but local deploys need a target first.
+
+## What stays outside
+
+MCP does not replace your local feedback loop. Vite, Valet, Docker Compose, your IDE runner, framework CLIs, local fixtures, and test data stay under your normal tooling.
+
+Local setup does not mount Zerops runtime filesystems on your laptop. Remote setup can mount runtime files into the workspace; local setup works from files on your machine. To inspect runtime files from your machine, use [SSH](/references/networking/ssh) directly.
+
+The MCP server does not own your git credentials. In local setup, your local git CLI, SSH agent, or credential helper handles pushes.
+
+## Local setup checks
+
+- **Launch directory matters.** Start the agent from the folder that contains `.mcp.json`.
+- **`zcp init` can remove the token from `.mcp.json`.** Re-add `ZCP_API_KEY` after rerunning init.
+- **VPN is separate from MCP auth.** MCP may work while your app still cannot reach `db`.
+- **`.env` generation depends on `run.envVariables`.** If generation fails, check that the working directory has `zerops.yaml`, the selected `setup:` exists, and env entries live under `run.envVariables`.
+- **`.env` is a credential snapshot.** Regenerate after env changes and keep it out of git.
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) - normal app work after setup.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, rotation, and destructive confirmations.
diff --git a/apps/docs/content/zcp/workflows/build-with-zcp.mdx b/apps/docs/content/zcp/workflows/build-with-zcp.mdx
new file mode 100644
index 000000000..2457ea76f
--- /dev/null
+++ b/apps/docs/content/zcp/workflows/build-with-zcp.mdx
@@ -0,0 +1,138 @@
+---
+title: 'Build and ship'
+description: 'The practical choices you control when a coding agent works on a Zerops project.'
+---
+
+Use Build and ship for the decisions that shape normal app work. ZCP MCP gives the agent Zerops project state, platform guidance, project-scoped operations, deploy evidence, and recovery rules. You still decide what should be built, where it should run, how strict the acceptance criteria are, and what happens after proof.
+
+```text
+Build a task board.
+Tasks should stay saved after refresh.
+```
+
+A prompt can be that short when the outcome is enough. Add detail when it changes behavior, architecture, stack, runtime layout, acceptance criteria, credentials, delivery, packaging, or the production release.
+
+The expected output is a verified running change, not only generated files. The agent should prove the request against a real runtime, real managed services when used, and the logs, events, and checks that explain what happened.
+
+## The decisions
+
+<div className="zcp-lifecycle-diagram">
+  <div className="zcp-lifecycle-prompt">
+    <span>Product prompt</span>
+    <code>Build a task board...</code>
+  </div>
+  <div className="zcp-lifecycle-down" aria-hidden="true" />
+  <div className="zcp-lifecycle-flow">
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--infra">
+      <h3>1. Runtime layout</h3>
+      <p>Choose where app work should land.</p>
+      <ul>
+        <li>Use existing services</li>
+        <li>Create missing services</li>
+        <li>Pick dev, stage, or linked target</li>
+      </ul>
+    </section>
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--dev">
+      <h3>2. Development</h3>
+      <p>The agent gets current state, Zerops knowledge, deploy evidence, and your product instructions.</p>
+    </section>
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--delivery">
+      <h3>3. After proof</h3>
+      <p>Decide what happens to verified work.</p>
+      <ul>
+        <li>Direct deploy, git, or CI</li>
+        <li>Optional package bundle</li>
+        <li>Production release</li>
+      </ul>
+    </section>
+  </div>
+</div>
+
+You do not run these steps by hand. They are the parts where your intent changes what the agent should do. If you do not specify a choice, the agent should infer from current project state and ask only when the decision changes cost, credentials, runtime layout, delivery, production risk, or destructive behavior.
+
+## 1. Choose the runtime layout {#choose-the-runtime-layout}
+
+When the app runtime and dependencies are unclear, the workflow prepares the layout before feature work starts. It reads current state, uses existing services when they fit, creates missing runtimes or managed services when needed, and stops when the agent knows where app code belongs.
+
+The main user-facing choice is runtime layout. Let the agent infer it from the project, or name it in the prompt when it matters.
+
+| Runtime layout            | Use when                                                                                  | What to tell the agent                                  |
+| ------------------------- | ----------------------------------------------------------------------------------------- | ------------------------------------------------------- |
+| **Dev**                   | You want one mutable runtime for fast iteration, experiments, or early app work.          | `Build a small Node.js API on dev.`                     |
+| **Dev + stage**           | You want a development runtime plus a separate runtime for review or release rehearsal.  | `Build a Node.js API with PostgreSQL on dev+stage.`     |
+| **Stage / linked target** | You work from local files or a single target runtime and want the workflow to use that target. | `Use appstage as the deploy target for this local app.` |
+
+The layout is about app runtimes, not where the `zcp` binary runs. Remote setup can use any of these layouts from the `zcp@1` workspace. Local setup usually works from local files into a linked stage or app runtime.
+
+Managed services such as PostgreSQL, Valkey, queues, search, storage, or mail are dependencies. The agent gets their state and wiring patterns, but app code deploys to runtime services.
+
+## 2. Development {#develop-with-live-project-context}
+
+Development is still a normal coding conversation with the agent. You describe the product behavior, stack constraints, acceptance criteria, and anything the agent must not guess.
+
+MCP adds the Zerops side of that conversation: current project state, platform knowledge, project-scoped operations, deploy/log evidence, verification checks, recovery rules, and saved work state. Because of that, you usually do not paste service inventory, env wiring, deploy logs, or a "deploy and verify" checklist into the prompt.
+
+The useful things to name are:
+
+- the behavior you want and how it should be verified,
+- stack, framework, managed-service, or runtime target preferences,
+- whether the agent should inspect or continue existing work first,
+- approval boundaries for cost, credentials, data, production, or destructive actions.
+
+Expect the agent to ask when one of those choices is missing. Otherwise, it should use project context while it works and finish with proof or a blocker.
+
+## 3. Choose delivery after proof {#choose-delivery-after-proof}
+
+Delivery preference is how app work closes after there is a verified result. Include it in the original prompt or set it later.
+
+The first functional deploy is still direct so the agent can prove the app runs. Delivery preference decides what happens after that proof and how later sessions should finish similar work.
+
+| Delivery preference    | What it means                                                                                      | What to tell the agent                                                      |
+| ---------------------- | -------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- |
+| **Keep direct deploy** | The agent keeps deploying directly to the target runtime for fast dev/stage iteration.             | `Keep direct deploy for now.`                                               |
+| **Push to git**        | The agent commits and pushes working changes to the configured repository.                         | `When the app works, push changes to git@github.com:my-org/task-board.git.` |
+| **CI / handoff**       | A repository integration, GitHub Actions workflow, release process, or human owns the next deploy. | `Set up GitHub Actions delivery for future deploys after the app works.`    |
+
+The workflow records the delivery choice so later work can follow it. Git credentials, CI secrets, and production credentials are separate from `ZCP_API_KEY`; see [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## 4. Package a verified runtime {#package-a-verified-runtime}
+
+After a runtime is verified, you can ask the agent to prepare it as a re-importable Zerops project bundle. Use this when the app should become a reusable starter, customer handoff, demo project, or clean staging project.
+
+The prompt can be one sentence:
+
+```text
+Package appstage as a buildFromGit import bundle, commit it, and push it to git so I can import it into a fresh Zerops project.
+```
+
+The export workflow prepares `zerops-project-import.yaml` and `zerops.yaml` in the same git repo as the app. The import file contains one runtime with `buildFromGit:` pointing back to that repo, plus managed services needed for Zerops env references to resolve when the bundle is imported into a fresh project.
+
+The agent may still ask which runtime to package, which half of a dev+stage pair to use, how to classify project env vars, or how to configure git push. Once pushed, the target project can import the bundle from the dashboard or with `zcli project project-import zerops-project-import.yaml`.
+
+Packaging is not the next deploy of the same app. For the next app change, keep using the normal build/deploy/verify loop. Use packaging when the output you want is a git-backed import bundle; see [Package a running service](/zcp/workflows/package-running-service).
+
+## 5. Prepare the production release {#prepare-production-release}
+
+The production release is where authority changes. The agent prepares verified work and release evidence; production execution belongs to Zerops project settings, CI, release tooling, or a deliberate human action with production credentials.
+
+The useful split is:
+
+| Job | How often | What happens |
+| --- | --- | --- |
+| **Production infrastructure** | Once per production project | Export the verified project as YAML in the GUI, edit it for production, then import it as a new project. |
+| **Production deploy trigger** | Once per production runtime | Connect the production runtime to git, usually with a tag trigger. |
+| **Production release** | Every release | Verify in dev/stage, push source to git, then trigger production through your tag or release process. |
+
+Production should be a separate Zerops project without a `zcp` service. Production credentials are not `ZCP_API_KEY`; keep them in CI or release tooling. For the full release guide, see [Promote to production](/zcp/workflows/promote-to-production).
+
+## What the final answer should contain
+
+For a completed app task, the agent should report:
+
+- the runtime service it changed,
+- the deploy or verification target,
+- the URL, endpoint, UI state, job result, or stored data that proves the requested behavior,
+- managed services, env vars, or delivery settings it touched,
+- the delivery preference, packaging output, or production release state that now applies.
+
+If the task is incomplete, the final answer should name the blocker, the evidence read, what was tried, and the decision or credential needed from you.
diff --git a/apps/docs/content/zcp/workflows/package-running-service.mdx b/apps/docs/content/zcp/workflows/package-running-service.mdx
new file mode 100644
index 000000000..f3af93bc0
--- /dev/null
+++ b/apps/docs/content/zcp/workflows/package-running-service.mdx
@@ -0,0 +1,81 @@
+---
+title: 'Package a running service'
+description: 'Turn a running Zerops service into a re-importable bundle.'
+---
+
+Use packaging when a verified runtime should become a re-importable Zerops bundle. It is a handoff or reuse task after the app already works, not the normal way to deploy the next change.
+
+You can ask for it directly:
+
+```text
+Package appstage as a buildFromGit import bundle.
+Commit it and push it to git.
+```
+
+The result is a single git repo that contains the app source, [`zerops.yaml`](/zerops-yaml/specification), and a project [import file](/references/import) named `zerops-project-import.yaml`. The import file uses `buildFromGit:` so a fresh Zerops project can rebuild the app from the repo instead of carrying source code inside YAML.
+
+Packaging starts from a deployed Zerops runtime. If important source changes exist only on your laptop, deploy or push them first so the runtime and git repo match what you want to package.
+
+## When to package
+
+Package a runtime when you need:
+
+- a running runtime and its managed dependencies reproduced in another Zerops project,
+- a reusable starter, demo, handoff, customer project, or clean staging baseline,
+- a repo commit that carries the Zerops import shape next to the app source,
+- the destination project to build from git.
+
+Do not use packaging for:
+
+- the next app deploy; use the normal build, deploy, and verify loop,
+- the production release; production needs its own infrastructure, credentials, domains, and release trigger,
+- moving managed-service data; backups and restores are separate.
+
+For production setup, follow [Promote to production](/zcp/workflows/promote-to-production). Packaging can help create a reusable app bundle, but it does not decide production infrastructure or release policy.
+
+## What the agent prepares
+
+The agent packages **one** runtime. If the project has dev and stage runtimes, it asks which one to use because they can have different env values, start commands, or `setup:` blocks.
+
+Managed services come along as dependencies when the runtime's `zerops.yaml` needs their env references. You do not pick databases, caches, queues, or search services one by one.
+
+The workflow then prepares:
+
+- `zerops-project-import.yaml` - the project and service shape for the destination project,
+- `zerops.yaml` - the runtime build and run configuration,
+- a git commit and push when git delivery is configured or explicitly requested.
+
+If the runtime has no usable `zerops.yaml` or git remote, the agent has to fix that first. A bundle is only useful when the destination project can pull source and build it from git.
+
+## Env vars need review
+
+Project env vars are the main place where the agent may ask you to decide. Each value gets one bucket:
+
+| Bucket | Use for | Bundle result |
+| --- | --- | --- |
+| `infrastructure` | Values derived from managed services, such as database or cache references. | Omitted from project envs; the new managed service provides fresh values. |
+| `auto-secret` | App-owned signing or encryption keys that can be regenerated. | Fresh generated secret on import. |
+| `external-secret` | Third-party credentials such as Stripe, OpenAI, Mailgun, or GitHub. | `REPLACE_ME` placeholder. |
+| `plain-config` | Literal non-secret config such as log level, feature flags, or public app settings. | Copied as-is. |
+
+Do not treat this as a key-name guessing game. The agent should inspect source code and ask when classification changes behavior. For example, regenerating a Laravel `APP_KEY`, Django `SECRET_KEY`, or session secret can break existing encrypted state. If state continuity matters, carry the existing value instead of generating a new one.
+
+## What is not included
+
+| Not included | What to do instead |
+| --- | --- |
+| Managed-service data | Restore from [Backup](/features/backup) or another migration path. |
+| Real third-party secrets | Fill placeholders in the destination project before deploying. |
+| Production domains, scaling, backups, and release triggers | Configure them in the destination project. |
+| A repeatable production release process | Use your CI or release workflow; see [Promote to production](/zcp/workflows/promote-to-production). |
+
+## Use the bundle
+
+After the bundle is pushed, import `zerops-project-import.yaml` in the destination project through the dashboard or with `zcli project project-import zerops-project-import.yaml`.
+
+Before opening the new project to users:
+
+- fill `REPLACE_ME` values,
+- restore or seed data when needed,
+- review service scaling and public access,
+- run a normal deploy and verification pass in the destination project.
diff --git a/apps/docs/content/zcp/workflows/promote-to-production.mdx b/apps/docs/content/zcp/workflows/promote-to-production.mdx
new file mode 100644
index 000000000..74aeb15b4
--- /dev/null
+++ b/apps/docs/content/zcp/workflows/promote-to-production.mdx
@@ -0,0 +1,131 @@
+---
+title: 'Promote to production'
+description: 'Move verified dev or stage work into a production Zerops project without putting the zcp service in production.'
+---
+
+import Icons from '@theme/Icon';
+
+Use this after the agent has proved work in development or stage. The production release is the point where authority changes: the agent can prepare proof, source changes, and setup notes, but production execution belongs to Zerops project settings, CI, release tooling, or a deliberate human action with production credentials.
+
+Production should be a separate Zerops project without a `zcp` service. That keeps the development agent out of the production blast radius while still letting verified work reach production.
+
+## The simple production path
+
+There are three different jobs. Two are setup work; one is the repeatable release operation.
+
+| Job | How often | Simplest path |
+| --- | --- | --- |
+| **Create production infrastructure** | Once per production project | Export the verified Zerops project as YAML in the GUI, edit it for production, then import it as a new project. |
+| **Connect the production deploy trigger** | Once per production runtime | In the production project, connect the git repository in the Zerops GUI and trigger builds from release tags. |
+| **Release an app change** | Every release | Verify in dev/stage, push source to git, then create the release tag or use your team's release process. |
+
+This page uses the GUI path because it is the clearest path available today. More customized teams can replace the GUI trigger with GitHub Actions or another CI system later.
+
+## 1. Create production infrastructure
+
+Do this once when you need a production project for a verified app.
+
+1. Open the development or staging project that contains the verified runtime.
+2. Use **Export project as yaml**.
+3. Edit the exported YAML for production.
+4. Import the edited YAML as a new Zerops project.
+
+Before import, review the YAML as production infrastructure, not as a blind copy of the development project:
+
+- remove the `zcp` service,
+- remove dev-only runtimes and tools such as Mailpit or Adminer,
+- keep the runtime and managed services that production actually needs,
+- choose production `mode` values before creation, especially `HA` for databases that need it,
+- set production `minContainers`, autoscaling, and core package,
+- replace development secrets with production secrets or placeholders,
+- plan managed-service data restore or migrations,
+- configure production domains, DNS, public access, SMTP, object storage, backups, queues, search, and cache as needed.
+
+Before opening production traffic, get familiar with the deeper Zerops production surface: service modes, scaling, deploy pipeline, health checks, backups, public access, and domains. If the app should use a real domain, follow [Public Access Configuration](/references/networking/public-access).
+
+Project export/import creates the production infrastructure. Do not rely on it as the code delivery mechanism. The app source should be in git, and the first production code deploy should come through the production deploy trigger.
+
+## 2. Connect the production deploy trigger
+
+Do this once for each production runtime that should build from git.
+
+The simplest path is the Zerops GitHub or GitLab integration in the production project:
+
+1. Open the production runtime service.
+2. Connect the git repository.
+3. Choose **New tag** as the production trigger.
+4. Add a tag filter if your team uses one, for example `v*`.
+5. Keep production env vars and secrets in the production Zerops project.
+
+For stage, a branch trigger can be convenient. For production, a tag trigger is easier to reason about: a normal source push can update stage, while a deliberate release tag updates production.
+
+If your team needs approvals, custom tests, generated artifacts, or stricter audit, use GitHub Actions or another CI system instead. In that setup, store a production-scoped `ZEROPS_TOKEN` in the CI secret store and run the production deploy from CI.
+
+## 3. Release an app change
+
+This is the repeatable operation after production infrastructure and the deploy trigger exist. The exact release command is yours: define it in your repository instructions, agent skill, CI guide, or team release checklist.
+
+For example, if production deploys from release tags, the user instruction can be as direct as:
+
+```text
+Create the release tag for production and push it to git.
+```
+
+Use the wording that matches your CI/CD. The release step can be a manual CLI action, a `git push`, a tag push, a pull request, a protected branch merge, or a CI job. That part is your team preference and production setup, not a rule from these docs.
+
+The important rule is that the agent should name what it pushed and whether that push triggers stage, production, both, or neither. If production release requires a tag, the final answer should say the tag name or the exact tag command.
+
+## What not to carry into production
+
+Do not copy these from the development project into production:
+
+- the `zcp` service,
+- development `ZCP_API_KEY`,
+- local `.mcp.json`,
+- development secrets,
+- test data unless it is intentionally migrated,
+- dev-only utilities such as Mailpit or Adminer,
+- `.zerops.app` preview routing as the final public entry point.
+
+Use production-specific domains, secrets, backup policy, scaling, and release credentials.
+
+## What the agent should hand you
+
+A useful release handoff from the agent contains:
+
+- runtime and project where the change was verified,
+- URL, endpoint, UI state, job result, or stored data that proves the requested behavior,
+- commit, branch, PR, or suggested release tag,
+- whether the git push triggers stage, production, both, or neither,
+- services to keep, remove, or change before importing production infrastructure,
+- env vars, managed services, migrations, or delivery settings touched,
+- external secrets still needed,
+- managed-service data that must be restored or migrated,
+- production blockers that need a human decision.
+
+If the answer only says that files were changed, the release handoff is incomplete. Ask for the verification evidence and the exact release artifact.
+
+Production hardening belongs in your team's production checklist. This page only defines the handoff from verified dev or stage work into production authority.
+
+## Related production references
+
+<DocCardList items={[
+  {
+    type: 'link',
+    href: '/zcp/security/production-policy',
+    label: 'Production boundary',
+    customProps: { icon: Icons['firewall'], description: 'Why production stays outside the agent loop.' },
+  },
+  {
+    type: 'link',
+    href: '/references/import',
+    label: 'Import & Export YAML Configuration',
+    customProps: { icon: Icons['document-text'], description: 'Project export and import reference.' },
+  },
+  {
+    type: 'link',
+    href: '/references/networking/public-access',
+    label: 'Public Access Configuration',
+    customProps: { icon: Icons['globe-europe'], description: 'Custom domains, DNS, SSL, and production public access.' },
+  },
+]} />
diff --git a/apps/docs/docusaurus.config.js b/apps/docs/docusaurus.config.js
index d7f27217a..293aee9d9 100644
--- a/apps/docs/docusaurus.config.js
+++ b/apps/docs/docusaurus.config.js
@@ -17,6 +17,18 @@ const config = {
   favicon: "favicon.ico",
   organizationName: "zerops",
   projectName: "zerops/docs",
+  headTags: [
+    {
+      tagName: "link",
+      attributes: {
+        rel: "preload",
+        href: "/fonts/JetBrainsMono-Regular.woff2",
+        as: "font",
+        type: "font/woff2",
+        crossorigin: "anonymous",
+      },
+    },
+  ],
   plugins: [
     './src/plugins/markdown-source',
     require.resolve("docusaurus-plugin-image-zoom"),
@@ -57,6 +69,9 @@ const config = {
     },
   ],
   themes: ["@docusaurus/theme-mermaid"],
+  markdown: {
+    mermaid: true,
+  },
   themeConfig: {
     mermaid: {
       theme: {
diff --git a/apps/docs/package.json b/apps/docs/package.json
index c64f10988..6863e4e89 100644
--- a/apps/docs/package.json
+++ b/apps/docs/package.json
@@ -16,7 +16,8 @@
     "write-heading-ids": "docusaurus write-heading-ids",
     "lint": "eslint --ext .js,.jsx,.ts,.tsx . --fix",
     "lint:content": "eslint --no-eslintrc -c .content.eslintrc.js content --fix",
-    "diagram2code:generate": "docusaurus diagram2code:generate"
+    "diagram2code:generate": "docusaurus diagram2code:generate",
+    "test": "node --test src/plugins/markdown-source/__tests__/*.test.js"
   },
   "dependencies": {
     "@babel/preset-react": "^7.18.6",
diff --git a/apps/docs/sidebars.js b/apps/docs/sidebars.js
index 1cf814036..a95176616 100644
--- a/apps/docs/sidebars.js
+++ b/apps/docs/sidebars.js
@@ -56,6 +56,15 @@ module.exports = {
         },
       ],
     },
+    {
+      type: 'doc',
+      id: 'features/coding-agents',
+      label: 'Infrastructure for Coding Agents',
+      customProps: {
+        sidebar_icon: 'sparkles',
+      },
+      className: 'homepage-sidebar-item',
+    },
     {
       type: 'category',
       link: {
@@ -104,6 +113,15 @@ module.exports = {
       },
       className: 'homepage-sidebar-item',
     },
+    {
+      type: 'doc',
+      id: 'features/local-remote-development',
+      label: 'Local & Remote Development',
+      customProps: {
+        sidebar_icon: 'computer-desktop',
+      },
+      className: 'homepage-sidebar-item',
+    },
     {
       type: 'doc',
       id: 'features/rbac',
@@ -140,23 +158,23 @@ module.exports = {
       },
       className: 'homepage-sidebar-item',
     },
-//    {
-//      type: 'html',
-//      value: 'Perfectly suited for',
-//      customProps: {
-//        sidebar_is_group_divider: true,
-//      },
-//      className: 'homepage-sidebar-item',
-//    },
-//    {
-//      type: 'ref',
-//      id: 'frameworks/laravel',
-//      label: 'Laravel',
-//      customProps: {
-//        sidebar_icon: 'laravel',
-//      },
-//      className: 'homepage-sidebar-item  service-sidebar-item',
-//    },
+    //    {
+    //      type: 'html',
+    //      value: 'Perfectly suited for',
+    //      customProps: {
+    //        sidebar_is_group_divider: true,
+    //      },
+    //      className: 'homepage-sidebar-item',
+    //    },
+    //    {
+    //      type: 'ref',
+    //      id: 'frameworks/laravel',
+    //      label: 'Laravel',
+    //      customProps: {
+    //        sidebar_icon: 'laravel',
+    //      },
+    //      className: 'homepage-sidebar-item  service-sidebar-item',
+    //    },
     {
       type: 'html',
       value: 'All Supported Services',
@@ -290,7 +308,6 @@ module.exports = {
           },
           className: 'homepage-sidebar-item  service-sidebar-item',
         },
-
       ],
     },
     {
@@ -357,76 +374,76 @@ module.exports = {
           className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
-          type: "ref",
-          id: "valkey/overview",
-          label: "Valkey (Redis)",
+          type: 'ref',
+          id: 'valkey/overview',
+          label: 'Valkey (Redis)',
           customProps: {
-            sidebar_icon: "valkey",
+            sidebar_icon: 'valkey',
           },
-          className: "homepage-sidebar-item  service-sidebar-item",
+          className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
-          type: "ref",
-          id: "elasticsearch/overview",
-          label: "Elasticsearch",
+          type: 'ref',
+          id: 'elasticsearch/overview',
+          label: 'Elasticsearch',
           customProps: {
-            sidebar_icon: "elasticsearch",
+            sidebar_icon: 'elasticsearch',
           },
-          className: "homepage-sidebar-item  service-sidebar-item",
+          className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
-          type: "ref",
-          id: "typesense/overview",
-          label: "Typesense",
+          type: 'ref',
+          id: 'typesense/overview',
+          label: 'Typesense',
           customProps: {
-            sidebar_icon: "typesense",
+            sidebar_icon: 'typesense',
           },
-          className: "homepage-sidebar-item  service-sidebar-item",
+          className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
-          type: "ref",
-          id: "meilisearch/overview",
-          label: "Meilisearch",
+          type: 'ref',
+          id: 'meilisearch/overview',
+          label: 'Meilisearch',
           customProps: {
-            sidebar_icon: "meilisearch",
+            sidebar_icon: 'meilisearch',
           },
-          className: "homepage-sidebar-item  service-sidebar-item",
+          className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
-          type: "ref",
-          id: "qdrant/overview",
-          label: "Qdrant",
+          type: 'ref',
+          id: 'qdrant/overview',
+          label: 'Qdrant',
           customProps: {
-            sidebar_icon: "qdrant",
+            sidebar_icon: 'qdrant',
           },
-          className: "homepage-sidebar-item  service-sidebar-item",
+          className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
-          type: "ref",
-          id: "nats/overview",
-          label: "NATS",
+          type: 'ref',
+          id: 'nats/overview',
+          label: 'NATS',
           customProps: {
-            sidebar_icon: "nats",
+            sidebar_icon: 'nats',
           },
-          className: "homepage-sidebar-item  service-sidebar-item",
+          className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
-          type: "ref",
-          id: "kafka/overview",
-          label: "Kafka",
+          type: 'ref',
+          id: 'kafka/overview',
+          label: 'Kafka',
           customProps: {
-            sidebar_icon: "kafka",
+            sidebar_icon: 'kafka',
           },
-          className: "homepage-sidebar-item  service-sidebar-item",
+          className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
-          type: "ref",
-          id: "clickhouse/overview",
-          label: "Clickhouse",
+          type: 'ref',
+          id: 'clickhouse/overview',
+          label: 'Clickhouse',
           customProps: {
-            sidebar_icon: "clickhouse",
+            sidebar_icon: 'clickhouse',
           },
-          className: "homepage-sidebar-item  service-sidebar-item",
+          className: 'homepage-sidebar-item  service-sidebar-item',
         },
         {
           type: 'ref',
@@ -557,7 +574,150 @@ module.exports = {
           },
           className: 'homepage-sidebar-item',
         },
-      ]
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Zerops Control Plane MCP',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'zcp/overview',
+          label: 'Overview',
+          customProps: {
+            sidebar_icon: 'sparkles',
+          },
+          className: 'homepage-sidebar-item',
+        },
+        {
+          type: 'doc',
+          id: 'zcp/quickstart',
+          label: 'Quickstart',
+          customProps: {
+            sidebar_icon: 'rocket-launch',
+          },
+          className: 'homepage-sidebar-item',
+        },
+        {
+          type: 'doc',
+          id: 'zcp/concept/how-it-works',
+          label: 'How it works',
+          customProps: {
+            sidebar_icon: 'cog-six-tooth',
+          },
+          className: 'homepage-sidebar-item',
+        },
+        {
+          type: 'category',
+          label: 'Remote or local setup',
+          link: {
+            type: 'doc',
+            id: 'zcp/setup/choose-workspace',
+          },
+          customProps: {
+            sidebar_icon: 'computer-desktop',
+          },
+          className: 'homepage-sidebar-item',
+          items: [
+            {
+              type: 'doc',
+              id: 'zcp/setup/hosted-workspace',
+              label: 'What remote workspace gives you',
+            },
+            {
+              type: 'doc',
+              id: 'zcp/setup/local-agent-bridge',
+              label: 'Run locally',
+            },
+          ],
+        },
+        {
+          type: 'category',
+          label: 'Build and ship',
+          link: {
+            type: 'doc',
+            id: 'zcp/workflows/build-with-zcp',
+          },
+          customProps: {
+            sidebar_icon: 'circle-stack',
+          },
+          className: 'homepage-sidebar-item',
+          items: [
+            {
+              type: 'doc',
+              id: 'zcp/workflows/package-running-service',
+              label: 'Package a running service',
+            },
+            {
+              type: 'doc',
+              id: 'zcp/workflows/promote-to-production',
+              label: 'Promote to production',
+            },
+          ],
+        },
+        {
+          type: 'category',
+          label: 'Security',
+          link: {
+            type: 'doc',
+            id: 'zcp/security/trust-model',
+          },
+          customProps: {
+            sidebar_icon: 'users',
+          },
+          className: 'homepage-sidebar-item',
+          items: [
+            {
+              type: 'doc',
+              id: 'zcp/security/tokens-and-project-access',
+              label: 'Tokens and credentials',
+            },
+            {
+              type: 'doc',
+              id: 'zcp/security/production-policy',
+              label: 'Production boundary',
+            },
+          ],
+        },
+        {
+          type: 'category',
+          label: 'Reference',
+          link: {
+            type: 'doc',
+            id: 'zcp/reference/index',
+          },
+          customProps: {
+            sidebar_icon: 'command-line',
+          },
+          className: 'homepage-sidebar-item',
+          items: [
+            {
+              type: 'doc',
+              id: 'zcp/reference/agent-workflow',
+              label: 'Workflows in depth',
+            },
+            {
+              type: 'doc',
+              id: 'zcp/reference/mcp-operations',
+              label: 'MCP tools',
+            },
+            {
+              type: 'doc',
+              id: 'zcp/reference/troubleshooting',
+              label: 'Troubleshooting',
+            },
+            {
+              type: 'doc',
+              id: 'zcp/glossary',
+              label: 'Glossary',
+            },
+          ],
+        },
+      ],
     },
     {
       type: 'category',
@@ -648,7 +808,7 @@ module.exports = {
           },
           className: 'homepage-sidebar-item',
         },
-      ]
+      ],
     },
     {
       type: 'category',
@@ -724,7 +884,7 @@ module.exports = {
           },
           className: 'homepage-sidebar-item',
         },
-      ]
+      ],
     },
     {
       type: 'category',
@@ -761,7 +921,7 @@ module.exports = {
           },
           className: 'homepage-sidebar-item',
         },
-      ]
+      ],
     },
     {
       type: 'html',
@@ -962,15 +1122,15 @@ module.exports = {
         },
       ],
     },
-      {
-        type: 'doc',
-        id: 'nodejs/faq',
-        label: 'FAQ',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'chat-bubble-left-right',
-        },
+    {
+      type: 'doc',
+      id: 'nodejs/faq',
+      label: 'FAQ',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'chat-bubble-left-right',
       },
+    },
   ],
   php: [
     {
@@ -1228,640 +1388,256 @@ module.exports = {
     },
   ],
   go: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
-        },
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
       },
-      {
-        type: 'doc',
-        id: 'go/overview',
-        label: 'Go',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'go',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'go/how-to/create',
-            label: 'Create Go service',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/upgrade',
-            label: 'Upgrade Go service',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/controls',
-            label: 'Stop, start & delete Go runtime service',
-          },
-        ],
+    },
+    {
+      type: 'doc',
+      id: 'go/overview',
+      label: 'Go',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'go',
       },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'go/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/customize-runtime',
-            label: 'Customize Go runtime',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/scaling',
-            label: 'Scale Go runtime service',
-          },
-        ],
+    },
+    {
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+      items: [
+        {
+          type: 'doc',
+          id: 'go/how-to/create',
+          label: 'Create Go service',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'go/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/build-process',
-            label: 'Build process',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'go/how-to/upgrade',
+          label: 'Upgrade Go service',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'go/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'go/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
-      },
-    ],
-  rust: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
+        {
+          type: 'doc',
+          id: 'go/how-to/controls',
+          label: 'Stop, start & delete Go runtime service',
         },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-      {
-        type: 'doc',
-        id: 'rust/overview',
-        label: 'Rust',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'rust',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'rust/how-to/create',
-            label: 'Create Rust service',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/upgrade',
-            label: 'Upgrade Rust service',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/controls',
-            label: 'Stop, start & delete Rust runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+      items: [
+        {
+          type: 'doc',
+          id: 'go/how-to/env-variables',
+          label: 'Manage environment variables',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'rust/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/customize-runtime',
-            label: 'Customize Rust runtime',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/scaling',
-            label: 'Scale Rust runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'go/how-to/customize-runtime',
+          label: 'Customize Go runtime',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'rust/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/build-process',
-            label: 'Build process',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'go/how-to/scaling',
+          label: 'Scale Go runtime service',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'rust/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'rust/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-    ],
-    dotnet: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
+      items: [
+        {
+          type: 'doc',
+          id: 'go/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
         },
-      },
-      {
-        type: 'doc',
-        id: 'dotnet/overview',
-        label: '.NET',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'dotnet',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/create',
-            label: 'Create .NET service',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/upgrade',
-            label: 'Upgrade .NET service',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/controls',
-            label: 'Stop, start & delete .NET runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'go/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/customize-runtime',
-            label: 'Customize .NET runtime',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/scaling',
-            label: 'Scale .NET runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'go/how-to/build-process',
+          label: 'Build process',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/build-process',
-            label: 'Build process',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'go/how-to/deploy-process',
+          label: 'Deploy process',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'dotnet/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-    ],
-  java: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
+      items: [
+        {
+          type: 'doc',
+          id: 'go/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'go/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'go/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
         },
+      ],
+    },
+  ],
+  rust: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
       },
-      {
-        type: 'doc',
-        id: 'java/overview',
-        label: 'Java',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'java',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'java/how-to/create',
-            label: 'Create Java service',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/upgrade',
-            label: 'Upgrade Java service',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/controls',
-            label: 'Stop, start & delete Java runtime service',
-          },
-        ],
+    },
+    {
+      type: 'doc',
+      id: 'rust/overview',
+      label: 'Rust',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'rust',
       },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'java/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/customize-runtime',
-            label: 'Customize Java runtime',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/scaling',
-            label: 'Scale Java runtime service',
-          },
-        ],
+    },
+    {
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+      items: [
+        {
+          type: 'doc',
+          id: 'rust/how-to/create',
+          label: 'Create Rust service',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'java/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/build-process',
-            label: 'Build process',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'rust/how-to/upgrade',
+          label: 'Upgrade Rust service',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'java/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'java/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
-      },
-    ],
-  nginx: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
+        {
+          type: 'doc',
+          id: 'rust/how-to/controls',
+          label: 'Stop, start & delete Rust runtime service',
         },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-      {
-        type: 'doc',
-        id: 'nginx/overview',
-        label: 'Nginx Static',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'nginx',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'nginx/how-to/create',
-            label: 'Create Nginx static service',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/upgrade',
-            label: 'Upgrade Nginx service',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/controls',
-            label: 'Stop, start & delete Nginx static service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+      items: [
+        {
+          type: 'doc',
+          id: 'rust/how-to/env-variables',
+          label: 'Manage environment variables',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'nginx/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/customize-runtime',
-            label: 'Customize Nginx static runtime',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/customize-web-server',
-            label: 'Customize web server',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/scaling',
-            label: 'Scale Nginx static service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'rust/how-to/customize-runtime',
+          label: 'Customize Rust runtime',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'nginx/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'rust/how-to/scaling',
+          label: 'Scale Rust runtime service',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'nginx/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'nginx/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-      {
-        type: 'doc',
-        id: 'nginx/faq',
-        label: 'FAQ',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'chat-bubble-left-right',
+      items: [
+        {
+          type: 'doc',
+          id: 'rust/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'rust/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'rust/how-to/build-process',
+          label: 'Build process',
+        },
+        {
+          type: 'doc',
+          id: 'rust/how-to/deploy-process',
+          label: 'Deploy process',
         },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-    ],
-  static: [
+      items: [
+        {
+          type: 'doc',
+          id: 'rust/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'rust/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'rust/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
+    },
+  ],
+  dotnet: [
     {
       type: 'ref',
       id: 'homepage',
@@ -1873,265 +1649,981 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'static/overview',
-      label: 'Static Service',
+      id: 'dotnet/overview',
+      label: '.NET',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'computer-desktop',
+        sidebar_icon: 'dotnet',
       },
     },
-  ],
-    ubuntu: [
+    {
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
         {
-          type: 'ref',
-          id: 'homepage',
-          label: 'Back to home',
-          customProps: {
-            sidebar_is_back_link: true,
-            sidebar_icon: 'back-arrow',
-          },
+          type: 'doc',
+          id: 'dotnet/how-to/create',
+          label: 'Create .NET service',
         },
         {
           type: 'doc',
-          id: 'ubuntu/overview',
-          label: 'Ubuntu',
-          customProps: {
-            sidebar_is_title: true,
-            sidebar_icon: 'ubuntu',
-          },
+          id: 'dotnet/how-to/upgrade',
+          label: 'Upgrade .NET service',
         },
         {
-          type: 'category',
-          label: 'Management',
-          collapsible: false,
-          customProps: {
-            sidebar_is_group_headline: true,
-          },
-          items: [
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/create',
-              label: 'Create Ubuntu service',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/upgrade',
-              label: 'Upgrade Ubuntu service',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/controls',
-              label: 'Stop, start & delete Ubuntu runtime service',
-            },
-          ],
+          type: 'doc',
+          id: 'dotnet/how-to/controls',
+          label: 'Stop, start & delete .NET runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/env-variables',
+          label: 'Manage environment variables',
+        },
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/customize-runtime',
+          label: 'Customize .NET runtime',
+        },
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/scaling',
+          label: 'Scale .NET runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/build-process',
+          label: 'Build process',
+        },
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/deploy-process',
+          label: 'Deploy process',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'dotnet/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
+    },
+  ],
+  java: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'java/overview',
+      label: 'Java',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'java',
+      },
+    },
+    {
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'java/how-to/create',
+          label: 'Create Java service',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/upgrade',
+          label: 'Upgrade Java service',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/controls',
+          label: 'Stop, start & delete Java runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'java/how-to/env-variables',
+          label: 'Manage environment variables',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/customize-runtime',
+          label: 'Customize Java runtime',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/scaling',
+          label: 'Scale Java runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'java/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/build-process',
+          label: 'Build process',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/deploy-process',
+          label: 'Deploy process',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'java/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'java/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
+    },
+  ],
+  nginx: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'nginx/overview',
+      label: 'Nginx Static',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'nginx',
+      },
+    },
+    {
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'nginx/how-to/create',
+          label: 'Create Nginx static service',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/upgrade',
+          label: 'Upgrade Nginx service',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/controls',
+          label: 'Stop, start & delete Nginx static service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'nginx/how-to/env-variables',
+          label: 'Manage environment variables',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/customize-runtime',
+          label: 'Customize Nginx static runtime',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/customize-web-server',
+          label: 'Customize web server',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/scaling',
+          label: 'Scale Nginx static service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'nginx/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/deploy-process',
+          label: 'Deploy process',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'nginx/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'nginx/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
+    },
+    {
+      type: 'doc',
+      id: 'nginx/faq',
+      label: 'FAQ',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'chat-bubble-left-right',
+      },
+    },
+  ],
+  static: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'static/overview',
+      label: 'Static Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'computer-desktop',
+      },
+    },
+  ],
+  ubuntu: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'ubuntu/overview',
+      label: 'Ubuntu',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'ubuntu',
+      },
+    },
+    {
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/create',
+          label: 'Create Ubuntu service',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/upgrade',
+          label: 'Upgrade Ubuntu service',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/controls',
+          label: 'Stop, start & delete Ubuntu runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/env-variables',
+          label: 'Manage environment variables',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/customize-runtime',
+          label: 'Customize Ubuntu runtime',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/scaling',
+          label: 'Scale Ubuntu runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/build-process',
+          label: 'Build process',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/deploy-process',
+          label: 'Deploy process',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'ubuntu/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
+    },
+  ],
+  alpine: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'alpine/overview',
+      label: 'Alpine',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'alpine',
+      },
+    },
+    {
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'alpine/how-to/create',
+          label: 'Create Alpine service',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/upgrade',
+          label: 'Upgrade Alpine service',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/controls',
+          label: 'Stop, start & delete Alpine runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'alpine/how-to/env-variables',
+          label: 'Manage environment variables',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/customize-runtime',
+          label: 'Customize Alpine runtime',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/scaling',
+          label: 'Scale Alpine runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'alpine/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/build-process',
+          label: 'Build process',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/deploy-process',
+          label: 'Deploy process',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'alpine/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'alpine/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
+    },
+  ],
+  docker: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'docker/overview',
+      label: 'Docker Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'docker',
+      },
+    },
+  ],
+  mariadb: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'mariadb/overview',
+      label: 'Zerops MariaDB Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'mariadb',
+      },
+    },
+    {
+      type: 'category',
+      label: 'How-to',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'mariadb/how-to/create',
+          label: 'Create MariaDB service',
+        },
+        {
+          type: 'doc',
+          id: 'mariadb/how-to/connect',
+          label: 'Connect to MariaDB',
+        },
+        {
+          type: 'doc',
+          id: 'mariadb/how-to/manage',
+          label: 'Manage users and databases',
+        },
+        {
+          type: 'doc',
+          id: 'mariadb/how-to/export-import-data',
+          label: 'Export and import data',
+        },
+        {
+          type: 'doc',
+          id: 'mariadb/how-to/backup',
+          label: 'Backup & restore data',
+        },
+        {
+          type: 'doc',
+          id: 'mariadb/how-to/scale',
+          label: 'Scale MariaDB service',
+        },
+        {
+          type: 'doc',
+          id: 'mariadb/how-to/control',
+          label: 'Stop, start and delete MariaDB service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Technical details',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'mariadb/tech-details/cluster',
+          label: 'MariaDB cluster asynchronous behaviour',
+        },
+        {
+          type: 'doc',
+          id: 'mariadb/tech-details/limitations',
+          label: 'Technical limitations of MariaDB cluster',
+        },
+      ],
+    },
+    // {
+    //   type: 'doc',
+    //   id: 'mariadb/faq',
+    //   label: 'FAQ',
+    //   customProps: {
+    //     sidebar_is_title: true,
+    //     sidebar_icon: 'chat-bubble-left-right',
+    //   },
+    // },
+  ],
+  postgresql: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'postgresql/overview',
+      label: 'Zerops PostgreSQL Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'postgresql',
+      },
+    },
+    {
+      type: 'category',
+      label: 'How-to',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'postgresql/how-to/create',
+          label: 'Create PostgreSQL service',
         },
         {
-          type: 'category',
-          label: 'Configuration & Environment',
-          collapsible: false,
-          customProps: {
-            sidebar_is_group_headline: true,
-          },
-          items: [
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/env-variables',
-              label: 'Manage environment variables',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/customize-runtime',
-              label: 'Customize Ubuntu runtime',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/scaling',
-              label: 'Scale Ubuntu runtime service',
-            },
-          ],
+          type: 'doc',
+          id: 'postgresql/how-to/connect',
+          label: 'Connect to PostgreSQL',
         },
         {
-          type: 'category',
-          label: 'Build & Deployment',
-          collapsible: false,
-          customProps: {
-            sidebar_is_group_headline: true,
-          },
-          items: [
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/build-pipeline',
-              label: 'Configure build & deploy pipeline',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/trigger-pipeline',
-              label: 'Trigger build pipeline',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/build-process',
-              label: 'Build process',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/deploy-process',
-              label: 'Deploy process',
-            },
-          ],
+          type: 'doc',
+          id: 'postgresql/how-to/manage',
+          label: 'Manage users, databases & plugins',
         },
         {
-          type: 'category',
-          label: 'Maintenance & Monitoring',
-          collapsible: false,
-          customProps: {
-            sidebar_is_group_headline: true,
-          },
-          items: [
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/logs',
-              label: 'Setup & access logs',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/filebrowser',
-              label: 'Browse container files',
-            },
-            {
-              type: 'doc',
-              id: 'ubuntu/how-to/shared-storage',
-              label: 'Connect / disconnect shared storage',
-            },
-          ],
+          type: 'doc',
+          id: 'postgresql/how-to/export-import-data',
+          label: 'Export and import data',
+        },
+        {
+          type: 'doc',
+          id: 'postgresql/how-to/backup',
+          label: 'Backup data',
+        },
+        {
+          type: 'doc',
+          id: 'postgresql/how-to/scale',
+          label: 'Scale PostgreSQL service',
+        },
+        {
+          type: 'doc',
+          id: 'postgresql/how-to/control',
+          label: 'Stop, start and delete PostgreSQL service',
         },
       ],
-      alpine: [
-          {
-            type: 'ref',
-            id: 'homepage',
-            label: 'Back to home',
-            customProps: {
-              sidebar_is_back_link: true,
-              sidebar_icon: 'back-arrow',
-            },
-          },
-          {
-            type: 'doc',
-            id: 'alpine/overview',
-            label: 'Alpine',
-            customProps: {
-              sidebar_is_title: true,
-              sidebar_icon: 'alpine',
-            },
-          },
-          {
-            type: 'category',
-            label: 'Management',
-            collapsible: false,
-            customProps: {
-              sidebar_is_group_headline: true,
-            },
-            items: [
-              {
-                type: 'doc',
-                id: 'alpine/how-to/create',
-                label: 'Create Alpine service',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/upgrade',
-                label: 'Upgrade Alpine service',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/controls',
-                label: 'Stop, start & delete Alpine runtime service',
-              },
-            ],
-          },
-          {
-            type: 'category',
-            label: 'Configuration & Environment',
-            collapsible: false,
-            customProps: {
-              sidebar_is_group_headline: true,
-            },
-            items: [
-              {
-                type: 'doc',
-                id: 'alpine/how-to/env-variables',
-                label: 'Manage environment variables',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/customize-runtime',
-                label: 'Customize Alpine runtime',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/scaling',
-                label: 'Scale Alpine runtime service',
-              },
-            ],
-          },
-          {
-            type: 'category',
-            label: 'Build & Deployment',
-            collapsible: false,
-            customProps: {
-              sidebar_is_group_headline: true,
-            },
-            items: [
-              {
-                type: 'doc',
-                id: 'alpine/how-to/build-pipeline',
-                label: 'Configure build & deploy pipeline',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/trigger-pipeline',
-                label: 'Trigger build pipeline',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/build-process',
-                label: 'Build process',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/deploy-process',
-                label: 'Deploy process',
-              },
-            ],
-          },
-          {
-            type: 'category',
-            label: 'Maintenance & Monitoring',
-            collapsible: false,
-            customProps: {
-              sidebar_is_group_headline: true,
-            },
-            items: [
-              {
-                type: 'doc',
-                id: 'alpine/how-to/logs',
-                label: 'Setup & access logs',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/filebrowser',
-                label: 'Browse container files',
-              },
-              {
-                type: 'doc',
-                id: 'alpine/how-to/shared-storage',
-                label: 'Connect / disconnect shared storage',
-              },
-            ],
-          },
-        ],
-  docker: [
+    },
+    //    {
+    //      type: "category",
+    //      label: "Technical details",
+    //      collapsible: false,
+    //      customProps: {
+    //        sidebar_is_group_headline: true,
+    //      },
+    //      items: [
+    //        {
+    //          type: "doc",
+    //          id: "postgresql/tech-details/cluster",
+    //          label: "PostgreSQL cluster asynchronous behaviour",
+    //        },
+    //        {
+    //          type: "doc",
+    //          id: "postgresql/tech-details/limitations",
+    //          label: "Technical limitations of PostgreSQL cluster",
+    //        },
+    //      ],
+    //    },
+    {
+      type: 'doc',
+      id: 'postgresql/faq',
+      label: 'FAQ',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'chat-bubble-left-right',
+      },
+    },
+  ],
+  elasticsearch: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'elasticsearch/overview',
+      label: 'Zerops Elasticsearch Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'elasticsearch',
+      },
+    },
+  ],
+  keydb: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'keydb/overview',
+      label: 'Zerops KeyDB Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'keydb',
+      },
+    },
+    {
+      type: 'category',
+      label: 'How-to',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'keydb/how-to/create',
+          label: 'Create KeyDB service',
+        },
+        {
+          type: 'doc',
+          id: 'keydb/how-to/connect',
+          label: 'Connect to KeyDB',
+        },
+        {
+          type: 'doc',
+          id: 'keydb/how-to/manage',
+          label: 'Manage users and databases',
+        },
+        {
+          type: 'doc',
+          id: 'keydb/how-to/scale',
+          label: 'Scale KeyDB service',
+        },
+        {
+          type: 'doc',
+          id: 'keydb/how-to/control',
+          label: 'Stop, start and delete KeyDB service',
+        },
+      ],
+    },
+    // {
+    //   type: 'doc',
+    //   id: 'keydb/faq',
+    //   label: 'FAQ',
+    //   customProps: {
+    //     sidebar_is_title: true,
+    //     sidebar_icon: 'chat-bubble-left-right',
+    //   },
+    // },
+  ],
+  typesense: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'typesense/overview',
+      label: 'Zerops Typesense Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'typesense',
+      },
+    },
+  ],
+  meilisearch: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'meilisearch/overview',
+      label: 'Zerops Meilisearch Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'meilisearch',
+      },
+    },
+  ],
+  valkey: [
     {
       type: 'ref',
       id: 'homepage',
@@ -2143,15 +2635,15 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'docker/overview',
-      label: 'Docker Service',
+      id: 'valkey/overview',
+      label: 'Zerops Valkey Service',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'docker',
+        sidebar_icon: 'valkey',
       },
     },
   ],
-  mariadb: [
+  qdrant: [
     {
       type: 'ref',
       id: 'homepage',
@@ -2163,89 +2655,35 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'mariadb/overview',
-      label: 'Zerops MariaDB Service',
+      id: 'qdrant/overview',
+      label: 'Zerops Qdrant Service',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'mariadb',
+        sidebar_icon: 'qdrant',
       },
     },
+  ],
+  nats: [
     {
-      type: 'category',
-      label: 'How-to',
-      collapsible: false,
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
       customProps: {
-        sidebar_is_group_headline: true,
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
       },
-      items: [
-        {
-          type: 'doc',
-          id: 'mariadb/how-to/create',
-          label: 'Create MariaDB service',
-        },
-        {
-          type: 'doc',
-          id: 'mariadb/how-to/connect',
-          label: 'Connect to MariaDB',
-        },
-        {
-          type: 'doc',
-          id: 'mariadb/how-to/manage',
-          label: 'Manage users and databases',
-        },
-        {
-          type: 'doc',
-          id: 'mariadb/how-to/export-import-data',
-          label: 'Export and import data',
-        },
-        {
-          type: 'doc',
-          id: 'mariadb/how-to/backup',
-          label: 'Backup & restore data',
-        },
-        {
-          type: 'doc',
-          id: 'mariadb/how-to/scale',
-          label: 'Scale MariaDB service',
-        },
-        {
-          type: 'doc',
-          id: 'mariadb/how-to/control',
-          label: 'Stop, start and delete MariaDB service',
-        },
-      ],
     },
     {
-      type: 'category',
-      label: 'Technical details',
-      collapsible: false,
+      type: 'doc',
+      id: 'nats/overview',
+      label: 'Zerops NATS Service',
       customProps: {
-        sidebar_is_group_headline: true,
+        sidebar_is_title: true,
+        sidebar_icon: 'nats',
       },
-      items: [
-        {
-          type: 'doc',
-          id: 'mariadb/tech-details/cluster',
-          label: 'MariaDB cluster asynchronous behaviour',
-        },
-        {
-          type: 'doc',
-          id: 'mariadb/tech-details/limitations',
-          label: 'Technical limitations of MariaDB cluster',
-        },
-      ],
     },
-    // {
-    //   type: 'doc',
-    //   id: 'mariadb/faq',
-    //   label: 'FAQ',
-    //   customProps: {
-    //     sidebar_is_title: true,
-    //     sidebar_icon: 'chat-bubble-left-right',
-    //   },
-    // },
   ],
-  postgresql: [
+  kafka: [
     {
       type: 'ref',
       id: 'homepage',
@@ -2257,11 +2695,51 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'postgresql/overview',
-      label: 'Zerops PostgreSQL Service',
+      id: 'kafka/overview',
+      label: 'Zerops Kafka Service',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'postgresql',
+        sidebar_icon: 'kafka',
+      },
+    },
+  ],
+  clickhouse: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'clickhouse/overview',
+      label: 'Zerops Clickhouse Service',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'clickhouse',
+      },
+    },
+  ],
+  sharedstorage: [
+    {
+      type: 'ref',
+      id: 'homepage',
+      label: 'Back to home',
+      customProps: {
+        sidebar_is_back_link: true,
+        sidebar_icon: 'back-arrow',
+      },
+    },
+    {
+      type: 'doc',
+      id: 'shared-storage/overview',
+      label: 'Shared storage overview',
+      customProps: {
+        sidebar_is_title: true,
+        sidebar_icon: 'server',
       },
     },
     {
@@ -2270,76 +2748,47 @@ module.exports = {
       collapsible: false,
       customProps: {
         sidebar_is_group_headline: true,
+        sidebar_icon: 'academic-cap-solid',
       },
       items: [
         {
           type: 'doc',
-          id: 'postgresql/how-to/create',
-          label: 'Create PostgreSQL service',
-        },
-        {
-          type: 'doc',
-          id: 'postgresql/how-to/connect',
-          label: 'Connect to PostgreSQL',
-        },
-        {
-          type: 'doc',
-          id: 'postgresql/how-to/manage',
-          label: 'Manage users, databases & plugins',
+          id: 'shared-storage/how-to/create',
+          label: 'Create shared storage',
         },
         {
           type: 'doc',
-          id: 'postgresql/how-to/export-import-data',
-          label: 'Export and import data',
+          id: 'shared-storage/how-to/connect',
+          label: 'Connect shared storage',
         },
         {
           type: 'doc',
-          id: 'postgresql/how-to/backup',
-          label: 'Backup data',
+          id: 'shared-storage/how-to/use',
+          label: 'Usage & Limitations',
         },
         {
           type: 'doc',
-          id: 'postgresql/how-to/scale',
-          label: 'Scale PostgreSQL service',
+          id: 'shared-storage/how-to/manage',
+          label: 'Manage & Access shared storage',
         },
         {
           type: 'doc',
-          id: 'postgresql/how-to/control',
-          label: 'Stop, start and delete PostgreSQL service',
+          id: 'shared-storage/how-to/backup',
+          label: 'Backup shared storage',
         },
       ],
     },
-    //    {
-    //      type: "category",
-    //      label: "Technical details",
-    //      collapsible: false,
-    //      customProps: {
-    //        sidebar_is_group_headline: true,
-    //      },
-    //      items: [
-    //        {
-    //          type: "doc",
-    //          id: "postgresql/tech-details/cluster",
-    //          label: "PostgreSQL cluster asynchronous behaviour",
-    //        },
-    //        {
-    //          type: "doc",
-    //          id: "postgresql/tech-details/limitations",
-    //          label: "Technical limitations of PostgreSQL cluster",
-    //        },
-    //      ],
-    //    },
     {
       type: 'doc',
-      id: 'postgresql/faq',
-      label: 'FAQ',
+      id: 'shared-storage/tech-details',
+      label: 'Technical details',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'chat-bubble-left-right',
+        sidebar_icon: 'document-text',
       },
     },
   ],
-  elasticsearch: [
+  objectstorage: [
     {
       type: 'ref',
       id: 'homepage',
@@ -2351,15 +2800,51 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'elasticsearch/overview',
-      label: 'Zerops Elasticsearch Service',
+      id: 'object-storage/overview',
+      label: 'Object Storage Overview',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'elasticsearch',
+        sidebar_icon: 'server',
+      },
+    },
+    {
+      type: 'category',
+      label: 'How-to',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+        sidebar_icon: 'academic-cap-solid',
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'object-storage/how-to/create',
+          label: 'Create object storage service',
+        },
+        {
+          type: 'doc',
+          id: 'object-storage/how-to/update-bucket',
+          label: 'Change bucket size or access policy',
+        },
+        {
+          type: 'doc',
+          id: 'object-storage/how-to/access',
+          label: 'Access object storage service',
+        },
+        {
+          type: 'doc',
+          id: 'object-storage/how-to/controls',
+          label: 'Stop, start & delete object storage service',
+        },
+        {
+          type: 'doc',
+          id: 'object-storage/how-to/curl-file',
+          label: 'Download file from a private bucket',
+        },
+      ],
     },
   ],
-  keydb: [
+  deno: [
     {
       type: 'ref',
       id: 'homepage',
@@ -2371,16 +2856,16 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'keydb/overview',
-      label: 'Zerops KeyDB Service',
+      id: 'deno/overview',
+      label: 'Deno',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'keydb',
+        sidebar_icon: 'deno',
       },
     },
     {
       type: 'category',
-      label: 'How-to',
+      label: 'Management',
       collapsible: false,
       customProps: {
         sidebar_is_group_headline: true,
@@ -2388,62 +2873,103 @@ module.exports = {
       items: [
         {
           type: 'doc',
-          id: 'keydb/how-to/create',
-          label: 'Create KeyDB service',
+          id: 'deno/how-to/create',
+          label: 'Create Deno service',
         },
         {
           type: 'doc',
-          id: 'keydb/how-to/connect',
-          label: 'Connect to KeyDB',
+          id: 'deno/how-to/upgrade',
+          label: 'Upgrade Deno service',
         },
         {
           type: 'doc',
-          id: 'keydb/how-to/manage',
-          label: 'Manage users and databases',
+          id: 'deno/how-to/controls',
+          label: 'Stop, start & delete Deno runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'deno/how-to/env-variables',
+          label: 'Manage environment variables',
         },
         {
           type: 'doc',
-          id: 'keydb/how-to/scale',
-          label: 'Scale KeyDB service',
+          id: 'deno/how-to/customize-runtime',
+          label: 'Customize Deno runtime',
         },
         {
           type: 'doc',
-          id: 'keydb/how-to/control',
-          label: 'Stop, start and delete KeyDB service',
+          id: 'deno/how-to/scaling',
+          label: 'Scale Deno runtime service',
         },
       ],
     },
-    // {
-    //   type: 'doc',
-    //   id: 'keydb/faq',
-    //   label: 'FAQ',
-    //   customProps: {
-    //     sidebar_is_title: true,
-    //     sidebar_icon: 'chat-bubble-left-right',
-    //   },
-    // },
-  ],
-  typesense: [
     {
-      type: 'ref',
-      id: 'homepage',
-      label: 'Back to home',
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
       customProps: {
-        sidebar_is_back_link: true,
-        sidebar_icon: 'back-arrow',
+        sidebar_is_group_headline: true,
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'deno/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'deno/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'deno/how-to/build-process',
+          label: 'Build process',
+        },
+        {
+          type: 'doc',
+          id: 'deno/how-to/deploy-process',
+          label: 'Deploy process',
+        },
+      ],
     },
     {
-      type: 'doc',
-      id: 'typesense/overview',
-      label: 'Zerops Typesense Service',
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
       customProps: {
-        sidebar_is_title: true,
-        sidebar_icon: 'typesense',
+        sidebar_is_group_headline: true,
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'deno/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'deno/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'deno/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
     },
   ],
-  meilisearch: [
+  bun: [
     {
       type: 'ref',
       id: 'homepage',
@@ -2455,55 +2981,120 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'meilisearch/overview',
-      label: 'Zerops Meilisearch Service',
+      id: 'bun/overview',
+      label: 'Bun',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'meilisearch',
+        sidebar_icon: 'bun',
       },
     },
-  ],
-  valkey: [
     {
-      type: 'ref',
-      id: 'homepage',
-      label: 'Back to home',
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
       customProps: {
-        sidebar_is_back_link: true,
-        sidebar_icon: 'back-arrow',
+        sidebar_is_group_headline: true,
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'bun/how-to/create',
+          label: 'Create Bun service',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/upgrade',
+          label: 'Upgrade Bun service',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/controls',
+          label: 'Stop, start & delete Bun runtime service',
+        },
+      ],
     },
     {
-      type: 'doc',
-      id: 'valkey/overview',
-      label: 'Zerops Valkey Service',
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
       customProps: {
-        sidebar_is_title: true,
-        sidebar_icon: 'valkey',
+        sidebar_is_group_headline: true,
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'bun/how-to/env-variables',
+          label: 'Manage environment variables',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/customize-runtime',
+          label: 'Customize Bun runtime',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/scaling',
+          label: 'Scale Bun runtime service',
+        },
+      ],
     },
-  ],
-  qdrant: [
     {
-      type: 'ref',
-      id: 'homepage',
-      label: 'Back to home',
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
       customProps: {
-        sidebar_is_back_link: true,
-        sidebar_icon: 'back-arrow',
+        sidebar_is_group_headline: true,
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'bun/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/build-process',
+          label: 'Build process',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/deploy-process',
+          label: 'Deploy process',
+        },
+      ],
     },
     {
-      type: 'doc',
-      id: 'qdrant/overview',
-      label: 'Zerops Qdrant Service',
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
       customProps: {
-        sidebar_is_title: true,
-        sidebar_icon: 'qdrant',
+        sidebar_is_group_headline: true,
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'bun/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'bun/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
     },
   ],
-  nats: [
+  gleam: [
     {
       type: 'ref',
       id: 'homepage',
@@ -2515,120 +3106,120 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'nats/overview',
-      label: 'Zerops NATS Service',
+      id: 'gleam/overview',
+      label: 'Gleam',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'nats',
-      },
-    },
-  ],
-  kafka: [
-    {
-      type: 'ref',
-      id: 'homepage',
-      label: 'Back to home',
-      customProps: {
-        sidebar_is_back_link: true,
-        sidebar_icon: 'back-arrow',
+        sidebar_icon: 'gleam',
       },
     },
     {
-      type: 'doc',
-      id: 'kafka/overview',
-      label: 'Zerops Kafka Service',
+      type: 'category',
+      label: 'Management',
+      collapsible: false,
       customProps: {
-        sidebar_is_title: true,
-        sidebar_icon: 'kafka',
+        sidebar_is_group_headline: true,
       },
-    },
-  ],
-    clickhouse: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
+      items: [
+        {
+          type: 'doc',
+          id: 'gleam/how-to/create',
+          label: 'Create Gleam service',
         },
-      },
-      {
-        type: 'doc',
-        id: 'clickhouse/overview',
-        label: 'Zerops Clickhouse Service',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'clickhouse',
+        {
+          type: 'doc',
+          id: 'gleam/how-to/upgrade',
+          label: 'Upgrade Gleam service',
         },
-      },
-    ],
-  sharedstorage: [
-    {
-      type: 'ref',
-      id: 'homepage',
-      label: 'Back to home',
-      customProps: {
-        sidebar_is_back_link: true,
-        sidebar_icon: 'back-arrow',
-      },
+        {
+          type: 'doc',
+          id: 'gleam/how-to/controls',
+          label: 'Stop, start & delete Gleam runtime service',
+        },
+      ],
     },
     {
-      type: 'doc',
-      id: 'shared-storage/overview',
-      label: 'Shared storage overview',
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
       customProps: {
-        sidebar_is_title: true,
-        sidebar_icon: 'server',
+        sidebar_is_group_headline: true,
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'gleam/how-to/env-variables',
+          label: 'Manage environment variables',
+        },
+        {
+          type: 'doc',
+          id: 'gleam/how-to/customize-runtime',
+          label: 'Customize Gleam runtime',
+        },
+        {
+          type: 'doc',
+          id: 'gleam/how-to/scaling',
+          label: 'Scale Gleam runtime service',
+        },
+      ],
     },
     {
       type: 'category',
-      label: 'How-to',
+      label: 'Build & Deployment',
       collapsible: false,
       customProps: {
         sidebar_is_group_headline: true,
-        sidebar_icon: 'academic-cap-solid',
       },
       items: [
         {
           type: 'doc',
-          id: 'shared-storage/how-to/create',
-          label: 'Create shared storage',
-        },
-        {
-          type: 'doc',
-          id: 'shared-storage/how-to/connect',
-          label: 'Connect shared storage',
+          id: 'gleam/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
         },
         {
           type: 'doc',
-          id: 'shared-storage/how-to/use',
-          label: 'Usage & Limitations',
+          id: 'gleam/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
         },
         {
           type: 'doc',
-          id: 'shared-storage/how-to/manage',
-          label: 'Manage & Access shared storage',
+          id: 'gleam/how-to/build-process',
+          label: 'Build process',
         },
         {
           type: 'doc',
-          id: 'shared-storage/how-to/backup',
-          label: 'Backup shared storage',
+          id: 'gleam/how-to/deploy-process',
+          label: 'Deploy process',
         },
       ],
     },
     {
-      type: 'doc',
-      id: 'shared-storage/tech-details',
-      label: 'Technical details',
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
       customProps: {
-        sidebar_is_title: true,
-        sidebar_icon: 'document-text',
+        sidebar_is_group_headline: true,
       },
+      items: [
+        {
+          type: 'doc',
+          id: 'gleam/how-to/logs',
+          label: 'Setup & access logs',
+        },
+        {
+          type: 'doc',
+          id: 'gleam/how-to/filebrowser',
+          label: 'Browse container files',
+        },
+        {
+          type: 'doc',
+          id: 'gleam/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
+        },
+      ],
     },
   ],
-  objectstorage: [
+  elixir: [
     {
       type: 'ref',
       id: 'homepage',
@@ -2640,738 +3231,307 @@ module.exports = {
     },
     {
       type: 'doc',
-      id: 'object-storage/overview',
-      label: 'Object Storage Overview',
+      id: 'elixir/overview',
+      label: 'Elixir',
       customProps: {
         sidebar_is_title: true,
-        sidebar_icon: 'server',
+        sidebar_icon: 'elixir',
       },
     },
     {
       type: 'category',
-      label: 'How-to',
+      label: 'Management',
       collapsible: false,
       customProps: {
         sidebar_is_group_headline: true,
-        sidebar_icon: 'academic-cap-solid',
       },
       items: [
         {
           type: 'doc',
-          id: 'object-storage/how-to/create',
-          label: 'Create object storage service',
+          id: 'elixir/how-to/create',
+          label: 'Create Elixir service',
         },
         {
           type: 'doc',
-          id: 'object-storage/how-to/update-bucket',
-          label: 'Change bucket size or access policy',
+          id: 'elixir/how-to/upgrade',
+          label: 'Upgrade Elixir service',
         },
         {
           type: 'doc',
-          id: 'object-storage/how-to/access',
-          label: 'Access object storage service',
+          id: 'elixir/how-to/controls',
+          label: 'Stop, start & delete Elixir runtime service',
+        },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Configuration & Environment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
+      },
+      items: [
+        {
+          type: 'doc',
+          id: 'elixir/how-to/env-variables',
+          label: 'Manage environment variables',
         },
         {
           type: 'doc',
-          id: 'object-storage/how-to/controls',
-          label: 'Stop, start & delete object storage service',
+          id: 'elixir/how-to/customize-runtime',
+          label: 'Customize Elixir runtime',
         },
         {
           type: 'doc',
-          id: 'object-storage/how-to/curl-file',
-          label: 'Download file from a private bucket',
+          id: 'elixir/how-to/scaling',
+          label: 'Scale Elixir runtime service',
         },
       ],
     },
-  ],
-  deno: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
-        },
-      },
-      {
-        type: 'doc',
-        id: 'deno/overview',
-        label: 'Deno',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'deno',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'deno/how-to/create',
-            label: 'Create Deno service',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/upgrade',
-            label: 'Upgrade Deno service',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/controls',
-            label: 'Stop, start & delete Deno runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'deno/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/customize-runtime',
-            label: 'Customize Deno runtime',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/scaling',
-            label: 'Scale Deno runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'deno/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/build-process',
-            label: 'Build process',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'deno/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'deno/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
-      },
-    ],
-  bun: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
-        },
-      },
-      {
-        type: 'doc',
-        id: 'bun/overview',
-        label: 'Bun',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'bun',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'bun/how-to/create',
-            label: 'Create Bun service',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/upgrade',
-            label: 'Upgrade Bun service',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/controls',
-            label: 'Stop, start & delete Bun runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'bun/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/customize-runtime',
-            label: 'Customize Bun runtime',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/scaling',
-            label: 'Scale Bun runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'bun/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/build-process',
-            label: 'Build process',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'bun/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'bun/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
-      },
-    ],
-  gleam: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
-        },
-      },
-      {
-        type: 'doc',
-        id: 'gleam/overview',
-        label: 'Gleam',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'gleam',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'gleam/how-to/create',
-            label: 'Create Gleam service',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/upgrade',
-            label: 'Upgrade Gleam service',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/controls',
-            label: 'Stop, start & delete Gleam runtime service',
-          },
-        ],
+    {
+      type: 'category',
+      label: 'Build & Deployment',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+      items: [
+        {
+          type: 'doc',
+          id: 'elixir/how-to/build-pipeline',
+          label: 'Configure build & deploy pipeline',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'gleam/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/customize-runtime',
-            label: 'Customize Gleam runtime',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/scaling',
-            label: 'Scale Gleam runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'elixir/how-to/trigger-pipeline',
+          label: 'Trigger build pipeline',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'gleam/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/build-process',
-            label: 'Build process',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'elixir/how-to/build-process',
+          label: 'Build process',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'gleam/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'gleam/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
-      },
-    ],
-  elixir: [
-      {
-        type: 'ref',
-        id: 'homepage',
-        label: 'Back to home',
-        customProps: {
-          sidebar_is_back_link: true,
-          sidebar_icon: 'back-arrow',
+        {
+          type: 'doc',
+          id: 'elixir/how-to/deploy-process',
+          label: 'Deploy process',
         },
+      ],
+    },
+    {
+      type: 'category',
+      label: 'Maintenance & Monitoring',
+      collapsible: false,
+      customProps: {
+        sidebar_is_group_headline: true,
       },
-      {
-        type: 'doc',
-        id: 'elixir/overview',
-        label: 'Elixir',
-        customProps: {
-          sidebar_is_title: true,
-          sidebar_icon: 'elixir',
-        },
-      },
-      {
-        type: 'category',
-        label: 'Management',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
-        },
-        items: [
-          {
-            type: 'doc',
-            id: 'elixir/how-to/create',
-            label: 'Create Elixir service',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/upgrade',
-            label: 'Upgrade Elixir service',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/controls',
-            label: 'Stop, start & delete Elixir runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Configuration & Environment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+      items: [
+        {
+          type: 'doc',
+          id: 'elixir/how-to/logs',
+          label: 'Setup & access logs',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'elixir/how-to/env-variables',
-            label: 'Manage environment variables',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/customize-runtime',
-            label: 'Customize Elixir runtime',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/scaling',
-            label: 'Scale Elixir runtime service',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Build & Deployment',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'elixir/how-to/filebrowser',
+          label: 'Browse container files',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'elixir/how-to/build-pipeline',
-            label: 'Configure build & deploy pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/trigger-pipeline',
-            label: 'Trigger build pipeline',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/build-process',
-            label: 'Build process',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/deploy-process',
-            label: 'Deploy process',
-          },
-        ],
-      },
-      {
-        type: 'category',
-        label: 'Maintenance & Monitoring',
-        collapsible: false,
-        customProps: {
-          sidebar_is_group_headline: true,
+        {
+          type: 'doc',
+          id: 'elixir/how-to/shared-storage',
+          label: 'Connect / disconnect shared storage',
         },
-        items: [
-          {
-            type: 'doc',
-            id: 'elixir/how-to/logs',
-            label: 'Setup & access logs',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/filebrowser',
-            label: 'Browse container files',
-          },
-          {
-            type: 'doc',
-            id: 'elixir/how-to/shared-storage',
-            label: 'Connect / disconnect shared storage',
-          },
-        ],
-      },
-    ],
-//  laravel: [
-//    {
-//      type: 'ref',
-//      id: 'homepage',
-//      label: 'Back to home',
-//      customProps: {
-//        sidebar_is_back_link: true,
-//        sidebar_icon: 'back-arrow',
-//      },
-//    },
-//    {
-//      type: 'doc',
-//      id: 'frameworks/laravel',
-//      label: 'Laravel',
-//      customProps: {
-//        sidebar_is_title: true,
-//        sidebar_icon: 'laravel',
-//      },
-//    },
-//    {
-//      type: 'doc',
-//      id: 'frameworks/laravel/introduction',
-//      label: 'Quickstart Guide',
-//      customProps: {
-//        sidebar_icon: 'rocket-launch',
-//      },
-//    },
-//    {
-//      type: 'category',
-//      label: 'Features',
-//      collapsible: false,
-//      customProps: {
-//        sidebar_is_group_headline: true,
-//      },
-//      items: [
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/env-variables',
-//          label: 'Environment Variables',
-//        },
-////        {
-////          type: 'doc',
-////          id: 'frameworks/laravel/local-development',
-////          label: 'Local Development',
-////        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/migrations',
-//          label: 'Database Migrations',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/redis',
-//          label: 'Cache & Queue with Redis',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/cron',
-//          label: 'Schedule Jobs & CRON',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/smtp',
-//          label: 'SMTP Configuration',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/logs',
-//          label: 'Logs',
-//        },
-//      ],
-//    },
-//      {
-//        type: 'html',
-//        value: 'Recipes',
-//        customProps: {
-//          sidebar_is_group_divider: true,
-//        },
-//        className: 'homepage-sidebar-item',
-//      },
-//    {
-//      type: 'category',
-//      label: 'Minimal',
-//      collapsible: true,
-//      customProps: {
-//        sidebar_is_group_headline: true,
-//      },
-//      items: [
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/minimal-local',
-//          label: 'Local Development',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/minimal-devel',
-//          label: 'Stage Environment',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/minimal-prod',
-//          label: 'Production',
-//        },
-//      ],
-//    },
-//    {
-//      type: 'category',
-//      label: 'Jetstream',
-//      collapsible: true,
-//      customProps: {
-//        sidebar_is_group_headline: true,
-//      },
-//      items: [
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/jetstream-local',
-//          label: 'Local Development',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/jetstream-devel',
-//          label: 'Stage Environment',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/jetstream-prod',
-//          label: 'Production',
-//        },
-//      ],
-//    },
-//    {
-//      type: 'category',
-//      label: 'Filament',
-//      collapsible: true,
-//      customProps: {
-//        sidebar_is_group_headline: true,
-//      },
-//      items: [
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/filament-local',
-//          label: 'Local Development',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/filament-devel',
-//          label: 'Stage Environment',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/filament-prod',
-//          label: 'Production',
-//        },
-//      ],
-//    },
-//    {
-//      type: 'category',
-//      label: 'Twill CMS',
-//      collapsible: true,
-//      customProps: {
-//        sidebar_is_group_headline: true,
-//      },
-//      items: [
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/twill-local',
-//          label: 'Local Development',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/twill-devel',
-//          label: 'Stage Environment',
-//        },
-//        {
-//          type: 'doc',
-//          id: 'frameworks/laravel/recipes/twill-prod',
-//          label: 'Production',
-//        },
-//      ],
-//    },
-//    {
-//      type: 'doc',
-//      id: 'frameworks/laravel/faq',
-//      label: 'FAQ',
-//      customProps: {
-//        sidebar_is_title: true,
-//        sidebar_icon: 'chat-bubble-left-right',
-//      },
-//    },
-//  ],
-};
\ No newline at end of file
+      ],
+    },
+  ],
+  //  laravel: [
+  //    {
+  //      type: 'ref',
+  //      id: 'homepage',
+  //      label: 'Back to home',
+  //      customProps: {
+  //        sidebar_is_back_link: true,
+  //        sidebar_icon: 'back-arrow',
+  //      },
+  //    },
+  //    {
+  //      type: 'doc',
+  //      id: 'frameworks/laravel',
+  //      label: 'Laravel',
+  //      customProps: {
+  //        sidebar_is_title: true,
+  //        sidebar_icon: 'laravel',
+  //      },
+  //    },
+  //    {
+  //      type: 'doc',
+  //      id: 'frameworks/laravel/introduction',
+  //      label: 'Quickstart Guide',
+  //      customProps: {
+  //        sidebar_icon: 'rocket-launch',
+  //      },
+  //    },
+  //    {
+  //      type: 'category',
+  //      label: 'Features',
+  //      collapsible: false,
+  //      customProps: {
+  //        sidebar_is_group_headline: true,
+  //      },
+  //      items: [
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/env-variables',
+  //          label: 'Environment Variables',
+  //        },
+  ////        {
+  ////          type: 'doc',
+  ////          id: 'frameworks/laravel/local-development',
+  ////          label: 'Local Development',
+  ////        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/migrations',
+  //          label: 'Database Migrations',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/redis',
+  //          label: 'Cache & Queue with Redis',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/cron',
+  //          label: 'Schedule Jobs & CRON',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/smtp',
+  //          label: 'SMTP Configuration',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/logs',
+  //          label: 'Logs',
+  //        },
+  //      ],
+  //    },
+  //      {
+  //        type: 'html',
+  //        value: 'Recipes',
+  //        customProps: {
+  //          sidebar_is_group_divider: true,
+  //        },
+  //        className: 'homepage-sidebar-item',
+  //      },
+  //    {
+  //      type: 'category',
+  //      label: 'Minimal',
+  //      collapsible: true,
+  //      customProps: {
+  //        sidebar_is_group_headline: true,
+  //      },
+  //      items: [
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/minimal-local',
+  //          label: 'Local Development',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/minimal-devel',
+  //          label: 'Stage Environment',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/minimal-prod',
+  //          label: 'Production',
+  //        },
+  //      ],
+  //    },
+  //    {
+  //      type: 'category',
+  //      label: 'Jetstream',
+  //      collapsible: true,
+  //      customProps: {
+  //        sidebar_is_group_headline: true,
+  //      },
+  //      items: [
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/jetstream-local',
+  //          label: 'Local Development',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/jetstream-devel',
+  //          label: 'Stage Environment',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/jetstream-prod',
+  //          label: 'Production',
+  //        },
+  //      ],
+  //    },
+  //    {
+  //      type: 'category',
+  //      label: 'Filament',
+  //      collapsible: true,
+  //      customProps: {
+  //        sidebar_is_group_headline: true,
+  //      },
+  //      items: [
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/filament-local',
+  //          label: 'Local Development',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/filament-devel',
+  //          label: 'Stage Environment',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/filament-prod',
+  //          label: 'Production',
+  //        },
+  //      ],
+  //    },
+  //    {
+  //      type: 'category',
+  //      label: 'Twill CMS',
+  //      collapsible: true,
+  //      customProps: {
+  //        sidebar_is_group_headline: true,
+  //      },
+  //      items: [
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/twill-local',
+  //          label: 'Local Development',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/twill-devel',
+  //          label: 'Stage Environment',
+  //        },
+  //        {
+  //          type: 'doc',
+  //          id: 'frameworks/laravel/recipes/twill-prod',
+  //          label: 'Production',
+  //        },
+  //      ],
+  //    },
+  //    {
+  //      type: 'doc',
+  //      id: 'frameworks/laravel/faq',
+  //      label: 'FAQ',
+  //      customProps: {
+  //        sidebar_is_title: true,
+  //        sidebar_icon: 'chat-bubble-left-right',
+  //      },
+  //    },
+  //  ],
+};
diff --git a/apps/docs/src/components/AsciiGraph/index.tsx b/apps/docs/src/components/AsciiGraph/index.tsx
new file mode 100644
index 000000000..33d336e05
--- /dev/null
+++ b/apps/docs/src/components/AsciiGraph/index.tsx
@@ -0,0 +1,24 @@
+import React from 'react';
+
+type AsciiGraphProps = {
+  children: React.ReactNode;
+  className?: string;
+  ariaLabel?: string;
+};
+
+const AsciiGraph: React.FC<AsciiGraphProps> = ({
+  children,
+  className,
+  ariaLabel,
+}) => {
+  return (
+    <pre
+      className={`ascii-graph${className ? ` ${className}` : ''}`}
+      aria-label={ariaLabel}
+    >
+      {children}
+    </pre>
+  );
+};
+
+export default AsciiGraph;
diff --git a/apps/docs/src/components/CodingAgentsTopology/build.cjs b/apps/docs/src/components/CodingAgentsTopology/build.cjs
new file mode 100644
index 000000000..2733b03eb
--- /dev/null
+++ b/apps/docs/src/components/CodingAgentsTopology/build.cjs
@@ -0,0 +1,168 @@
+'use strict';
+
+// Build functions for the ZCP topology diagram. Pure functions that produce
+// a Grid (from grid.cjs). Consumed by:
+//   - the React component (index.tsx) for the interactive Remote/Local toggle
+//   - the markdown-source plugin to render the same ASCII into .md output
+
+const {
+    make,
+    text,
+    textCenter,
+    vline,
+    hline,
+    ch,
+    joint,
+    box,
+    verify,
+} = require('./grid.cjs');
+
+const W = 80;
+const PROJECT_W = 62;
+
+function buildProject(g, mode) {
+    const yTop = 3;
+    const yBottom = 31;
+
+    box(g, { x: 0, y: yTop, w: PROJECT_W, h: yBottom - yTop + 1 });
+    textCenter(g, 31, yTop + 1, 'Zerops development project (private network)');
+
+    box(g, {
+        x: 2, y: 5, w: 19, h: 5,
+        lines: ['project ctrl', '+ L3 balancer', '+ firewall'],
+    });
+    box(g, { x: 23, y: 5, w: 12, h: 5, lines: ['stats'], align: 'center' });
+    box(g, { x: 37, y: 5, w: 12, h: 5, lines: ['logger'], align: 'center' });
+
+    box(g, {
+        x: 2, y: 11, w: 19, h: 4,
+        lines: ['L7 balancer', '(Nginx)'],
+        align: 'center',
+    });
+
+    joint(g, 11, 9, '┬');
+    vline(g, 11, 10, 10);
+    joint(g, 11, 11, '┴');
+
+    joint(g, 11, 14, '┬');
+    vline(g, 11, 15, 15);
+    joint(g, 11, 16, '├');
+
+    if (mode === 'remote') {
+        hline(g, 16, 12, 46);
+        joint(g, 29, 16, '┬');
+        joint(g, 47, 16, '┐');
+    } else {
+        hline(g, 16, 12, 28);
+        joint(g, 29, 16, '┐');
+    }
+
+    box(g, {
+        x: 4, y: 17, w: 15, h: 4,
+        lines: ['appdev:3000', 'dev runtime'],
+    });
+    joint(g, 11, 17, '┴');
+    joint(g, 11, 20, '┬');
+    vline(g, 11, 21, 21);
+
+    box(g, {
+        x: 21, y: 17, w: 17, h: 4,
+        lines: ['appstage:3000', 'stage runtime'],
+    });
+    joint(g, 29, 17, '┴');
+    joint(g, 29, 20, '┬');
+    vline(g, 29, 21, 21);
+
+    if (mode === 'remote') {
+        box(g, {
+            x: 40, y: 17, w: 15, h: 4,
+            lines: ['zcp service', 'agent + MCP'],
+            align: 'center',
+            hl: true,
+        });
+        joint(g, 47, 17, '┴');
+        joint(g, 47, 20, '┬');
+        vline(g, 47, 21, 21);
+        textCenter(g, 47, 13, 'control plane');
+        textCenter(g, 47, 14, 'ssh into other services');
+        textCenter(g, 47, 15, 'dev runtime fs mounted');
+    }
+
+    joint(g, 11, 22, '└');
+    if (mode === 'remote') {
+        hline(g, 22, 12, 46);
+        joint(g, 29, 22, '┼');
+        joint(g, 47, 22, '┘');
+    } else {
+        hline(g, 22, 12, 28);
+        joint(g, 20, 22, '┬');
+        joint(g, 29, 22, '┘');
+    }
+
+    const downCol = mode === 'remote' ? 29 : 20;
+    vline(g, downCol, 23, 23);
+
+    joint(g, 14, 24, '┌');
+    hline(g, 24, 15, 41);
+    joint(g, downCol, 24, '┴');
+    joint(g, 42, 24, '┐');
+
+    vline(g, 14, 25, 25);
+    vline(g, 42, 25, 25);
+
+    box(g, { x: 7, y: 26, w: 15, h: 4, lines: ['db:5432', 'Postgres'] });
+    joint(g, 14, 26, '┴');
+
+    box(g, { x: 35, y: 26, w: 15, h: 4, lines: ['cache:6379', 'Valkey'] });
+    joint(g, 42, 26, '┴');
+}
+
+function buildRemote() {
+    const g = make(W, 32);
+    textCenter(g, 31, 0, 'https://my-app.com');
+    vline(g, 31, 1, 1);
+    ch(g, 31, 2, '▼');
+    buildProject(g, 'remote');
+    verify(g);
+    return g;
+}
+
+function buildLocal() {
+    const g = make(W, 44);
+    textCenter(g, 31, 0, 'https://my-app.com');
+    vline(g, 31, 1, 1);
+    ch(g, 31, 2, '▼');
+    buildProject(g, 'local');
+
+    joint(g, 31, 31, '▲');
+
+    vline(g, 31, 32, 34);
+    text(g, 33, 33, 'VPN tunnel');
+
+    box(g, {
+        x: 14, y: 35, w: 35, h: 9,
+        lines: [
+            'IDE / terminal',
+            '+ agent',
+            '+ zcp MCP',
+            '',
+            '$ curl zerops.io/zcp/install.sh',
+            '$ zcp init',
+            '$ zcli vpn up',
+        ],
+        align: 'left',
+        hl: true,
+    });
+    joint(g, 31, 35, '┴');
+
+    verify(g);
+    return g;
+}
+
+module.exports = {
+    buildProject,
+    buildRemote,
+    buildLocal,
+    W,
+    PROJECT_W,
+};
diff --git a/apps/docs/src/components/CodingAgentsTopology/grid.cjs b/apps/docs/src/components/CodingAgentsTopology/grid.cjs
new file mode 100644
index 000000000..ccc5eebdb
--- /dev/null
+++ b/apps/docs/src/components/CodingAgentsTopology/grid.cjs
@@ -0,0 +1,149 @@
+'use strict';
+
+// Pure grid utilities — used by the React component (CodingAgentsTopology,
+// IntroAgentVisual) and by the markdown-source plugin to render the same
+// ASCII art as plain text into the .md output.
+//
+// Mirrors the API of the original grid.tsx but returns plain strings rather
+// than React nodes from `render`. The .tsx wrapper (`grid.tsx`) delegates
+// here for the grid math and re-implements `render` to emit React nodes
+// with `<span>` highlights.
+
+const SPACE = ' ';
+
+function make(width, height) {
+    return Array.from({ length: height }, () =>
+        Array.from({ length: width }, () => ({ ch: SPACE, hl: false }))
+    );
+}
+
+function put(g, x, y, ch, hl) {
+    if (y < 0 || y >= g.length) return;
+    if (x < 0 || x >= g[0].length) return;
+    g[y][x] = { ch, hl };
+}
+
+function text(g, x, y, str, hl = false) {
+    for (let i = 0; i < str.length; i++) put(g, x + i, y, str[i], hl);
+}
+
+function textCenter(g, cx, y, str, hl = false) {
+    text(g, cx - Math.floor(str.length / 2), y, str, hl);
+}
+
+function vline(g, x, y1, y2, hl = false) {
+    const [a, b] = y1 <= y2 ? [y1, y2] : [y2, y1];
+    for (let y = a; y <= b; y++) put(g, x, y, '│', hl);
+}
+
+function hline(g, y, x1, x2, hl = false) {
+    const [a, b] = x1 <= x2 ? [x1, x2] : [x2, x1];
+    for (let x = a; x <= b; x++) put(g, x, y, '─', hl);
+}
+
+function ch(g, x, y, char, hl = false) {
+    put(g, x, y, char, hl);
+}
+
+function joint(g, x, y, char) {
+    if (y < 0 || y >= g.length || x < 0 || x >= g[0].length) return;
+    g[y][x] = { ch: char, hl: g[y][x].hl };
+}
+
+function box(g, o) {
+    const { x, y, w, h, lines = [], align = 'left', topLabel, hl = false, subtitle = false } = o;
+    if (hl) {
+        for (let yy = y + 1; yy < y + h - 1; yy++) {
+            for (let xx = x + 1; xx < x + w - 1; xx++) {
+                put(g, xx, yy, SPACE, true);
+            }
+        }
+    }
+    put(g, x, y, '┌', hl);
+    put(g, x + w - 1, y, '┐', hl);
+    put(g, x, y + h - 1, '└', hl);
+    put(g, x + w - 1, y + h - 1, '┘', hl);
+    for (let i = 1; i < w - 1; i++) {
+        put(g, x + i, y, '─', hl);
+        put(g, x + i, y + h - 1, '─', hl);
+    }
+    for (let i = 1; i < h - 1; i++) {
+        put(g, x, y + i, '│', hl);
+        put(g, x + w - 1, y + i, '│', hl);
+    }
+    if (topLabel) {
+        const label = ` ${topLabel} `;
+        for (let i = 0; i < label.length && 2 + i < w - 2; i++) {
+            put(g, x + 2 + i, y, label[i], hl);
+        }
+    }
+    const inner = w - 2;
+    for (let i = 0; i < lines.length; i++) {
+        if (1 + i >= h - 1) break;
+        const line = lines[i];
+        const startCol =
+            align === 'center'
+                ? x + 1 + Math.floor((inner - line.length) / 2)
+                : x + 2;
+        const accent = subtitle && i > 0;
+        for (let j = 0; j < line.length; j++) {
+            if (startCol + j >= x + w - 1) break;
+            const yy = y + 1 + i;
+            const xx = startCol + j;
+            if (yy < 0 || yy >= g.length || xx < 0 || xx >= g[0].length) continue;
+            g[yy][xx] = { ch: line[j], hl, accent };
+        }
+    }
+}
+
+function highlight(g, x, y, w, h) {
+    for (let yy = y; yy < y + h; yy++) {
+        for (let xx = x; xx < x + w; xx++) {
+            if (yy < 0 || yy >= g.length || xx < 0 || xx >= g[0].length) continue;
+            g[yy][xx] = { ch: g[yy][xx].ch, hl: true };
+        }
+    }
+}
+
+function verify(g) {
+    const width = g[0]?.length ?? 0;
+    for (const row of g) {
+        if (row.length !== width) throw new Error('Grid rows have inconsistent width');
+    }
+    return { width, height: g.length };
+}
+
+// Plain-text rendering for the markdown plugin. Drops React span wrappers
+// and emits trailing-whitespace-trimmed lines joined with '\n'.
+function renderText(g) {
+    const lines = [];
+    for (const row of g) {
+        let end = row.length;
+        while (
+            end > 0 &&
+            row[end - 1].ch === SPACE &&
+            !row[end - 1].hl &&
+            !row[end - 1].accent
+        ) {
+            end--;
+        }
+        let line = '';
+        for (let i = 0; i < end; i++) line += row[i].ch;
+        lines.push(line);
+    }
+    return lines.join('\n');
+}
+
+module.exports = {
+    make,
+    text,
+    textCenter,
+    vline,
+    hline,
+    ch,
+    joint,
+    box,
+    highlight,
+    verify,
+    renderText,
+};
diff --git a/apps/docs/src/components/CodingAgentsTopology/grid.tsx b/apps/docs/src/components/CodingAgentsTopology/grid.tsx
new file mode 100644
index 000000000..51c813f61
--- /dev/null
+++ b/apps/docs/src/components/CodingAgentsTopology/grid.tsx
@@ -0,0 +1,83 @@
+// Re-exports the pure grid utilities from grid.cjs and adds a React-flavored
+// `render` that wraps highlighted/accent runs in <span> elements. The .cjs
+// module is shared with the markdown-source plugin so the same ASCII art
+// renders in both the live page and the .md output.
+//
+// `Grid` is intentionally typed loosely (`any[][]`) because the cell shape
+// comes from grid.cjs. Strong typing isn't worth a parallel .d.ts file when
+// the consuming React component only passes the grid through.
+
+import React from 'react';
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const grid = require('./grid.cjs');
+
+export type Grid = any[][];
+
+const SPACE = ' ';
+
+export const make: (width: number, height: number) => Grid = grid.make;
+export const text: (g: Grid, x: number, y: number, str: string, hl?: boolean) => void = grid.text;
+export const textCenter: (g: Grid, cx: number, y: number, str: string, hl?: boolean) => void = grid.textCenter;
+export const vline: (g: Grid, x: number, y1: number, y2: number, hl?: boolean) => void = grid.vline;
+export const hline: (g: Grid, y: number, x1: number, x2: number, hl?: boolean) => void = grid.hline;
+export const ch: (g: Grid, x: number, y: number, char: string, hl?: boolean) => void = grid.ch;
+export const joint: (g: Grid, x: number, y: number, char: string) => void = grid.joint;
+
+type BoxOpts = {
+  x: number;
+  y: number;
+  w: number;
+  h: number;
+  lines?: string[];
+  align?: 'left' | 'center';
+  topLabel?: string;
+  hl?: boolean;
+  subtitle?: boolean;
+};
+export const box: (g: Grid, o: BoxOpts) => void = grid.box;
+export const highlight: (g: Grid, x: number, y: number, w: number, h: number) => void = grid.highlight;
+export const verify: (g: Grid) => { width: number; height: number } = grid.verify;
+
+export function render(g: Grid): React.ReactNode[] {
+  const out: React.ReactNode[] = [];
+  for (let y = 0; y < g.length; y++) {
+    if (y > 0) out.push('\n');
+    const row = g[y];
+    let end = row.length;
+    while (
+      end > 0 &&
+      row[end - 1].ch === SPACE &&
+      !row[end - 1].hl &&
+      !row[end - 1].accent
+    )
+      end--;
+    let i = 0;
+    while (i < end) {
+      const hl = row[i].hl;
+      const accent = !!row[i].accent;
+      let j = i;
+      while (j < end && row[j].hl === hl && !!row[j].accent === accent) j++;
+      const seg = row
+        .slice(i, j)
+        .map((c: { ch: string }) => c.ch)
+        .join('');
+      if (hl) {
+        out.push(
+          <span key={`${y}-${i}`} className="ascii-graph__highlight">
+            {seg}
+          </span>
+        );
+      } else if (accent) {
+        out.push(
+          <span key={`${y}-${i}`} className="ascii-graph__accent">
+            {seg}
+          </span>
+        );
+      } else {
+        out.push(seg);
+      }
+      i = j;
+    }
+  }
+  return out;
+}
diff --git a/apps/docs/src/components/CodingAgentsTopology/index.tsx b/apps/docs/src/components/CodingAgentsTopology/index.tsx
new file mode 100644
index 000000000..4ab233b6b
--- /dev/null
+++ b/apps/docs/src/components/CodingAgentsTopology/index.tsx
@@ -0,0 +1,53 @@
+import React, { useState } from 'react';
+import { render } from './grid';
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const { buildRemote, buildLocal } = require('./build.cjs');
+
+type Mode = 'remote' | 'local';
+
+
+const CodingAgentsTopology: React.FC = () => {
+  const [mode, setMode] = useState<Mode>('remote');
+  const diagram = mode === 'remote' ? buildRemote() : buildLocal();
+
+  return (
+    <div className="topology-toggle">
+      <div
+        className="topology-toggle__control"
+        role="tablist"
+        aria-label="Where the agent runs"
+      >
+        <button
+          type="button"
+          role="tab"
+          aria-selected={mode === 'remote'}
+          className={`topology-toggle__button${
+            mode === 'remote' ? ' topology-toggle__button--active' : ''
+          }`}
+          onClick={() => setMode('remote')}
+        >
+          Remote (zcp service)
+        </button>
+        <button
+          type="button"
+          role="tab"
+          aria-selected={mode === 'local'}
+          className={`topology-toggle__button${
+            mode === 'local' ? ' topology-toggle__button--active' : ''
+          }`}
+          onClick={() => setMode('local')}
+        >
+          Local (zcli vpn up)
+        </button>
+      </div>
+      <pre
+        className="ascii-graph"
+        aria-label="Zerops development project topology"
+      >
+        {render(diagram)}
+      </pre>
+    </div>
+  );
+};
+
+export default CodingAgentsTopology;
diff --git a/apps/docs/src/components/IntroAgentVisual/build.cjs b/apps/docs/src/components/IntroAgentVisual/build.cjs
new file mode 100644
index 000000000..3e85f885a
--- /dev/null
+++ b/apps/docs/src/components/IntroAgentVisual/build.cjs
@@ -0,0 +1,136 @@
+'use strict';
+
+// Build function for the agents-to-recipes-to-projects intro visual.
+// Pure JS, no React. Consumed by:
+//   - the React component (index.tsx) for the live page (renders logo images
+//     absolutely positioned over the ASCII grid)
+//   - the markdown-source plugin to render the same diagram as plain text
+//     (logos rendered as their alt text overlaid into the grid)
+
+const {
+    make,
+    text,
+    textCenter,
+    vline,
+    hline,
+    ch,
+    joint,
+    box,
+    verify,
+} = require('../CodingAgentsTopology/grid.cjs');
+
+const W = 86;
+
+const AGENTS = [
+    { src: '/img/recipes/claude.png',   alt: 'Claude Code' },
+    { src: '/img/recipes/codex.svg',    alt: 'Codex' },
+    { src: '/img/recipes/gemini.svg',   alt: 'Gemini CLI' },
+    { src: '/img/recipes/opencode.png', alt: 'opencode' },
+];
+
+const RECIPES = [
+    { src: '/img/recipes/zerops/bun.svg',     alt: 'Bun' },
+    { src: '/img/recipes/zerops/deno.svg',    alt: 'Deno' },
+    { src: '/img/recipes/zerops/nodejs.svg',  alt: 'Node.js' },
+    { src: '/img/recipes/zerops/golang.svg',  alt: 'Go' },
+    { src: '/img/recipes/zerops/java.svg',    alt: 'Java' },
+    { src: '/img/recipes/zerops/python.svg',  alt: 'Python' },
+    { src: '/img/recipes/zerops/rust.svg',    alt: 'Rust' },
+    { src: '/img/recipes/zerops/gleam.svg',   alt: 'Gleam' },
+    { src: '/img/recipes/zerops/ruby.svg',    alt: 'Ruby' },
+    { src: '/img/recipes/zerops/php.svg',     alt: 'PHP' },
+    { src: '/img/recipes/zerops/dotnet.svg',  alt: '.NET' },
+    { src: '/img/recipes/zerops/laravel.svg', alt: 'Laravel' },
+    { src: '/img/recipes/zerops/nextjs.svg',  alt: 'Next.js' },
+    { src: '/img/recipes/zerops/nuxt.svg',    alt: 'Nuxt' },
+    { src: '/img/recipes/zerops/astro.svg',   alt: 'Astro' },
+    { src: '/img/recipes/zerops/svelte.svg',  alt: 'Svelte' },
+    { src: '/img/recipes/zerops/react.svg',   alt: 'React' },
+    { src: '/img/recipes/zerops/vue.svg',     alt: 'Vue' },
+    { src: '/img/recipes/zerops/angular.png', alt: 'Angular' },
+    { src: '/img/recipes/zerops/solid.svg',   alt: 'Solid' },
+    { src: '/img/recipes/zerops/qwik.svg',    alt: 'Qwik' },
+    { src: '/img/recipes/zerops/analog.svg',  alt: 'Analog' },
+    { src: '/img/recipes/zerops/nestjs.svg',  alt: 'Nest.js' },
+];
+
+function buildLayout() {
+    const g = make(W, 41);
+    const logos = [];
+
+    box(g, { x: 2, y: 0, w: 16, h: 8, topLabel: 'ZCP MCP' });
+    const AGENT_POS = [
+        [6, 2], [13, 2],
+        [6, 5], [13, 5],
+    ];
+    AGENTS.forEach((a, i) => {
+        const [col, row] = AGENT_POS[i];
+        logos.push({ src: a.src, alt: a.alt, col, row });
+    });
+
+    box(g, { x: 22, y: 0, w: 58, h: 11, topLabel: 'recipes for any stack' });
+    const RECIPE_COLS = [26, 33, 40, 47, 54, 61, 68, 75];
+    RECIPES.forEach((r, i) => {
+        const rowIdx = Math.floor(i / 8);
+        const colIdx = i % 8;
+        const row = 2 + rowIdx * 3;
+        logos.push({ src: r.src, alt: r.alt, col: RECIPE_COLS[colIdx], row });
+    });
+
+    joint(g, 17, 4, '├');
+    hline(g, 4, 18, 20);
+    ch(g, 21, 4, '►');
+
+    textCenter(g, 42, 12, 'zcp with agent has root ssh access to runtime services,');
+    textCenter(g, 42, 13, 'runs dev server on dev, deploys to stage, verifies');
+
+    joint(g, 10, 7, '┬');
+    vline(g, 10, 8, 14);
+    joint(g, 10, 15, '├');
+    hline(g, 15, 11, 73);
+    joint(g, 74, 15, '┐');
+
+    vline(g, 10, 16, 16);
+    joint(g, 10, 17, '┼');
+    vline(g, 10, 18, 18);
+    ch(g, 10, 19, '▼');
+
+    vline(g, 74, 16, 16);
+    joint(g, 74, 17, '┼');
+    vline(g, 74, 18, 18);
+    ch(g, 74, 19, '▼');
+
+    box(g, { x: 0, y: 17, w: 60, h: 23, topLabel: 'complex project' });
+
+    box(g, { x:  3, y: 20, w: 14, h: 4, lines: ['zcp', 'Ubuntu'], align: 'center', hl: true, subtitle: true });
+
+    box(g, { x:  3, y: 25, w: 14, h: 4, lines: ['appdev',    'Bun'],    align: 'center', subtitle: true });
+    box(g, { x: 23, y: 25, w: 14, h: 4, lines: ['apidev',    'Golang'], align: 'center', subtitle: true });
+    box(g, { x: 43, y: 25, w: 14, h: 4, lines: ['workerdev', 'Python'], align: 'center', subtitle: true });
+
+    box(g, { x:  3, y: 30, w: 14, h: 4, lines: ['appstage',    'Bun'],    align: 'center', subtitle: true });
+    box(g, { x: 23, y: 30, w: 14, h: 4, lines: ['apistage',    'Golang'], align: 'center', subtitle: true });
+    box(g, { x: 43, y: 30, w: 14, h: 4, lines: ['workerstage', 'Python'], align: 'center', subtitle: true });
+
+    box(g, { x:  3, y: 35, w: 10, h: 4, lines: ['db',      'Postgres'], align: 'center', subtitle: true });
+    box(g, { x: 14, y: 35, w: 10, h: 4, lines: ['search',  'Elastic'],  align: 'center', subtitle: true });
+    box(g, { x: 25, y: 35, w: 10, h: 4, lines: ['broker',  'NATS'],     align: 'center', subtitle: true });
+    box(g, { x: 36, y: 35, w: 10, h: 4, lines: ['cache',   'Valkey'],   align: 'center', subtitle: true });
+    box(g, { x: 47, y: 35, w: 10, h: 4, lines: ['storage', 'S3'],       align: 'center', subtitle: true });
+
+    box(g, { x: 64, y: 17, w: 22, h: 18, topLabel: 'simple project' });
+
+    box(g, { x: 69, y: 20, w: 12, h: 4, lines: ['zcp', 'Ubuntu'],        align: 'center', hl: true, subtitle: true });
+    box(g, { x: 69, y: 25, w: 12, h: 4, lines: ['appdev',   'Node.js'],  align: 'center', subtitle: true });
+    box(g, { x: 69, y: 30, w: 12, h: 4, lines: ['appstage', 'Node.js'],  align: 'center', subtitle: true });
+
+    verify(g);
+    return { grid: g, logos };
+}
+
+module.exports = {
+    buildLayout,
+    AGENTS,
+    RECIPES,
+    W,
+};
diff --git a/apps/docs/src/components/IntroAgentVisual/index.tsx b/apps/docs/src/components/IntroAgentVisual/index.tsx
new file mode 100644
index 000000000..08c01a917
--- /dev/null
+++ b/apps/docs/src/components/IntroAgentVisual/index.tsx
@@ -0,0 +1,38 @@
+import React from 'react';
+import { render } from '../CodingAgentsTopology/grid';
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const { buildLayout } = require('./build.cjs');
+
+type LogoSlot = { src: string; alt: string; col: number; row: number };
+
+const IntroAgentVisual: React.FC = () => {
+  const { grid, logos } = buildLayout() as {
+    grid: any[][];
+    logos: LogoSlot[];
+  };
+
+  return (
+    <div
+      className="intro-ascii"
+      role="img"
+      aria-label="ZCP MCP + your agent → recipes for any stack → one Zerops project with multiple runtimes and managed services"
+    >
+      <pre className="ascii-graph intro-ascii__frame">{render(grid)}</pre>
+      {logos.map((l, i) => (
+        <img
+          key={i}
+          className="intro-ascii__logo"
+          src={l.src}
+          alt={l.alt}
+          title={l.alt}
+          style={{
+            left: `calc(${l.col + 0.5}ch)`,
+            top: `calc((${l.row} + 0.5) * 1lh)`,
+          }}
+        />
+      ))}
+    </div>
+  );
+};
+
+export default IntroAgentVisual;
diff --git a/apps/docs/src/css/custom.css b/apps/docs/src/css/custom.css
index da54b907d..2bfb0e819 100644
--- a/apps/docs/src/css/custom.css
+++ b/apps/docs/src/css/custom.css
@@ -53,7 +53,10 @@
     @apply cursor-default;
   }
 
-  .sidebar-group-headline > .menu__list-item-collapsible > .menu__link:not([href]) > .menu__link:hover,
+  .sidebar-group-headline
+    > .menu__list-item-collapsible
+    > .menu__link:not([href])
+    > .menu__link:hover,
   .sidebar-group-headline .menu__list-item-collapsible:hover {
     @apply !bg-transparent;
   }
@@ -178,22 +181,22 @@ html[data-theme='dark'] {
 }
 
 .height-100 {
-    height: 100%;
+  height: 100%;
 }
 
 .sidebar-group-headline > .menu__list-item-collapsible > .menu__link {
-    padding: 0px !important;
-    color: var(--ifm-menu-color);
+  padding: 0px !important;
+  color: var(--ifm-menu-color);
 }
 
 .theme-doc-sidebar-item-category-level-1.sidebar-group-headline {
-    margin-bottom: 6px;
-    margin-top: 4px !important;
+  margin-bottom: 6px;
+  margin-top: 4px !important;
 }
 
 .sidebar-group-headline > .menu__list-item-collapsible {
-    cursor: default;
-    color: #fff;
+  cursor: default;
+  color: #fff;
 }
 
 html[data-theme='dark'] .docsearch-btn {
@@ -233,3 +236,1183 @@ html[data-theme='dark'] .docsearch-btn:hover {
 @import url('./components/toc.css');
 @import url('./components/copy-page-menu.css');
 @import url('./components/tooltip.css');
+
+/* ZCP + paired feature pages: force balanced table column widths on tablet
+   and up. Default markdown tables render as display:block with browser
+   auto-layout, which collapses one column to ~17% when the other has
+   bold-led short text the browser treats as max-content. Equal-width
+   fixed layout keeps long-cell content readable. Below 768px we leave the
+   default responsive overflow-x behavior alone. */
+@media (min-width: 768px) {
+  html[class*='docs-doc-id-zcp'] .theme-doc-markdown table,
+  html[class*='docs-doc-id-features/coding-agents'] .theme-doc-markdown table,
+  html[class*='docs-doc-id-features/local-remote-development']
+    .theme-doc-markdown
+    table {
+    display: table;
+    table-layout: fixed;
+    width: 100%;
+  }
+  html[class*='docs-doc-id-zcp'] .theme-doc-markdown table th,
+  html[class*='docs-doc-id-zcp'] .theme-doc-markdown table td,
+  html[class*='docs-doc-id-features/coding-agents']
+    .theme-doc-markdown
+    table
+    th,
+  html[class*='docs-doc-id-features/coding-agents']
+    .theme-doc-markdown
+    table
+    td,
+  html[class*='docs-doc-id-features/local-remote-development']
+    .theme-doc-markdown
+    table
+    th,
+  html[class*='docs-doc-id-features/local-remote-development']
+    .theme-doc-markdown
+    table
+    td {
+    overflow-wrap: anywhere;
+    word-break: normal;
+    vertical-align: top;
+  }
+}
+
+@media (max-width: 767px) {
+  html[class*='docs-doc-id-zcp'] article,
+  html[class*='docs-doc-id-features/coding-agents'] article,
+  html[class*='docs-doc-id-features/local-remote-development'] article,
+  html[class*='docs-doc-id-zcp'] .theme-doc-footer,
+  html[class*='docs-doc-id-features/coding-agents'] .theme-doc-footer,
+  html[class*='docs-doc-id-features/local-remote-development'] .theme-doc-footer {
+    overflow-x: hidden;
+  }
+
+  html[class*='docs-doc-id-zcp'] article pre,
+  html[class*='docs-doc-id-features/coding-agents'] article pre,
+  html[class*='docs-doc-id-features/local-remote-development'] article pre,
+  html[class*='docs-doc-id-zcp'] article table,
+  html[class*='docs-doc-id-features/coding-agents'] article table,
+  html[class*='docs-doc-id-features/local-remote-development'] article table {
+    max-width: 100%;
+    overflow-x: auto;
+  }
+
+  html[class*='docs-doc-id-zcp'] .theme-doc-footer a,
+  html[class*='docs-doc-id-features/coding-agents'] .theme-doc-footer a,
+  html[class*='docs-doc-id-features/local-remote-development']
+    .theme-doc-footer
+    a {
+    max-width: calc(50% - 0.25rem);
+    min-width: 0;
+    overflow-wrap: anywhere;
+  }
+}
+
+.zcp-lifecycle-diagram {
+  margin: 1.5rem 0 1.75rem;
+}
+
+.zcp-agent-flow {
+  display: grid;
+  gap: 0.85rem;
+  grid-template-columns: 1fr;
+  margin: 1.25rem 0 1.75rem;
+}
+
+.zcp-agent-flow__node {
+  background: #ffffff;
+  border: 1px solid #d7dce5;
+  border-radius: 8px;
+  color: #172033;
+  padding: 0.9rem;
+  position: relative;
+}
+
+.zcp-agent-flow__node::after {
+  color: #6b7280;
+  content: '↓';
+  font-size: 1.1rem;
+  font-weight: 700;
+  left: 50%;
+  line-height: 1;
+  position: absolute;
+  top: calc(100% + 0.08rem);
+  transform: translateX(-50%);
+}
+
+.zcp-agent-flow__node:last-child::after {
+  content: none;
+}
+
+.zcp-agent-flow__node span {
+  color: #6b7280;
+  display: block;
+  font-size: 0.68rem;
+  font-weight: 650;
+  letter-spacing: 0;
+  line-height: 1.1;
+  margin-bottom: 0.35rem;
+  text-transform: uppercase;
+}
+
+.zcp-agent-flow__node strong {
+  display: block;
+  font-size: 0.9rem;
+  line-height: 1.25;
+}
+
+.zcp-agent-flow__node p {
+  color: #4b5563;
+  font-size: 0.78rem;
+  line-height: 1.42;
+  margin: 0.45rem 0 0;
+}
+
+.zcp-agent-flow__node--intent {
+  background: #f7fbff;
+  border-color: rgba(45, 114, 217, 0.35);
+}
+
+.zcp-agent-flow__node--agent {
+  background: #fffaf0;
+  border-color: rgba(196, 127, 23, 0.35);
+}
+
+.zcp-agent-flow__node--mcp {
+  background: #f4fbf6;
+  border-color: rgba(50, 132, 90, 0.35);
+}
+
+.zcp-agent-flow__node--project {
+  background: #f8fafc;
+  border-color: rgba(75, 85, 99, 0.28);
+}
+
+.zcp-agent-flow__node--proof {
+  background: #f7f5ff;
+  border-color: rgba(113, 87, 217, 0.35);
+}
+
+.zcp-lifecycle-prompt {
+  align-items: center;
+  background: #f7fbff;
+  border: 1px solid #2d72d9;
+  border-radius: 8px;
+  color: #172033;
+  display: flex;
+  flex-direction: column;
+  gap: 0.35rem;
+  margin: 0 auto;
+  max-width: 22rem;
+  padding: 0.7rem 0.9rem;
+  text-align: center;
+}
+
+.zcp-lifecycle-prompt span {
+  font-size: 0.76rem;
+  font-weight: 650;
+  line-height: 1.1;
+  text-transform: uppercase;
+}
+
+.zcp-lifecycle-prompt code {
+  background: #eaf2ff;
+  border: 1px solid rgba(45, 114, 217, 0.22);
+  border-radius: 6px;
+  color: #172033;
+  display: block;
+  font-size: 0.78rem;
+  line-height: 1.25;
+  max-width: 100%;
+  overflow-wrap: anywhere;
+  padding: 0.32rem 0.45rem;
+  white-space: normal;
+}
+
+.zcp-lifecycle-down {
+  background: #6b7280;
+  height: 1.35rem;
+  margin: 0 auto;
+  position: relative;
+  width: 2px;
+}
+
+.zcp-lifecycle-down::after {
+  border-left: 5px solid transparent;
+  border-right: 5px solid transparent;
+  border-top: 7px solid #6b7280;
+  bottom: -6px;
+  content: '';
+  left: 50%;
+  position: absolute;
+  transform: translateX(-50%);
+}
+
+.zcp-lifecycle-flow {
+  display: grid;
+  gap: 1rem;
+  grid-template-columns: 1fr;
+  margin-top: 0.8rem;
+}
+
+.zcp-lifecycle-stage {
+  background: #ffffff;
+  border: 1px solid #d7dce5;
+  border-radius: 8px;
+  color: #172033;
+  padding: 0.95rem;
+  position: relative;
+}
+
+.zcp-lifecycle-stage::after {
+  color: #6b7280;
+  content: '↓';
+  font-size: 1.2rem;
+  font-weight: 700;
+  left: 50%;
+  line-height: 1;
+  position: absolute;
+  top: calc(100% + 0.08rem);
+  transform: translateX(-50%);
+}
+
+.zcp-lifecycle-stage:last-child::after {
+  content: none;
+}
+
+.zcp-lifecycle-stage h3 {
+  font-size: 0.95rem;
+  line-height: 1.25;
+  margin: 0;
+}
+
+.zcp-lifecycle-stage p {
+  color: #4b5563;
+  font-size: 0.84rem;
+  line-height: 1.45;
+  margin: 0.45rem 0 0.7rem;
+}
+
+.zcp-lifecycle-stage ul {
+  display: grid;
+  gap: 0.42rem;
+  list-style: none;
+  margin: 0;
+  padding: 0;
+}
+
+.zcp-lifecycle-stage li {
+  border: 1px solid currentColor;
+  border-radius: 6px;
+  font-size: 0.78rem;
+  line-height: 1.25;
+  padding: 0.38rem 0.48rem;
+}
+
+.zcp-lifecycle-stage--infra {
+  background: #f4fbf6;
+  border-color: rgba(50, 132, 90, 0.35);
+}
+
+.zcp-lifecycle-stage--infra li {
+  color: #236343;
+}
+
+.zcp-lifecycle-stage--dev {
+  background: #fffaf0;
+  border-color: rgba(196, 127, 23, 0.35);
+}
+
+.zcp-lifecycle-stage--dev li {
+  color: #9a5d0d;
+}
+
+.zcp-lifecycle-stage--delivery {
+  background: #f7f5ff;
+  border-color: rgba(113, 87, 217, 0.35);
+}
+
+.zcp-lifecycle-stage--delivery li {
+  color: #5b45b0;
+}
+
+html[data-theme='dark'] .zcp-lifecycle-prompt {
+  background: #132033;
+  color: #f8fafc;
+}
+
+html[data-theme='dark'] .zcp-lifecycle-prompt code {
+  background: #17263d;
+  color: #dbeafe;
+}
+
+html[data-theme='dark'] .zcp-agent-flow__node {
+  color: #f8fafc;
+}
+
+html[data-theme='dark'] .zcp-agent-flow__node span,
+html[data-theme='dark'] .zcp-agent-flow__node p {
+  color: #cbd5e1;
+}
+
+html[data-theme='dark'] .zcp-agent-flow__node--intent {
+  background: rgba(30, 58, 138, 0.22);
+}
+
+html[data-theme='dark'] .zcp-agent-flow__node--agent {
+  background: rgba(120, 53, 15, 0.2);
+}
+
+html[data-theme='dark'] .zcp-agent-flow__node--mcp {
+  background: rgba(20, 83, 45, 0.22);
+}
+
+html[data-theme='dark'] .zcp-agent-flow__node--project {
+  background: rgba(24, 24, 27, 0.72);
+}
+
+html[data-theme='dark'] .zcp-agent-flow__node--proof {
+  background: rgba(76, 29, 149, 0.22);
+}
+
+html[data-theme='dark'] .zcp-lifecycle-stage {
+  color: #f8fafc;
+}
+
+html[data-theme='dark'] .zcp-lifecycle-stage p {
+  color: #cbd5e1;
+}
+
+html[data-theme='dark'] .zcp-lifecycle-stage--infra {
+  background: rgba(20, 83, 45, 0.22);
+}
+
+html[data-theme='dark'] .zcp-lifecycle-stage--dev {
+  background: rgba(120, 53, 15, 0.2);
+}
+
+html[data-theme='dark'] .zcp-lifecycle-stage--delivery {
+  background: rgba(76, 29, 149, 0.22);
+}
+
+@media (min-width: 768px) {
+  .zcp-agent-flow {
+    gap: 0.95rem;
+    grid-template-columns: repeat(5, minmax(0, 1fr));
+  }
+
+  .zcp-agent-flow__node::after {
+    content: '→';
+    left: calc(100% + 0.22rem);
+    top: 50%;
+    transform: translateY(-50%);
+  }
+
+  .zcp-lifecycle-prompt {
+    margin-left: 0;
+    margin-right: auto;
+    max-width: none;
+    width: calc(33.333% - 0.9rem);
+  }
+
+  .zcp-lifecycle-down {
+    margin-left: calc(16.666% - 0.45rem);
+    margin-right: 0;
+  }
+
+  .zcp-lifecycle-flow {
+    gap: 1.35rem;
+    grid-template-columns: repeat(3, minmax(0, 1fr));
+  }
+
+  .zcp-lifecycle-stage::after {
+    content: '→';
+    left: calc(100% + 0.3rem);
+    top: 50%;
+    transform: translateY(-50%);
+  }
+}
+
+/* === coding-agents feature page: claim grid, gap cards, comparison cards, pull quote, hack panel, run-split === */
+
+.zcp-claim-grid {
+  display: grid;
+  gap: 0.95rem;
+  grid-template-columns: 1fr;
+  margin: 1.25rem 0 2rem;
+}
+
+.zcp-claim-card,
+.zcp-claim-callout {
+  background: #ffffff;
+  border: 1px solid #d7dce5;
+  border-radius: 8px;
+  color: #172033;
+  padding: 1rem;
+}
+
+.zcp-claim-card span,
+.zcp-claim-callout span {
+  color: #6b7280;
+  display: block;
+  font-size: 0.68rem;
+  font-weight: 650;
+  letter-spacing: 0;
+  line-height: 1.1;
+  margin-bottom: 0.45rem;
+  text-transform: uppercase;
+}
+
+.zcp-claim-card h3,
+.zcp-claim-callout h3 {
+  font-size: 1rem;
+  line-height: 1.25;
+  margin: 0;
+}
+
+.zcp-claim-card p,
+.zcp-claim-callout p {
+  color: #4b5563;
+  font-size: 0.84rem;
+  line-height: 1.5;
+  margin: 0.55rem 0 0;
+}
+
+.zcp-claim-card--services { background: #f4fbf6; border-color: rgba(50, 132, 90, 0.35); }
+.zcp-claim-card--deploy   { background: #f7f5ff; border-color: rgba(113, 87, 217, 0.35); }
+.zcp-claim-card--stack    { background: #f7fbff; border-color: rgba(45, 114, 217, 0.35); }
+.zcp-claim-card--handover { background: #fffaf0; border-color: rgba(196, 127, 23, 0.35); }
+
+.zcp-claim-callout {
+  background: #172033;
+  border-color: #172033;
+  color: #ffffff;
+}
+.zcp-claim-callout span,
+.zcp-claim-callout p { color: #d1d5db; }
+.zcp-claim-callout h3 { color: #ffffff; }
+
+@media (min-width: 768px) {
+  .zcp-claim-grid { grid-template-columns: repeat(2, minmax(0, 1fr)); }
+  .zcp-claim-callout { grid-column: 1 / -1; padding: 1.15rem 1.25rem; }
+}
+
+html[data-theme='dark'] .zcp-claim-card { color: #f8fafc; }
+html[data-theme='dark'] .zcp-claim-card p,
+html[data-theme='dark'] .zcp-claim-card span { color: #cbd5e1; }
+html[data-theme='dark'] .zcp-claim-card--services { background: rgba(20, 83, 45, 0.22); }
+html[data-theme='dark'] .zcp-claim-card--deploy   { background: rgba(76, 29, 149, 0.22); }
+html[data-theme='dark'] .zcp-claim-card--stack    { background: rgba(30, 58, 138, 0.22); }
+html[data-theme='dark'] .zcp-claim-card--handover { background: rgba(120, 53, 15, 0.2); }
+
+/* gap objection cards */
+
+.zcp-gap-grid {
+  display: grid;
+  gap: 0.8rem;
+  grid-template-columns: 1fr;
+  margin: 1rem 0 1.75rem;
+}
+
+.zcp-gap-card {
+  background: #fffaf0;
+  border: 1px solid rgba(196, 127, 23, 0.35);
+  border-radius: 8px;
+  padding: 0.9rem;
+}
+
+.zcp-gap-card h3 { color: #172033; font-size: 0.95rem; line-height: 1.25; margin: 0; }
+.zcp-gap-card p  { color: #4b5563; font-size: 0.82rem; line-height: 1.45; margin: 0.45rem 0 0; }
+
+@media (min-width: 768px) {
+  .zcp-gap-grid { grid-template-columns: repeat(2, minmax(0, 1fr)); }
+}
+
+html[data-theme='dark'] .zcp-gap-card { background: rgba(120, 53, 15, 0.2); }
+html[data-theme='dark'] .zcp-gap-card h3 { color: #f8fafc; }
+html[data-theme='dark'] .zcp-gap-card p  { color: #cbd5e1; }
+
+/* competitor comparison cards + highlighted summary table */
+
+.zcp-compare-grid {
+  display: grid;
+  gap: 0.9rem;
+  grid-template-columns: 1fr;
+  margin: 1.2rem 0 1.5rem;
+}
+
+.zcp-compare-card {
+  background: #ffffff;
+  border: 1px solid #d7dce5;
+  border-radius: 8px;
+  padding: 0.95rem;
+}
+
+.zcp-compare-card span   { color: #6b7280; display: block; font-size: 0.68rem; font-weight: 650; margin-bottom: 0.4rem; text-transform: uppercase; }
+.zcp-compare-card h3     { font-size: 0.98rem; line-height: 1.25; margin: 0; }
+.zcp-compare-card p      { color: #4b5563; font-size: 0.82rem; line-height: 1.48; margin: 0.5rem 0 0.7rem; }
+.zcp-compare-card strong { color: #236343; display: block; font-size: 0.8rem; line-height: 1.35; }
+
+.zcp-summary-table table tr:last-child    { background: #f4fbf6; }
+.zcp-summary-table table tr:last-child td { border-top: 1px solid rgba(50, 132, 90, 0.35); font-weight: 600; }
+
+@media (min-width: 768px) {
+  .zcp-compare-grid { grid-template-columns: repeat(2, minmax(0, 1fr)); }
+  .zcp-compare-card--wide { grid-column: 1 / -1; }
+}
+
+html[data-theme='dark'] .zcp-compare-card         { background: rgba(24, 24, 27, 0.72); color: #f8fafc; }
+html[data-theme='dark'] .zcp-compare-card p,
+html[data-theme='dark'] .zcp-compare-card span    { color: #cbd5e1; }
+html[data-theme='dark'] .zcp-compare-card strong  { color: #86efac; }
+html[data-theme='dark'] .zcp-summary-table table tr:last-child { background: rgba(20, 83, 45, 0.22); }
+
+/* project boundary pull quote */
+
+.zcp-boundary-quote {
+  background: #f7fbff;
+  border: 1px solid rgba(45, 114, 217, 0.35);
+  border-left: 4px solid #2d72d9;
+  border-radius: 8px;
+  margin: 1.25rem 0;
+  padding: 1rem 1.15rem;
+}
+
+.zcp-boundary-quote p {
+  color: #172033;
+  font-size: 1.05rem;
+  font-weight: 650;
+  line-height: 1.45;
+  margin: 0;
+}
+
+html[data-theme='dark'] .zcp-boundary-quote { background: rgba(30, 58, 138, 0.22); }
+html[data-theme='dark'] .zcp-boundary-quote p { color: #f8fafc; }
+
+/* hack-on-the-workspace panel */
+
+.zcp-hack-panel {
+  background: #f8fafc;
+  border: 1px solid rgba(75, 85, 99, 0.28);
+  border-radius: 8px;
+  margin: 1rem 0 1.5rem;
+  padding: 1rem;
+}
+
+.zcp-hack-panel > div span   { color: #6b7280; display: block; font-size: 0.68rem; font-weight: 650; margin-bottom: 0.35rem; text-transform: uppercase; }
+.zcp-hack-panel > div strong { color: #172033; display: block; font-size: 1rem; line-height: 1.25; }
+.zcp-hack-panel ul  { display: grid; gap: 0.45rem; list-style: none; margin: 0.8rem 0 0; padding: 0; }
+.zcp-hack-panel li  { background: #ffffff; border: 1px solid #d7dce5; border-radius: 6px; color: #4b5563; font-size: 0.82rem; line-height: 1.4; padding: 0.5rem 0.6rem; }
+
+@media (min-width: 768px) {
+  .zcp-hack-panel { display: grid; gap: 1rem; grid-template-columns: minmax(0, 0.75fr) minmax(0, 1.25fr); }
+  .zcp-hack-panel ul { margin-top: 0; }
+}
+
+html[data-theme='dark'] .zcp-hack-panel { background: rgba(24, 24, 27, 0.72); }
+html[data-theme='dark'] .zcp-hack-panel > div strong { color: #f8fafc; }
+html[data-theme='dark'] .zcp-hack-panel li { background: rgba(15, 23, 42, 0.55); color: #cbd5e1; }
+
+/* where it runs: remote/local split */
+
+.zcp-run-split { display: grid; gap: 0.85rem; grid-template-columns: 1fr; margin: 1rem 0 1.4rem; }
+.zcp-run-split article { background: #f7fbff; border: 1px solid rgba(45, 114, 217, 0.35); border-radius: 8px; padding: 0.95rem; }
+.zcp-run-split span    { color: #6b7280; display: block; font-size: 0.68rem; font-weight: 650; margin-bottom: 0.4rem; text-transform: uppercase; }
+.zcp-run-split h3      { color: #172033; font-size: 0.98rem; line-height: 1.25; margin: 0; }
+.zcp-run-split p       { color: #4b5563; font-size: 0.82rem; line-height: 1.45; margin: 0.5rem 0 0; }
+
+@media (min-width: 768px) {
+  .zcp-run-split { grid-template-columns: repeat(2, minmax(0, 1fr)); }
+}
+
+html[data-theme='dark'] .zcp-run-split article { background: rgba(30, 58, 138, 0.22); }
+html[data-theme='dark'] .zcp-run-split h3 { color: #f8fafc; }
+html[data-theme='dark'] .zcp-run-split p,
+html[data-theme='dark'] .zcp-run-split span { color: #cbd5e1; }
+
+/* substrate cards: structural differentiators */
+
+.zcp-substrate-grid {
+  display: grid;
+  gap: 0.9rem;
+  grid-template-columns: 1fr;
+  margin: 1.1rem 0 1.85rem;
+}
+
+.zcp-substrate-card {
+  background: #f1f5f9;
+  border: 1px solid rgba(45, 65, 96, 0.28);
+  border-radius: 8px;
+  padding: 1rem;
+}
+
+.zcp-substrate-card span {
+  color: #475569;
+  display: block;
+  font-size: 0.68rem;
+  font-weight: 650;
+  letter-spacing: 0;
+  line-height: 1.1;
+  margin-bottom: 0.45rem;
+  text-transform: uppercase;
+}
+
+.zcp-substrate-card h3 {
+  color: #172033;
+  font-size: 1rem;
+  line-height: 1.25;
+  margin: 0;
+}
+
+.zcp-substrate-card p {
+  color: #4b5563;
+  font-size: 0.84rem;
+  line-height: 1.5;
+  margin: 0.55rem 0 0;
+}
+
+.zcp-substrate-card p em {
+  background: rgba(196, 127, 23, 0.18);
+  border-radius: 3px;
+  color: #7c3a02;
+  font-style: normal;
+  padding: 0 0.22em;
+}
+
+/* substrate cards stack as rows on all viewports — each claim gets full width
+   so the reader can connect it back to the topology above */
+
+html[data-theme='dark'] .zcp-substrate-card { background: rgba(15, 23, 42, 0.7); }
+html[data-theme='dark'] .zcp-substrate-card h3 { color: #f8fafc; }
+html[data-theme='dark'] .zcp-substrate-card p,
+html[data-theme='dark'] .zcp-substrate-card span { color: #cbd5e1; }
+html[data-theme='dark'] .zcp-substrate-card p em { background: rgba(196, 127, 23, 0.25); color: #fde68a; }
+
+/* framed comparison table for the agent-hosting landscape */
+
+.zcp-landscape-table {
+  background: #ffffff;
+  border: 1px solid rgba(45, 65, 96, 0.18);
+  border-radius: 10px;
+  margin: 1.4rem 0 1.8rem;
+  overflow: hidden;
+}
+
+.zcp-landscape-table table {
+  border-collapse: collapse;
+  display: table;
+  font-size: 0.88rem;
+  margin: 0;
+  width: 100%;
+}
+
+.zcp-landscape-table thead th {
+  background: #f1f5f9;
+  border: none;
+  border-bottom: 1px solid rgba(45, 65, 96, 0.18);
+  color: #475569;
+  font-size: 0.7rem;
+  font-weight: 650;
+  letter-spacing: 0.05em;
+  padding: 0.7rem 1rem;
+  text-align: left;
+  text-transform: uppercase;
+}
+
+.zcp-landscape-table tbody td {
+  border: none;
+  border-bottom: 1px solid rgba(45, 65, 96, 0.08);
+  color: #4b5563;
+  line-height: 1.45;
+  padding: 0.75rem 1rem;
+  vertical-align: top;
+}
+
+.zcp-landscape-table tbody tr:last-child td {
+  border-bottom: none;
+}
+
+.zcp-landscape-table tbody td:first-child {
+  color: #172033;
+  font-weight: 600;
+  width: 22%;
+}
+
+.zcp-landscape-table tbody td:last-child {
+  color: #475569;
+  font-size: 0.82rem;
+  width: 26%;
+}
+
+.zcp-landscape-table tbody tr:hover {
+  background: rgba(45, 65, 96, 0.025);
+}
+
+.zcp-landscape-table__zerops {
+  background: rgba(45, 114, 217, 0.07);
+  position: relative;
+}
+
+.zcp-landscape-table__zerops:hover {
+  background: rgba(45, 114, 217, 0.11) !important;
+}
+
+.zcp-landscape-table__zerops td {
+  color: #1d4ed8 !important;
+  font-weight: 600;
+}
+
+.zcp-landscape-table__zerops td:first-child {
+  box-shadow: inset 3px 0 0 #2d72d9;
+  color: #1d4ed8 !important;
+}
+
+html[data-theme='dark'] .zcp-landscape-table {
+  background: rgba(15, 23, 42, 0.55);
+  border-color: rgba(255, 255, 255, 0.08);
+}
+
+html[data-theme='dark'] .zcp-landscape-table thead th {
+  background: rgba(255, 255, 255, 0.04);
+  border-bottom-color: rgba(255, 255, 255, 0.08);
+  color: #94a3b8;
+}
+
+html[data-theme='dark'] .zcp-landscape-table tbody td {
+  border-bottom-color: rgba(255, 255, 255, 0.06);
+  color: #cbd5e1;
+}
+
+html[data-theme='dark'] .zcp-landscape-table tbody td:first-child {
+  color: #f1f5f9;
+}
+
+html[data-theme='dark'] .zcp-landscape-table tbody td:last-child {
+  color: #94a3b8;
+}
+
+html[data-theme='dark'] .zcp-landscape-table tbody tr:hover {
+  background: rgba(255, 255, 255, 0.03);
+}
+
+html[data-theme='dark'] .zcp-landscape-table__zerops {
+  background: rgba(45, 114, 217, 0.18);
+}
+
+html[data-theme='dark'] .zcp-landscape-table__zerops:hover {
+  background: rgba(45, 114, 217, 0.24) !important;
+}
+
+html[data-theme='dark'] .zcp-landscape-table__zerops td {
+  color: #93c5fd !important;
+}
+
+/* agent hosting landscape — plain prose sections with a logo strip and an
+   explicit "ZCP relationship" line per category */
+
+.zcp-landscape-section {
+  border-top: 1px solid rgba(45, 65, 96, 0.12);
+  margin: 0;
+  padding: 1.1rem 0 1.25rem;
+}
+
+.zcp-landscape-section:first-of-type {
+  border-top: none;
+  padding-top: 1.5rem;
+}
+
+.zcp-landscape-section header {
+  display: flex;
+  flex-wrap: wrap;
+  align-items: center;
+  gap: 0.7rem 0.85rem;
+  margin-bottom: 0.55rem;
+}
+
+.zcp-landscape-section h4 {
+  color: #172033;
+  font-size: 1rem;
+  font-weight: 650;
+  line-height: 1.25;
+  margin: 0;
+}
+
+.zcp-landscape-section__logos {
+  align-items: center;
+  display: inline-flex;
+  flex-wrap: wrap;
+  gap: 0.35rem;
+}
+
+.zcp-landscape-section__logos img {
+  background: rgba(15, 23, 42, 0.05);
+  border-radius: 5px;
+  display: inline-block;
+  height: 22px;
+  padding: 3px;
+  width: 22px;
+}
+
+.zcp-landscape-section__examples {
+  color: #64748b;
+  flex-basis: 100%;
+  font-size: 0.78rem;
+  margin: 0;
+  order: 99;
+}
+
+.zcp-landscape-section p {
+  color: #475569;
+  font-size: 0.92rem;
+  line-height: 1.6;
+  margin: 0 0 0.55rem;
+}
+
+.zcp-landscape-section p:last-child {
+  margin-bottom: 0;
+}
+
+.zcp-landscape-section__relation {
+  background: rgba(45, 114, 217, 0.06);
+  border-left: 3px solid #2d72d9;
+  border-radius: 0 4px 4px 0;
+  color: #1e293b !important;
+  font-size: 0.9rem !important;
+  margin-top: 0.55rem;
+  padding: 0.55rem 0.85rem !important;
+}
+
+.zcp-landscape-section__relation strong {
+  color: #1d4ed8;
+}
+
+.zcp-landscape-section__relation code {
+  background: rgba(45, 114, 217, 0.12);
+  border-radius: 3px;
+  color: #1d4ed8;
+  font-size: 0.86em;
+  padding: 0.05em 0.3em;
+}
+
+html[data-theme='dark'] .zcp-landscape-section {
+  border-top-color: rgba(255, 255, 255, 0.08);
+}
+
+html[data-theme='dark'] .zcp-landscape-section h4 {
+  color: #f1f5f9;
+}
+
+html[data-theme='dark'] .zcp-landscape-section p {
+  color: #cbd5e1;
+}
+
+html[data-theme='dark'] .zcp-landscape-section__examples {
+  color: #94a3b8;
+}
+
+html[data-theme='dark'] .zcp-landscape-section__logos img {
+  background: rgba(255, 255, 255, 0.08);
+}
+
+html[data-theme='dark'] .zcp-landscape-section__relation {
+  background: rgba(96, 165, 250, 0.12);
+  border-left-color: #60a5fa;
+  color: #e2e8f0 !important;
+}
+
+html[data-theme='dark'] .zcp-landscape-section__relation strong {
+  color: #93c5fd;
+}
+
+html[data-theme='dark'] .zcp-landscape-section__relation code {
+  background: rgba(96, 165, 250, 0.2);
+  color: #bfdbfe;
+}
+
+/* service definition yaml panel */
+
+.zcp-yaml-intro {
+  color: #475569;
+  font-size: 0.86rem;
+  line-height: 1.55;
+  margin: 1rem 0 0.5rem;
+}
+
+.zcp-yaml-intro strong {
+  color: #172033;
+  font-weight: 650;
+}
+
+html[data-theme='dark'] .zcp-yaml-intro { color: #cbd5e1; }
+html[data-theme='dark'] .zcp-yaml-intro strong { color: #f8fafc; }
+
+/* unified feature grid (replaces claim cards) */
+
+.zcp-features-grid {
+  display: grid;
+  gap: 0.7rem;
+  grid-template-columns: 1fr;
+  margin: 1.1rem 0 1.85rem;
+}
+
+.zcp-feature-card {
+  background: #ffffff;
+  border: 1px solid #d7dce5;
+  border-radius: 8px;
+  padding: 0.85rem 0.95rem;
+}
+
+.zcp-feature-card h3 {
+  color: #172033;
+  font-size: 0.92rem;
+  line-height: 1.25;
+  margin: 0;
+}
+
+.zcp-feature-card p {
+  color: #4b5563;
+  font-size: 0.8rem;
+  line-height: 1.5;
+  margin: 0.4rem 0 0;
+}
+
+.zcp-feature-callout {
+  background: #172033;
+  border: 1px solid #172033;
+  border-radius: 8px;
+  color: #ffffff;
+  padding: 0.95rem 1.05rem;
+}
+
+.zcp-feature-callout span {
+  color: #d1d5db;
+  display: block;
+  font-size: 0.66rem;
+  font-weight: 650;
+  letter-spacing: 0;
+  line-height: 1.1;
+  margin-bottom: 0.35rem;
+  text-transform: uppercase;
+}
+
+.zcp-feature-callout h3 {
+  color: #ffffff;
+  font-size: 1rem;
+  line-height: 1.25;
+  margin: 0;
+}
+
+.zcp-feature-callout p {
+  color: #d1d5db;
+  font-size: 0.84rem;
+  line-height: 1.5;
+  margin: 0.45rem 0 0;
+}
+
+@media (min-width: 768px) {
+  .zcp-features-grid { grid-template-columns: repeat(3, minmax(0, 1fr)); gap: 0.8rem; }
+  .zcp-feature-callout { grid-column: 1 / -1; padding: 1.05rem 1.2rem; }
+}
+
+html[data-theme='dark'] .zcp-feature-card { background: rgba(24, 24, 27, 0.72); }
+html[data-theme='dark'] .zcp-feature-card h3 { color: #f8fafc; }
+html[data-theme='dark'] .zcp-feature-card p { color: #cbd5e1; }
+
+/* AsciiGraph — blended with page, no code-block chrome */
+
+/* Pinned webfont so box-drawing characters (│ ─ ▼ └ ┘) line up at exactly
+   1ch on every platform. The system-monospace fallbacks (SF Mono, Consolas,
+   Roboto Mono) substitute a different font for those glyphs and the diagrams
+   drift, badly on Android. */
+@font-face {
+  font-family: 'JetBrains Mono';
+  font-style: normal;
+  font-weight: 400;
+  font-display: swap;
+  src: url('/fonts/JetBrainsMono-Regular.woff2') format('woff2');
+}
+
+:root {
+  --ascii-graph-font: 'JetBrains Mono', ui-monospace, SFMono-Regular, Menlo, Consolas, 'Liberation Mono', 'Courier New', monospace;
+}
+
+.ascii-graph {
+  background: transparent;
+  border: none;
+  color: #475569;
+  display: block;
+  font-family: var(--ascii-graph-font);
+  font-size: 0.88rem;
+  line-height: 1.4;
+  /* Disable contextual alternates / ligatures so adjacent glyphs never
+     collapse or shift. */
+  font-variant-ligatures: none;
+  font-feature-settings: 'liga' 0, 'calt' 0;
+  margin: 2.5rem auto 3rem;
+  max-width: 100%;
+  overflow-x: auto;
+  padding: 0.5rem 0;
+  text-align: left;
+  white-space: pre;
+  width: fit-content;
+}
+
+.markdown > h2 {
+  margin-top: 2rem;
+}
+
+.markdown > h3 {
+  margin-top: 1.75rem;
+}
+
+html[data-theme='dark'] .ascii-graph {
+  color: #cbd5e1;
+}
+
+.ascii-graph__highlight {
+  background: rgba(45, 114, 217, 0.14);
+  border-radius: 2px;
+  color: #1d4ed8;
+}
+
+html[data-theme='dark'] .ascii-graph__highlight {
+  background: rgba(96, 165, 250, 0.18);
+  color: #93c5fd;
+}
+
+.ascii-graph__accent {
+  opacity: 0.5;
+}
+
+.topology-toggle {
+  text-align: center;
+  margin: 1.25rem 0 1.5rem;
+}
+
+.topology-toggle__control {
+  display: inline-flex;
+  background: rgba(15, 23, 42, 0.04);
+  border-radius: 999px;
+  padding: 3px;
+  margin-bottom: 0.25rem;
+}
+
+.topology-toggle__button {
+  appearance: none;
+  border: 0;
+  background: transparent;
+  font-family: var(--ifm-font-family-base);
+  font-size: 0.85rem;
+  font-weight: 500;
+  color: #475569;
+  padding: 0.35rem 0.95rem;
+  border-radius: 999px;
+  cursor: pointer;
+  transition: background 0.15s ease, color 0.15s ease, box-shadow 0.15s ease;
+}
+
+.topology-toggle__button:hover {
+  color: #1d4ed8;
+}
+
+.topology-toggle__button--active {
+  background: #ffffff;
+  color: #1d4ed8;
+  box-shadow: 0 1px 2px rgba(15, 23, 42, 0.08);
+}
+
+.topology-toggle .ascii-graph {
+  margin-top: 0.25rem;
+}
+
+.topology-toggle__secondary {
+  margin-top: 0 !important;
+  padding-top: 0;
+}
+
+.intro-ascii {
+  position: relative;
+  /* Match .ascii-graph's centering convention so this lines up with the
+     other ASCII diagrams on the page. */
+  margin: 2.5rem auto 3rem;
+  width: fit-content;
+  max-width: 100%;
+  overflow-x: auto;
+  /* Lock font + line-height to .ascii-graph values so that 1ch / 1lh on
+     absolutely-positioned children align with the pre's character grid. */
+  font-family: var(--ascii-graph-font);
+  font-size: 0.88rem;
+  line-height: 1.4;
+  font-variant-ligatures: none;
+  font-feature-settings: 'liga' 0, 'calt' 0;
+}
+
+.intro-ascii__frame {
+  margin: 0;
+  padding: 0;
+}
+
+.intro-ascii__logo {
+  position: absolute;
+  width: 1.7em;
+  height: 1.7em;
+  transform: translate(-50%, -50%);
+  object-fit: contain;
+  font: inherit;
+  pointer-events: auto;
+}
+
+html[data-theme='dark'] .topology-toggle__control {
+  background: rgba(255, 255, 255, 0.06);
+}
+
+html[data-theme='dark'] .topology-toggle__button {
+  color: #94a3b8;
+}
+
+html[data-theme='dark'] .topology-toggle__button:hover {
+  color: #93c5fd;
+}
+
+html[data-theme='dark'] .topology-toggle__button--active {
+  background: rgba(45, 114, 217, 0.22);
+  color: #93c5fd;
+  box-shadow: none;
+}
+
+/* page intro hook — the page's positioning statement */
+
+.zcp-intro-hook {
+  background: rgba(45, 114, 217, 0.06);
+  border-left: 4px solid #2d72d9;
+  border-radius: 0 8px 8px 0;
+  color: #172033;
+  font-size: 1.05rem;
+  font-weight: 500;
+  line-height: 1.55;
+  margin: 1.5rem 0 2.5rem;
+  padding: 1.1rem 1.35rem;
+}
+
+.zcp-intro-hook p {
+  margin: 0;
+}
+
+.zcp-intro-hook p + p {
+  margin-top: 0.7rem;
+}
+
+.zcp-intro-hook strong {
+  color: #1d4ed8;
+  font-weight: 650;
+}
+
+html[data-theme='dark'] .zcp-intro-hook {
+  background: rgba(96, 165, 250, 0.08);
+  border-left-color: #60a5fa;
+  color: #f8fafc;
+}
+
+html[data-theme='dark'] .zcp-intro-hook strong {
+  color: #93c5fd;
+}
diff --git a/apps/docs/src/plugins/markdown-source/__tests__/converters.test.js b/apps/docs/src/plugins/markdown-source/__tests__/converters.test.js
new file mode 100644
index 000000000..2e5e12eba
--- /dev/null
+++ b/apps/docs/src/plugins/markdown-source/__tests__/converters.test.js
@@ -0,0 +1,513 @@
+'use strict';
+
+const test = require('node:test');
+const assert = require('node:assert/strict');
+const C = require('../converters');
+
+// ---------- Note --------------------------------------------------------
+
+test('convertNoteToMarkdown: tip with title -> :::tip[title]', () => {
+    const input = '<Note type="tip" title="Hello World">Body text here</Note>';
+    const out = C.convertNoteToMarkdown(input).trim();
+    assert.equal(out, ':::tip[Hello World]\n\nBody text here\n\n:::');
+});
+
+test('convertNoteToMarkdown: warning without title -> :::warning', () => {
+    const input = '<Note type="warning">Be careful</Note>';
+    const out = C.convertNoteToMarkdown(input).trim();
+    assert.equal(out, ':::warning\n\nBe careful\n\n:::');
+});
+
+test('convertNoteToMarkdown: error type -> :::danger', () => {
+    const input = '<Note type="error">Something failed</Note>';
+    const out = C.convertNoteToMarkdown(input).trim();
+    assert.match(out, /^:::danger/);
+});
+
+test('convertNoteToMarkdown: success type -> :::tip', () => {
+    const input = '<Note type="success">Worked</Note>';
+    const out = C.convertNoteToMarkdown(input).trim();
+    assert.match(out, /^:::tip/);
+});
+
+test('convertNoteToMarkdown: no type -> :::note', () => {
+    const input = '<Note title="Heads up">Just a note</Note>';
+    const out = C.convertNoteToMarkdown(input).trim();
+    assert.equal(out, ':::note[Heads up]\n\nJust a note\n\n:::');
+});
+
+test('convertNoteToMarkdown: multi-line body with markdown preserved', () => {
+    const input = `<Note type="tip" title="Multi">
+Line one
+**bold** here
+
+Another paragraph with \`code\`.
+</Note>`;
+    const out = C.convertNoteToMarkdown(input);
+    assert.match(out, /:::tip\[Multi\]/);
+    assert.match(out, /Line one/);
+    assert.match(out, /\*\*bold\*\* here/);
+    assert.match(out, /Another paragraph with `code`\./);
+    assert.match(out, /:::\n$/);
+});
+
+test('convertNoteToMarkdown: multiple Notes in one document', () => {
+    const input = `<Note type="tip" title="A">first</Note>
+some text
+<Note type="warning">second</Note>`;
+    const out = C.convertNoteToMarkdown(input);
+    assert.match(out, /:::tip\[A\]/);
+    assert.match(out, /:::warning/);
+    assert.match(out, /some text/);
+});
+
+// ---------- AsciiGraph -------------------------------------------------
+
+test('convertAsciiGraphToMarkdown: unwraps JSX template literals into code fence', () => {
+    const input = '<AsciiGraph ariaLabel="x">{`hello world`}</AsciiGraph>';
+    const out = C.convertAsciiGraphToMarkdown(input).trim();
+    assert.equal(out, '```text\nhello world\n```');
+});
+
+test('convertAsciiGraphToMarkdown: strips inline span highlights', () => {
+    const input = '<AsciiGraph>{`foo `}<span className="ascii-graph__highlight">{`HL`}</span>{` bar`}</AsciiGraph>';
+    const out = C.convertAsciiGraphToMarkdown(input).trim();
+    assert.equal(out, '```text\nfoo HL bar\n```');
+});
+
+test('convertAsciiGraphToMarkdown: preserves multi-line ASCII art', () => {
+    const input = `<AsciiGraph ariaLabel="loop">{\`    \`}<span className="ascii-graph__highlight">{\`zcp\`}</span>{\`
+             │
+             ▼
+    edit code\`}</AsciiGraph>`;
+    const out = C.convertAsciiGraphToMarkdown(input);
+    assert.match(out, /```text/);
+    assert.match(out, /    zcp/);
+    assert.match(out, /             │/);
+    assert.match(out, /             ▼/);
+    assert.match(out, /    edit code/);
+    assert.doesNotMatch(out, /<span/);
+    assert.doesNotMatch(out, /\{`/);
+    assert.doesNotMatch(out, /`\}/);
+});
+
+test('convertAsciiGraphToMarkdown: handles ariaLabel attribute', () => {
+    const input = '<AsciiGraph ariaLabel="Develop workflow loop">{`x`}</AsciiGraph>';
+    const out = C.convertAsciiGraphToMarkdown(input);
+    assert.doesNotMatch(out, /ariaLabel/);
+});
+
+test('convertAsciiGraphToMarkdown: handles two AsciiGraphs in same document', () => {
+    const input = '<AsciiGraph>{`one`}</AsciiGraph>\nbetween\n<AsciiGraph>{`two`}</AsciiGraph>';
+    const out = C.convertAsciiGraphToMarkdown(input);
+    assert.match(out, /one/);
+    assert.match(out, /between/);
+    assert.match(out, /two/);
+    assert.equal((out.match(/```text/g) || []).length, 2);
+});
+
+// ---------- DocCardList ------------------------------------------------
+
+test('convertDocCardListToMarkdown: single self-closing item with description', () => {
+    const input = `<DocCardList items={[
+        { type: 'link', href: '/zcp/quickstart', label: 'Quickstart', customProps: { icon: Icons['rocket-launch'], description: 'AI Agent recipe and a real change in five minutes.' } },
+    ]} />`;
+    const out = C.convertDocCardListToMarkdown(input);
+    assert.match(out, /- \[Quickstart\]\(\/zcp\/quickstart\) — AI Agent recipe and a real change in five minutes\./);
+});
+
+test('convertDocCardListToMarkdown: multiple items with Icons[...] inside', () => {
+    const input = `<DocCardList items={[
+        { type: 'link', href: '/a', label: 'A', customProps: { icon: Icons['rocket-launch'], description: 'desc A' } },
+        { type: 'link', href: '/b', label: 'B', customProps: { icon: Icons['sparkles'], description: 'desc B' } },
+        { type: 'link', href: '/c', label: 'C', customProps: { icon: Icons['globe-europe'], description: 'desc C' } },
+    ]} />`;
+    const out = C.convertDocCardListToMarkdown(input);
+    assert.match(out, /- \[A\]\(\/a\) — desc A/);
+    assert.match(out, /- \[B\]\(\/b\) — desc B/);
+    assert.match(out, /- \[C\]\(\/c\) — desc C/);
+});
+
+test('convertDocCardListToMarkdown: item without description renders link only', () => {
+    const input = `<DocCardList items={[{ type: 'link', href: '/x', label: 'X' }]} />`;
+    const out = C.convertDocCardListToMarkdown(input);
+    assert.match(out, /- \[X\]\(\/x\)\n/);
+    assert.doesNotMatch(out, /—/);
+});
+
+test('convertDocCardListToMarkdown: surrounding text is preserved', () => {
+    const input = `before
+<DocCardList items={[{ href: '/x', label: 'X' }]} />
+after`;
+    const out = C.convertDocCardListToMarkdown(input);
+    assert.match(out, /before/);
+    assert.match(out, /after/);
+    assert.match(out, /- \[X\]\(\/x\)/);
+});
+
+test('convertDocCardListToMarkdown: items with single-quoted strings containing ]', () => {
+    // Critical regression test: `customProps: { icon: Icons['x'] }` contains `]`,
+    // which would terminate a naive lazy regex match.
+    const input = `<DocCardList items={[
+        { type: 'link', href: '/p', label: 'P', customProps: { icon: Icons['close-bracket-test'], description: 'd' } }
+    ]} />`;
+    const out = C.convertDocCardListToMarkdown(input);
+    assert.match(out, /- \[P\]\(\/p\) — d/);
+});
+
+// ---------- Badge ------------------------------------------------------
+
+test('convertBadgeToMarkdown: optional -> *[Optional]*', () => {
+    assert.equal(C.convertBadgeToMarkdown('<Badge type="optional" />'), '*[Optional]*');
+});
+
+test('convertBadgeToMarkdown: required -> *[Required]*', () => {
+    assert.equal(C.convertBadgeToMarkdown('<Badge type="required" />'), '*[Required]*');
+});
+
+test('convertBadgeToMarkdown: required-some -> longer label', () => {
+    assert.equal(
+        C.convertBadgeToMarkdown('<Badge type="required-some"/>'),
+        '*[Required for some runtimes]*'
+    );
+});
+
+test('convertBadgeToMarkdown: custom with text', () => {
+    assert.equal(
+        C.convertBadgeToMarkdown('<Badge type="custom" text="Beta" />'),
+        '*[Beta]*'
+    );
+});
+
+test('convertBadgeToMarkdown: no attributes defaults to optional', () => {
+    assert.equal(C.convertBadgeToMarkdown('<Badge />'), '*[Optional]*');
+});
+
+// ---------- Button -----------------------------------------------------
+
+test('convertButtonToMarkdown: unwraps children', () => {
+    const input = '<Button variant="secondary"><Link href="/x">click</Link></Button>';
+    assert.equal(C.convertButtonToMarkdown(input), '<Link href="/x">click</Link>');
+});
+
+// ---------- Link -------------------------------------------------------
+
+test('convertLinkToMarkdown: plain link', () => {
+    assert.equal(
+        C.convertLinkToMarkdown('<Link href="/features/infrastructure">Read more</Link>'),
+        '[Read more](/features/infrastructure)'
+    );
+});
+
+test('convertLinkToMarkdown: link with inline code', () => {
+    assert.equal(
+        C.convertLinkToMarkdown('<Link href="/x">use <code>zcli</code></Link>'),
+        '[use `zcli`](/x)'
+    );
+});
+
+test('convertLinkToMarkdown: no href returns children unchanged', () => {
+    assert.equal(
+        C.convertLinkToMarkdown('<Link>orphan</Link>'),
+        'orphan'
+    );
+});
+
+// ---------- CustomCard -------------------------------------------------
+
+test('convertCustomCardToMarkdown: title + emoji -> ### emoji title', () => {
+    const input = '<CustomCard title="No Fuss" emoji="🚀">body content</CustomCard>';
+    const out = C.convertCustomCardToMarkdown(input).trim();
+    assert.equal(out, '### 🚀 No Fuss\n\nbody content');
+});
+
+test('convertCustomCardToMarkdown: title only', () => {
+    const input = '<CustomCard title="Just Title">stuff</CustomCard>';
+    const out = C.convertCustomCardToMarkdown(input).trim();
+    assert.equal(out, '### Just Title\n\nstuff');
+});
+
+// ---------- DeployButton -----------------------------------------------
+
+test('convertDeployButtonToMarkdown: builds recipe URL', () => {
+    assert.equal(
+        C.convertDeployButtonToMarkdown('<DeployButton link="deno" badgeWidth="200" />'),
+        '[Deploy "deno" recipe on Zerops](https://app.zerops.io/recipe/?lf=deno)'
+    );
+});
+
+test('convertDeployButtonToMarkdown: missing link -> empty', () => {
+    assert.equal(
+        C.convertDeployButtonToMarkdown('<DeployButton badgeWidth="200" />'),
+        ''
+    );
+});
+
+// ---------- Dropdown ---------------------------------------------------
+
+test('convertDropdownToMarkdown: single item -> #### heading + body', () => {
+    const input = '<Dropdown><DropdownItem title="X">body here</DropdownItem></Dropdown>';
+    const out = C.convertDropdownToMarkdown(input);
+    assert.match(out, /#### X/);
+    assert.match(out, /body here/);
+});
+
+test('convertDropdownToMarkdown: multiple items', () => {
+    const input = `<Dropdown>
+<DropdownItem title="One">first body</DropdownItem>
+<DropdownItem title="Two">second body</DropdownItem>
+</Dropdown>`;
+    const out = C.convertDropdownToMarkdown(input);
+    assert.match(out, /#### One/);
+    assert.match(out, /first body/);
+    assert.match(out, /#### Two/);
+    assert.match(out, /second body/);
+});
+
+// ---------- Video ------------------------------------------------------
+
+test('convertVideoToMarkdown: self-closing with src', () => {
+    assert.equal(
+        C.convertVideoToMarkdown('<Video src="/vids/golang.webm" type="video/webm" />'),
+        '[Video: /vids/golang.webm](/vids/golang.webm)'
+    );
+});
+
+test('convertVideoToMarkdown: no src -> empty', () => {
+    assert.equal(C.convertVideoToMarkdown('<Video />'), '');
+});
+
+// ---------- CodingAgentsTopology ---------------------------------------
+
+test('convertCodingAgentsTopologyToMarkdown: renders Remote + Local ASCII as code blocks', () => {
+    const out = C.convertCodingAgentsTopologyToMarkdown('<CodingAgentsTopology />');
+    // Both modes labelled
+    assert.match(out, /\*\*Remote \(zcp service\)\*\*/);
+    assert.match(out, /\*\*Local \(zcli vpn up\)\*\*/);
+    // Two fenced code blocks
+    assert.equal((out.match(/```text/g) || []).length, 2);
+    // Recognizable structural strings from the diagram
+    assert.match(out, /Zerops development project/);
+    assert.match(out, /appdev:3000/);
+    assert.match(out, /appstage:3000/);
+    assert.match(out, /db:5432/);
+    assert.match(out, /cache:6379/);
+    assert.match(out, /zcp service/);
+    assert.match(out, /VPN tunnel/);
+    assert.match(out, /zcli vpn up/);
+});
+
+test('convertCodingAgentsTopologyToMarkdown: no-op when component not present', () => {
+    assert.equal(C.convertCodingAgentsTopologyToMarkdown('plain text'), 'plain text');
+});
+
+test('convertIntroAgentVisualToMarkdown: agents stacked vertically in the box, recipes wrapped', () => {
+    const out = C.convertIntroAgentVisualToMarkdown('<IntroAgentVisual />');
+    // Structural ASCII present
+    assert.match(out, /```text/);
+    assert.match(out, /ZCP MCP/);
+    assert.match(out, /recipes for any stack/);
+    assert.match(out, /complex project/);
+    assert.match(out, /simple project/);
+    // All agent names land in the diagram
+    assert.match(out, /Claude Code/);
+    assert.match(out, /Codex/);
+    assert.match(out, /Gemini CLI/);
+    assert.match(out, /opencode/);
+    // Recipes wrapped inside their box (commas indicate the wrapped-list form)
+    assert.match(out, /Bun, Deno/);
+    assert.match(out, /Laravel/);
+    assert.match(out, /Next\.js/);
+    assert.match(out, /Nest\.js/);
+    // No leftover JSX, no leftover "Supported coding agents:" header
+    // (replaced by in-box placement)
+    assert.doesNotMatch(out, /<IntroAgentVisual/);
+});
+
+test('wrapCommaList helper: greedy line packing', () => {
+    // Internal helper isn't directly exported; we test via the public converter
+    // by checking that line lengths stay within bounds via the rendered ASCII.
+    // This minimal smoke test ensures the converter renders without throwing
+    // and stays under the box's inner width.
+    const out = C.convertIntroAgentVisualToMarkdown('<IntroAgentVisual />');
+    const fence = out.match(/```text\n([\s\S]*?)\n```/);
+    assert.ok(fence, 'fenced ASCII block present');
+    for (const line of fence[1].split('\n')) {
+        // The grid is W=86 wide, so each rendered line cannot exceed 86 chars
+        assert.ok(line.length <= 86, `line too wide: ${line.length}`);
+    }
+});
+
+test('convertIntroAgentVisualToMarkdown: no-op when component not present', () => {
+    assert.equal(C.convertIntroAgentVisualToMarkdown('plain text'), 'plain text');
+});
+
+// ---------- SectionLandscape -------------------------------------------
+
+test('convertSectionLandscapeToMarkdown: extracts heading, examples, body', () => {
+    const input = `<section className="zcp-landscape-section">
+  <header>
+    <h4>Local coding agents</h4>
+    <div className="zcp-landscape-section__logos"></div>
+    <p className="zcp-landscape-section__examples">Cursor · Zed · Aider</p>
+  </header>
+  <p>The agent runs on your machine.</p>
+</section>`;
+    const out = C.convertSectionLandscapeToMarkdown(input);
+    assert.match(out, /#### Local coding agents/);
+    assert.match(out, /_Cursor · Zed · Aider_/);
+    assert.match(out, /The agent runs on your machine\./);
+});
+
+test('convertSectionLandscapeToMarkdown: leaves unrelated sections alone', () => {
+    const input = '<section className="other-class"><h4>X</h4></section>';
+    assert.equal(C.convertSectionLandscapeToMarkdown(input), input);
+});
+
+// ---------- ExpandableTable --------------------------------------------
+
+test('convertExpandableTableToMarkdown: unwraps inner table', () => {
+    const input = '<ExpandableTable><table><tr><td>cell</td></tr></table></ExpandableTable>';
+    const out = C.convertExpandableTableToMarkdown(input);
+    assert.equal(out, '<table><tr><td>cell</td></tr></table>');
+});
+
+// ---------- UnorderedCodeList (standalone) -----------------------------
+
+test('convertUnorderedCodeListStandalone: resolves data path to bullet list', () => {
+    const getData = () => ({ alpine: { base: ['3.18', '3.19', '3.20'] } });
+    const input = '<UnorderedCodeList data={data.alpine.base} />';
+    const out = C.convertUnorderedCodeListStandalone(input, getData, null);
+    assert.match(out, /- `3\.18`/);
+    assert.match(out, /- `3\.19`/);
+    assert.match(out, /- `3\.20`/);
+});
+
+test('convertUnorderedCodeListStandalone: handles "value (comment)" pattern', () => {
+    const getData = () => ({ x: { y: ['nodejs@20 (LTS)', 'nodejs@22 (current)'] } });
+    const input = '<UnorderedCodeList data={data.x.y} />';
+    const out = C.convertUnorderedCodeListStandalone(input, getData, null);
+    assert.match(out, /- `nodejs@20` \(LTS\)/);
+    assert.match(out, /- `nodejs@22` \(current\)/);
+});
+
+test('convertUnorderedCodeListStandalone: missing path -> unchanged', () => {
+    const getData = () => ({});
+    const input = '<UnorderedCodeList data={data.nope} />';
+    const out = C.convertUnorderedCodeListStandalone(input, getData, null);
+    assert.equal(out, input);
+});
+
+// ---------- dropSilentComponents ---------------------------------------
+
+test('dropSilentComponents: removes self-closing PricingCalculator', () => {
+    assert.equal(C.dropSilentComponents('before <PricingCalculator /> after'), 'before  after');
+});
+
+test('dropSilentComponents: removes wrapping form with content', () => {
+    assert.equal(
+        C.dropSilentComponents('x <TechCard>inside</TechCard> y'),
+        'x  y'
+    );
+});
+
+test('dropSilentComponents: removes self-closing with JSX object props (Icons[X])', () => {
+    const input = '<GroupCards heading="X" items={[{name: "A", link: "/a"}]} />';
+    const out = C.dropSilentComponents(input);
+    assert.equal(out, '');
+});
+
+test('dropSilentComponents: leaves unrelated tags alone', () => {
+    const input = '<MyComponent foo="bar" />';
+    assert.equal(C.dropSilentComponents(input), input);
+});
+
+test('dropSilentComponents: GroupCards with `>` inside JSX expression (e.g. arrow fn)', () => {
+    // Defensive: jsx attribute could in theory contain `>` inside an arrow fn
+    // (`items={(x) => x > 0}`). The brace-aware scanner must not treat that as
+    // the tag close.
+    const input = '<GroupCards filter={(x) => x > 0} heading="X" />';
+    const out = C.dropSilentComponents(input);
+    assert.equal(out, '');
+});
+
+// ---------- helpers ----------------------------------------------------
+
+test('findMatchingBrace: simple', () => {
+    assert.equal(C.findMatchingBrace('{abc}', 0), 4);
+});
+
+test('findMatchingBrace: nested', () => {
+    assert.equal(C.findMatchingBrace('{{x}}', 0), 4);
+});
+
+test('findMatchingBrace: ignores braces inside strings', () => {
+    assert.equal(C.findMatchingBrace(`{"}"}`, 0), 4);
+    assert.equal(C.findMatchingBrace(`{'}'}`, 0), 4);
+});
+
+test('findMatchingBrace: ignores braces inside backticks', () => {
+    assert.equal(C.findMatchingBrace('{`}`}', 0), 4);
+});
+
+test('splitTopLevelObjects: array of object literals', () => {
+    const out = C.splitTopLevelObjects(`{a: 1}, {b: 2}, {c: {d: 3}}`);
+    assert.deepEqual(out, ['a: 1', 'b: 2', 'c: {d: 3}']);
+});
+
+// ---------- end-to-end pipeline approximation --------------------------
+
+test('end-to-end: coding-agents.mdx-like snippet round-trips cleanly', () => {
+    const input = `
+<Note type="tip" title="Platform-first">
+Some intro text with **bold** and \`code\`.
+</Note>
+
+<CodingAgentsTopology />
+
+<AsciiGraph ariaLabel="loop">{\`    \`}<span className="ascii-graph__highlight">{\`zcp\`}</span>{\`
+   topology
+\`}</AsciiGraph>
+
+<section className="zcp-landscape-section">
+  <header>
+    <h4>Local agents</h4>
+    <p className="zcp-landscape-section__examples">Cursor · Zed</p>
+  </header>
+  <p>Body text.</p>
+</section>
+
+<DocCardList items={[
+  { type: 'link', href: '/q', label: 'Q', customProps: { icon: Icons['rocket'], description: 'desc' } },
+]} />
+`;
+    let out = input;
+    out = C.convertNoteToMarkdown(out);
+    out = C.convertAsciiGraphToMarkdown(out);
+    out = C.convertDocCardListToMarkdown(out);
+    out = C.convertCustomCardToMarkdown(out);
+    out = C.convertDropdownToMarkdown(out);
+    out = C.convertSectionLandscapeToMarkdown(out);
+    out = C.convertCodingAgentsTopologyToMarkdown(out);
+    out = C.convertDeployButtonToMarkdown(out);
+    out = C.convertVideoToMarkdown(out);
+    out = C.convertBadgeToMarkdown(out);
+    out = C.convertButtonToMarkdown(out);
+    out = C.convertLinkToMarkdown(out);
+    out = C.dropSilentComponents(out);
+
+    assert.match(out, /:::tip\[Platform-first\]/, 'Note converted to admonition');
+    assert.match(out, /Zerops development project/, 'CodingAgentsTopology rendered as ASCII');
+    assert.match(out, /```text/, 'AsciiGraph fenced as code');
+    assert.match(out, /   topology/, 'AsciiGraph content preserved');
+    assert.match(out, /#### Local agents/, 'Section h4 -> ####');
+    assert.match(out, /_Cursor · Zed_/, 'Section examples italicized');
+    assert.match(out, /Body text\./, 'Section body preserved');
+    assert.match(out, /- \[Q\]\(\/q\) — desc/, 'DocCardList -> bullet');
+    assert.doesNotMatch(out, /<Note/);
+    assert.doesNotMatch(out, /<AsciiGraph/);
+    assert.doesNotMatch(out, /<DocCardList/);
+    assert.doesNotMatch(out, /<section className/);
+    assert.doesNotMatch(out, /<CodingAgentsTopology/);
+    assert.doesNotMatch(out, /\{`/, 'No leftover JSX template-literal artifacts');
+});
diff --git a/apps/docs/src/plugins/markdown-source/converters.js b/apps/docs/src/plugins/markdown-source/converters.js
new file mode 100644
index 000000000..bd5c05c3f
--- /dev/null
+++ b/apps/docs/src/plugins/markdown-source/converters.js
@@ -0,0 +1,649 @@
+'use strict';
+
+// Converters: MDX/JSX -> Markdown.
+//
+// Each `convert*` function takes a string of MDX/HTML and returns a string with
+// the matching component(s) replaced by readable markdown. Converters that need
+// data resolution take a `(content, siteDir)` signature and a `getDataJson`
+// loader is injected from the host plugin.
+//
+// Kept as pure regex/string functions so they can be unit-tested without
+// pulling in Docusaurus or fs.
+
+// ----- helpers ----------------------------------------------------------
+
+function getAttr(attrs, name) {
+    if (!attrs) return null;
+    const re = new RegExp(`${name}=["']([^"']*)["']`);
+    const m = attrs.match(re);
+    return m ? m[1] : null;
+}
+
+// Find the index of the closing brace that matches the opening brace at
+// `openIdx`. Respects nested braces and `'`/`"`/`` ` `` string literals.
+// Returns -1 if not found.
+function findMatchingBrace(str, openIdx) {
+    if (str[openIdx] !== '{') return -1;
+    let depth = 0;
+    let inString = null; // ', ", `, or null
+    for (let i = openIdx; i < str.length; i++) {
+        const ch = str[i];
+        const prev = i > 0 ? str[i - 1] : '';
+        if (inString) {
+            if (ch === inString && prev !== '\\') inString = null;
+            continue;
+        }
+        if (ch === "'" || ch === '"' || ch === '`') {
+            inString = ch;
+            continue;
+        }
+        if (ch === '{') depth++;
+        else if (ch === '}') {
+            depth--;
+            if (depth === 0) return i;
+        }
+    }
+    return -1;
+}
+
+// Walk a JSX-array literal body (without the wrapping [ ]) and yield each
+// top-level object item as a raw string. Strips outer { }.
+function splitTopLevelObjects(arrayBody) {
+    const items = [];
+    let i = 0;
+    while (i < arrayBody.length) {
+        while (i < arrayBody.length && arrayBody[i] !== '{') i++;
+        if (i >= arrayBody.length) break;
+        const close = findMatchingBrace(arrayBody, i);
+        if (close === -1) break;
+        items.push(arrayBody.slice(i + 1, close));
+        i = close + 1;
+    }
+    return items;
+}
+
+// ----- existing converters (kept here so tests can import them too) -----
+
+function convertTabsToMarkdown(content) {
+    const tabsPattern = /<Tabs[^>]*>([\s\S]*?)<\/Tabs>/g;
+    return content.replace(tabsPattern, (_, tabsContent) => {
+        const tabItemPattern = /<TabItem\s+[^>]*value="([^"]*)"[^>]*label="([^"]*)"[^>]*>([\s\S]*?)<\/TabItem>/g;
+        const result = [];
+        let match;
+        while ((match = tabItemPattern.exec(tabsContent)) !== null) {
+            const [, , label, itemContent] = match;
+            const cleanContent = itemContent
+                .split('\n')
+                .map(line => line.replace(/^\s{4}/, ''))
+                .join('\n')
+                .trim();
+            result.push(`**${label}:**\n\n${cleanContent}`);
+        }
+        return result.join('\n\n---\n\n');
+    });
+}
+
+function convertDetailsToMarkdown(content) {
+    const detailsPattern = /<details>\s*<summary>(<strong>)?([^<]+)(<\/strong>)?<\/summary>([\s\S]*?)<\/details>/g;
+    return content.replace(detailsPattern, (_, __, summaryText, ___, detailsContent) => {
+        const cleanContent = detailsContent
+            .split('\n')
+            .map(line => line.trim())
+            .filter(line => line.length > 0)
+            .join('\n')
+            .trim();
+        return `### ${summaryText.trim()}\n\n${cleanContent}`;
+    });
+}
+
+function convertFAQToMarkdown(content) {
+    content = content.replace(
+        /<FAQItem\s+question="([^"]+)"\s*>([\s\S]*?)<\/FAQItem>/g,
+        (_, question, answer) => `**Question: ${question}**\n\n${answer.trim()}\n`
+    );
+    content = content.replace(/<FAQ>([\s\S]*?)<\/FAQ>/g, (_, c) => c);
+    return content;
+}
+
+// ----- new converters ---------------------------------------------------
+
+// Map Note `type` -> Docusaurus admonition keyword.
+const NOTE_TYPE_TO_ADMONITION = {
+    tip: 'tip',
+    success: 'tip',
+    check: 'tip',
+    warning: 'warning',
+    error: 'danger',
+    default: 'note',
+};
+
+function convertNoteToMarkdown(content) {
+    return content.replace(
+        /<Note(\s+[^>]*)?>([\s\S]*?)<\/Note>/g,
+        (_, attrs, body) => {
+            const type = getAttr(attrs, 'type') || 'default';
+            const title = getAttr(attrs, 'title');
+            const admonition = NOTE_TYPE_TO_ADMONITION[type] || 'note';
+            const trimmedBody = body.trim();
+            const titlePart = title ? `[${title}]` : '';
+            return `\n:::${admonition}${titlePart}\n\n${trimmedBody}\n\n:::\n`;
+        }
+    );
+}
+
+// Convert <AsciiGraph>{`...`}<span>{`...`}</span>{`...`}</AsciiGraph> blocks
+// to fenced code blocks. The component renders a <pre>; in markdown that's a
+// triple-backtick block. Strips inline span highlights (text preserved).
+function convertAsciiGraphToMarkdown(content) {
+    return content.replace(
+        /<AsciiGraph(\s+[^>]*)?>([\s\S]*?)<\/AsciiGraph>/g,
+        (_, _attrs, body) => {
+            // Strip span wrappers (keep their inner text)
+            let stripped = body
+                .replace(/<span\b[^>]*>/g, '')
+                .replace(/<\/span>/g, '');
+            // Unwrap JSX template literals: {`text`} -> text. The text inside
+            // backticks can span newlines but cannot contain a backtick.
+            stripped = stripped.replace(/\{`([^`]*)`\}/g, '$1');
+            // Drop any remaining `{` / `}` artifacts at boundaries that aren't
+            // followed by template literal content (defensive — shouldn't fire
+            // on well-formed input).
+            stripped = stripped.replace(/^\s*\n+|\n+\s*$/g, '');
+            return `\n\`\`\`text\n${stripped}\n\`\`\`\n`;
+        }
+    );
+}
+
+// Find each <DocCardList ... items={[...]} ... /> (or with explicit close)
+// and replace with a markdown bullet list. Uses brace-balanced scanning so
+// that `]` characters inside the items array (e.g. Icons['rocket-launch'])
+// don't terminate the match early.
+function convertDocCardListToMarkdown(content) {
+    const TAG = '<DocCardList';
+    const out = [];
+    let cursor = 0;
+
+    while (cursor < content.length) {
+        const start = content.indexOf(TAG, cursor);
+        if (start === -1) {
+            out.push(content.slice(cursor));
+            break;
+        }
+        out.push(content.slice(cursor, start));
+
+        // Find items={...} within the tag's open marker. Scan forward until
+        // we hit `/>` or `>` at depth 0 (outside string/braces).
+        const itemsKeyIdx = content.indexOf('items={', start);
+        if (itemsKeyIdx === -1) {
+            // Malformed tag — drop the literal `<DocCardList` to avoid infinite loop.
+            cursor = start + TAG.length;
+            continue;
+        }
+        const braceOpen = itemsKeyIdx + 'items='.length;
+        const braceClose = findMatchingBrace(content, braceOpen);
+        if (braceClose === -1) {
+            cursor = start + TAG.length;
+            continue;
+        }
+        // Find tag close (`/>` or `>` followed by `</DocCardList>`)
+        let i = braceClose + 1;
+        while (i < content.length && content[i] !== '>') i++;
+        let tagEnd;
+        if (i >= content.length) {
+            tagEnd = content.length;
+        } else if (content[i - 1] === '/') {
+            tagEnd = i + 1;
+        } else {
+            const closeTag = content.indexOf('</DocCardList>', i);
+            tagEnd = closeTag !== -1 ? closeTag + '</DocCardList>'.length : i + 1;
+        }
+
+        const itemsLiteral = content.slice(braceOpen + 1, braceClose).trim();
+        const arrayBody = itemsLiteral.startsWith('[') && itemsLiteral.endsWith(']')
+            ? itemsLiteral.slice(1, -1)
+            : itemsLiteral;
+
+        const items = splitTopLevelObjects(arrayBody);
+        const lines = items
+            .map((item) => {
+                const href = getAttr(item, 'href') || extractObjectField(item, 'href');
+                const label = getAttr(item, 'label') || extractObjectField(item, 'label');
+                const description = extractObjectField(item, 'description');
+                if (!href || !label) return null;
+                return description
+                    ? `- [${label}](${href}) — ${description}`
+                    : `- [${label}](${href})`;
+            })
+            .filter(Boolean);
+
+        out.push(lines.length ? `\n${lines.join('\n')}\n` : '');
+        cursor = tagEnd;
+    }
+
+    return out.join('');
+}
+
+// Extract `field: 'value'` or `field: "value"` from an object-literal body.
+function extractObjectField(objBody, field) {
+    const re = new RegExp(`\\b${field}\\s*:\\s*['"]([^'"]+)['"]`);
+    const m = objBody.match(re);
+    return m ? m[1] : null;
+}
+
+// Convert <Badge type="..." /> (and optionally text="..." for custom) to an
+// inline italic label like *[Required]*.
+const BADGE_TYPE_LABELS = {
+    optional: 'Optional',
+    required: 'Required',
+    'required-some': 'Required for some runtimes',
+};
+function convertBadgeToMarkdown(content) {
+    return content.replace(
+        /<Badge(\s+[^>]*?)?\s*\/>/g,
+        (_, attrs) => {
+            const type = getAttr(attrs, 'type') || 'optional';
+            const text = getAttr(attrs, 'text');
+            let label;
+            if (type === 'custom') label = text || '';
+            else label = BADGE_TYPE_LABELS[type] || text || '';
+            return label ? `*[${label}]*` : '';
+        }
+    );
+}
+
+// Unwrap <Button>…</Button> — leave inner content for downstream converters
+// (typically a <Link>).
+function convertButtonToMarkdown(content) {
+    return content.replace(/<Button(\s+[^>]*)?>([\s\S]*?)<\/Button>/g, '$2');
+}
+
+// <Link href="x">text</Link> -> [text](x)
+function convertLinkToMarkdown(content) {
+    return content.replace(
+        /<Link(\s+[^>]*?)?>([\s\S]*?)<\/Link>/g,
+        (match, attrs, children) => {
+            const href = getAttr(attrs, 'href');
+            if (!href) return children;
+            const cleanText = children
+                .replace(/<code>(.*?)<\/code>/g, '`$1`')
+                .replace(/<strong>(.*?)<\/strong>/g, '**$1**')
+                .replace(/<em>(.*?)<\/em>/g, '*$1*')
+                .replace(/<b>(.*?)<\/b>/g, '**$1**')
+                .replace(/<[^>]+>/g, '')
+                .trim();
+            return `[${cleanText}](${href})`;
+        }
+    );
+}
+
+// <CustomCard title="X" emoji="🚀">body</CustomCard> -> ### 🚀 X\n\nbody
+function convertCustomCardToMarkdown(content) {
+    return content.replace(
+        /<CustomCard(\s+[^>]*?)?>([\s\S]*?)<\/CustomCard>/g,
+        (_, attrs, body) => {
+            const title = getAttr(attrs, 'title') || '';
+            const emoji = getAttr(attrs, 'emoji') || '';
+            const header = emoji ? `${emoji} ${title}`.trim() : title;
+            const trimmedBody = body.trim();
+            return header
+                ? `\n### ${header}\n\n${trimmedBody}\n`
+                : `\n${trimmedBody}\n`;
+        }
+    );
+}
+
+// <DeployButton link="deno" /> -> markdown link to the recipe deploy URL.
+function convertDeployButtonToMarkdown(content) {
+    return content.replace(
+        /<DeployButton(\s+[^>]*?)\s*\/>/g,
+        (match, attrs) => {
+            const link = getAttr(attrs, 'link');
+            if (!link) return '';
+            return `[Deploy "${link}" recipe on Zerops](https://app.zerops.io/recipe/?lf=${link})`;
+        }
+    );
+}
+
+// <Dropdown><DropdownItem title="X">body</DropdownItem>…</Dropdown>
+// -> emit ### headers per item. We don't use <details> here because the
+// existing convertDetailsToMarkdown would rewrite them inconsistently
+// (it requires <strong> wrapping); a heading is the cleaner equivalent.
+function convertDropdownToMarkdown(content) {
+    // First, expand DropdownItem
+    content = content.replace(
+        /<DropdownItem(\s+[^>]*?)?>([\s\S]*?)<\/DropdownItem>/g,
+        (_, attrs, body) => {
+            const title = getAttr(attrs, 'title') || '';
+            const trimmed = body.trim();
+            return title
+                ? `\n#### ${title}\n\n${trimmed}\n`
+                : `\n${trimmed}\n`;
+        }
+    );
+    // Then unwrap the Dropdown
+    content = content.replace(/<Dropdown(?:\s+[^>]*)?>([\s\S]*?)<\/Dropdown>/g, '$1');
+    return content;
+}
+
+// <Video src="/vids/x.webm" /> -> text link to the video file.
+function convertVideoToMarkdown(content) {
+    return content.replace(
+        /<Video(\s+[^>]*?)\s*\/>/g,
+        (_, attrs) => {
+            const src = getAttr(attrs, 'src');
+            return src ? `[Video: ${src}](${src})` : '';
+        }
+    );
+}
+
+// <CodingAgentsTopology /> -> render both Remote and Local modes as fenced
+// code blocks, mirroring the toggle on the live page. Pulls the same build
+// logic the React component uses via build.cjs.
+function convertCodingAgentsTopologyToMarkdown(content) {
+    if (!/<CodingAgentsTopology\s*\/>/.test(content)) return content;
+    let build;
+    let grid;
+    try {
+        // eslint-disable-next-line global-require
+        build = require('../../components/CodingAgentsTopology/build.cjs');
+        // eslint-disable-next-line global-require
+        grid = require('../../components/CodingAgentsTopology/grid.cjs');
+    } catch (e) {
+        return content.replace(
+            /<CodingAgentsTopology\s*\/>/g,
+            '\n*See the live page for the interactive ZCP project topology diagram.*\n'
+        );
+    }
+    const remote = grid.renderText(build.buildRemote());
+    const local = grid.renderText(build.buildLocal());
+    const block =
+        '\n**Remote (zcp service)**\n\n```text\n' + remote + '\n```\n\n' +
+        '**Local (zcli vpn up)**\n\n```text\n' + local + '\n```\n';
+    return content.replace(/<CodingAgentsTopology\s*\/>/g, block);
+}
+
+// <IntroAgentVisual /> -> ASCII layout with the agent and recipe names laid
+// out inside their boxes as text. The live page positions logo <img>
+// elements absolutely at (col, row) slots designed for visual icons; in
+// plain markdown those slots are too tight for text names (e.g. "Claude
+// Code" + "Codex" would collide in the 14-cell agent box). Instead:
+//   - Agents (4 items, narrow box): vertically stacked, 1 per row, centered
+//   - Recipes (23 items, wide box): comma-wrapped at the box's inner width
+// The boxes' outer geometry stays identical to the live page so the rest of
+// the diagram (arrows, projects, services) lines up.
+function convertIntroAgentVisualToMarkdown(content) {
+    if (!/<IntroAgentVisual\s*\/>/.test(content)) return content;
+    let build;
+    let grid;
+    try {
+        // eslint-disable-next-line global-require
+        build = require('../../components/IntroAgentVisual/build.cjs');
+        // eslint-disable-next-line global-require
+        grid = require('../../components/CodingAgentsTopology/grid.cjs');
+    } catch (e) {
+        return content.replace(
+            /<IntroAgentVisual\s*\/>/g,
+            '\n*See the live page for the visual map of supported coding agents and recipes.*\n'
+        );
+    }
+
+    const { grid: g } = build.buildLayout();
+
+    // Agent box geometry (from build.cjs: x=2, y=0, w=16, h=8, topLabel='ZCP MCP')
+    const agentBoxCenter = 2 + Math.floor(16 / 2); // col 10
+    const agentRowsStart = 2;
+    build.AGENTS.forEach((a, i) => {
+        const row = agentRowsStart + i; // rows 2, 3, 4, 5
+        const startCol = agentBoxCenter - Math.floor(a.alt.length / 2);
+        grid.text(g, startCol, row, a.alt);
+    });
+
+    // Recipe box geometry (from build.cjs: x=22, y=0, w=58, h=11)
+    // Inner left col 24, inner width 54 chars, inner rows 1..9
+    const recipeInnerLeft = 24;
+    const recipeInnerWidth = 54;
+    const recipeRows = [3, 5, 7]; // three evenly spaced rows inside the box
+    const recipeLines = wrapCommaList(
+        build.RECIPES.map((r) => r.alt),
+        recipeInnerWidth,
+        recipeRows.length
+    );
+    recipeLines.forEach((line, i) => {
+        const row = recipeRows[i];
+        // Center the line in the inner box for visual balance
+        const startCol = recipeInnerLeft + Math.max(0, Math.floor((recipeInnerWidth - line.length) / 2));
+        grid.text(g, startCol, row, line);
+    });
+
+    const ascii = grid.renderText(g);
+    return content.replace(/<IntroAgentVisual\s*\/>/g, '\n```text\n' + ascii + '\n```\n');
+}
+
+// Wrap a list of names into up to `maxLines` comma-separated rows, each no
+// wider than `width`. Greedily packs as many names per row as fit; if the
+// list doesn't fit in `maxLines`, the last row ends with an ellipsis.
+function wrapCommaList(items, width, maxLines) {
+    const lines = [];
+    let current = '';
+    for (const item of items) {
+        if (lines.length === maxLines) break;
+        const sep = current ? ', ' : '';
+        const candidate = current + sep + item;
+        if (candidate.length <= width) {
+            current = candidate;
+            continue;
+        }
+        // Push current line, start a new one
+        if (current) lines.push(current);
+        if (lines.length === maxLines) break;
+        current = item.length <= width ? item : item.slice(0, width);
+    }
+    if (current && lines.length < maxLines) lines.push(current);
+    return lines;
+}
+
+// <section className="zcp-landscape-section"><header><h4/><div/><p.examples/></header><p>body</p></section>
+// -> #### h4 / _examples_ / body
+function convertSectionLandscapeToMarkdown(content) {
+    return content.replace(
+        /<section\s+className=["']zcp-landscape-section["']\s*>([\s\S]*?)<\/section>/g,
+        (_, body) => {
+            const h4Match = body.match(/<h4[^>]*>([\s\S]*?)<\/h4>/);
+            const heading = h4Match ? h4Match[1].trim() : '';
+            const examplesMatch = body.match(
+                /<p\s+className=["']zcp-landscape-section__examples["']\s*>([\s\S]*?)<\/p>/
+            );
+            const examples = examplesMatch ? examplesMatch[1].trim() : '';
+            const afterHeader = body.replace(/<header[\s\S]*?<\/header>/, '');
+            const bodyParaMatch = afterHeader.match(/<p[^>]*>([\s\S]*?)<\/p>/);
+            const bodyText = bodyParaMatch ? bodyParaMatch[1].trim() : '';
+
+            let out = '';
+            if (heading) out += `\n#### ${heading}\n`;
+            if (examples) out += `\n_${examples}_\n`;
+            if (bodyText) out += `\n${bodyText}\n`;
+            return out;
+        }
+    );
+}
+
+// <ExpandableTable><table>...</table></ExpandableTable> -> just the table.
+function convertExpandableTableToMarkdown(content) {
+    return content.replace(
+        /<ExpandableTable(?:\s+[^>]*)?>([\s\S]*?)<\/ExpandableTable>/g,
+        '$1'
+    );
+}
+
+// Standalone <UnorderedCodeList data={data.x.y} /> -> markdown bullet list of
+// backticked items. `getData` is a `(siteDir) => object` loader.
+function convertUnorderedCodeListStandalone(content, getData, siteDir) {
+    return content.replace(
+        /<UnorderedCodeList\s+data=\{([^}]+)\}\s*\/>/g,
+        (match, dataPath) => {
+            try {
+                const data = getData(siteDir);
+                const keys = dataPath.trim().replace(/^data\./, '').split('.');
+                let val = data;
+                for (const key of keys) {
+                    if (val && typeof val === 'object' && key in val) val = val[key];
+                    else return match;
+                }
+                if (Array.isArray(val)) {
+                    return '\n' + val.map((item) => {
+                        if (Array.isArray(item)) {
+                            return `- ${item.map((s) => `\`${s}\``).join(', ')}`;
+                        }
+                        const commentMatch = String(item).match(/^(.+?)\s*\(([^()]+)\)\s*$/);
+                        if (commentMatch) {
+                            return `- \`${commentMatch[1].trim()}\` (${commentMatch[2].trim()})`;
+                        }
+                        return `- \`${item}\``;
+                    }).join('\n') + '\n';
+                }
+                return `\`${val}\``;
+            } catch (_) {
+                return match;
+            }
+        }
+    );
+}
+
+// Drop components that have no useful markdown representation (purely
+// decorative / interactive without source content). Handles both self-closing
+// and wrapping forms.
+const SILENT_DROP_COMPONENTS = [
+    'PricingCalculator',
+    'BrandAssets',
+    'BackgroundPattern',
+    'ResourceTable',
+    'TechCard',
+    'GroupCards',
+    'TabbedCodeBlocks',
+    'ExpandableTable', // already converted to inner table above; this is a fallback
+];
+function dropSilentComponents(content, names = SILENT_DROP_COMPONENTS) {
+    for (const name of names) {
+        const escaped = name.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+        // wrapping form first (lazy)
+        content = content.replace(
+            new RegExp(`<${escaped}\\b[^>]*>[\\s\\S]*?<\\/${escaped}>`, 'g'),
+            ''
+        );
+        // self-closing form. Use brace-aware skip for props that contain `{...}`
+        content = stripSelfClosing(content, name);
+    }
+    return content;
+}
+
+// Remove `<Name ... />` instances where `...` may include JSX expression
+// containers `{ ... }` with `>` inside (e.g. `items={[ ...arrow funcs > 0 ... ]}`).
+function stripSelfClosing(content, name) {
+    const TAG = `<${name}`;
+    const out = [];
+    let cursor = 0;
+    while (cursor < content.length) {
+        const start = content.indexOf(TAG, cursor);
+        if (start === -1) {
+            out.push(content.slice(cursor));
+            break;
+        }
+        out.push(content.slice(cursor, start));
+        // After `<Name`, must be a non-identifier character (whitespace, /, or >)
+        // to avoid matching `<NameSomething`.
+        const after = content[start + TAG.length];
+        if (after && /[a-zA-Z0-9_]/.test(after)) {
+            // Not a real match — emit and advance one char
+            out.push(content[start]);
+            cursor = start + 1;
+            continue;
+        }
+        // Walk forward, respecting strings + braces, looking for `/>` or `>`.
+        let i = start + TAG.length;
+        let inString = null;
+        let braceDepth = 0;
+        let tagEnd = -1;
+        let selfClosing = false;
+        while (i < content.length) {
+            const ch = content[i];
+            const prev = i > 0 ? content[i - 1] : '';
+            if (inString) {
+                if (ch === inString && prev !== '\\') inString = null;
+                i++;
+                continue;
+            }
+            if (ch === "'" || ch === '"' || ch === '`') {
+                inString = ch;
+                i++;
+                continue;
+            }
+            if (ch === '{') {
+                braceDepth++;
+                i++;
+                continue;
+            }
+            if (ch === '}') {
+                braceDepth--;
+                i++;
+                continue;
+            }
+            if (braceDepth === 0 && ch === '/' && content[i + 1] === '>') {
+                tagEnd = i + 2;
+                selfClosing = true;
+                break;
+            }
+            if (braceDepth === 0 && ch === '>') {
+                tagEnd = i + 1;
+                break;
+            }
+            i++;
+        }
+        if (tagEnd === -1) {
+            // Couldn't parse — emit and advance.
+            out.push(content[start]);
+            cursor = start + 1;
+            continue;
+        }
+        if (selfClosing) {
+            cursor = tagEnd;
+        } else {
+            // Drop matching close tag too if present
+            const closeTag = `</${name}>`;
+            const closeIdx = content.indexOf(closeTag, tagEnd);
+            cursor = closeIdx !== -1 ? closeIdx + closeTag.length : tagEnd;
+        }
+    }
+    return out.join('');
+}
+
+module.exports = {
+    // helpers
+    getAttr,
+    findMatchingBrace,
+    splitTopLevelObjects,
+    stripSelfClosing,
+    // pre-existing
+    convertTabsToMarkdown,
+    convertDetailsToMarkdown,
+    convertFAQToMarkdown,
+    // new
+    convertNoteToMarkdown,
+    convertAsciiGraphToMarkdown,
+    convertDocCardListToMarkdown,
+    convertBadgeToMarkdown,
+    convertButtonToMarkdown,
+    convertLinkToMarkdown,
+    convertCustomCardToMarkdown,
+    convertDeployButtonToMarkdown,
+    convertDropdownToMarkdown,
+    convertVideoToMarkdown,
+    convertCodingAgentsTopologyToMarkdown,
+    convertIntroAgentVisualToMarkdown,
+    convertSectionLandscapeToMarkdown,
+    convertExpandableTableToMarkdown,
+    convertUnorderedCodeListStandalone,
+    dropSilentComponents,
+    NOTE_TYPE_TO_ADMONITION,
+    BADGE_TYPE_LABELS,
+    SILENT_DROP_COMPONENTS,
+};
diff --git a/apps/docs/src/plugins/markdown-source/index.js b/apps/docs/src/plugins/markdown-source/index.js
index 388a37b77..f3213541a 100644
--- a/apps/docs/src/plugins/markdown-source/index.js
+++ b/apps/docs/src/plugins/markdown-source/index.js
@@ -1,5 +1,6 @@
 const fs = require('fs-extra');
 const path = require('path');
+const C = require('./converters');
 
 /**
  * Docusaurus plugin to copy raw markdown files to build output
@@ -34,8 +35,9 @@ function extractFrontmatter(content) {
     const titleMatch = frontmatter.match(/^title:\s*(.+)$/m);
     const descMatch = frontmatter.match(/^description:\s*(.+)$/m);
 
-    const title = titleMatch ? titleMatch[1].trim() : null;
-    const description = descMatch ? descMatch[1].trim() : null;
+    const stripQuotes = (s) => s.trim().replace(/^['"]([\s\S]*)['"]$/, '$1');
+    const title = titleMatch ? stripQuotes(titleMatch[1]) : null;
+    const description = descMatch ? stripQuotes(descMatch[1]) : null;
 
     // Remove frontmatter from content
     const contentWithoutFrontmatter = content.replace(/^---\r?\n[\s\S]*?\r?\n---\r?\n/, '');
@@ -520,6 +522,57 @@ function cleanMarkdownForDisplay(content, filepath, siteDir, docsDir) {
     // 14. Convert Tabs/TabItem components to readable markdown (preserve content)
     content = convertTabsToMarkdown(content);
 
+    // --- Custom-component converters (order matters) -----------------------
+    // 14a. Note callouts -> Docusaurus admonitions (with title preserved)
+    content = C.convertNoteToMarkdown(content);
+
+    // 14b. ASCII diagram blocks -> fenced code blocks, JSX template literals
+    // and inline <span> highlights unwrapped to plain text.
+    content = C.convertAsciiGraphToMarkdown(content);
+
+    // 14c. DocCardList items array -> markdown bullet list of links
+    content = C.convertDocCardListToMarkdown(content);
+
+    // 14d. CustomCard -> ### heading + body
+    content = C.convertCustomCardToMarkdown(content);
+
+    // 14e. Dropdown / DropdownItem -> #### per item
+    content = C.convertDropdownToMarkdown(content);
+
+    // 14f. Landscape section (coding-agents.mdx) -> heading + examples + body
+    content = C.convertSectionLandscapeToMarkdown(content);
+
+    // 14g. ExpandableTable -> unwrap to inner table (will be picked up by
+    // convertHtmlTablesToMarkdown next build, but at this point tables have
+    // already been converted; this is mostly a safety net).
+    content = C.convertExpandableTableToMarkdown(content);
+
+    // 14h. Standalone UnorderedCodeList (not inside a table) -> bullet list
+    content = C.convertUnorderedCodeListStandalone(content, getDataJson, siteDir);
+
+    // 14i. CodingAgentsTopology / IntroAgentVisual -> placeholders pointing at the live page
+    content = C.convertCodingAgentsTopologyToMarkdown(content);
+    content = C.convertIntroAgentVisualToMarkdown(content);
+
+    // 14j. DeployButton -> markdown link to recipe deploy URL
+    content = C.convertDeployButtonToMarkdown(content);
+
+    // 14k. Video -> text link to video src
+    content = C.convertVideoToMarkdown(content);
+
+    // 14l. Badge -> *[Optional]* / *[Required]* inline label
+    content = C.convertBadgeToMarkdown(content);
+
+    // 14m. Button -> unwrap (leaves children, typically a <Link>)
+    content = C.convertButtonToMarkdown(content);
+
+    // 14n. Link -> [text](href). Run AFTER Button so unwrapped children render.
+    content = C.convertLinkToMarkdown(content);
+
+    // 14o. Drop components with no useful markdown representation
+    content = C.dropSilentComponents(content);
+    // -------------------------------------------------------------------
+
     // 15. Convert details/summary components to readable markdown (preserve content)
     content = convertDetailsToMarkdown(content);
 
@@ -624,6 +677,19 @@ async function copyImageDirectories(docsDir, buildDir) {
 }
 
 module.exports = function markdownSourcePlugin(context, options) {
+    const docsDir = path.join(context.siteDir, 'content');
+
+    // Resolve a `.md` URL path back to a source file under content/.
+    // Returns the absolute path or null when no source exists.
+    function resolveSourcePath(urlPath) {
+        const stripped = urlPath.replace(/^\//, '').replace(/\.md$/, '');
+        const mdxCandidate = path.join(docsDir, `${stripped}.mdx`);
+        if (fs.existsSync(mdxCandidate)) return mdxCandidate;
+        const mdCandidate = path.join(docsDir, `${stripped}.md`);
+        if (fs.existsSync(mdCandidate)) return mdCandidate;
+        return null;
+    }
+
     return {
         name: 'markdown-source-plugin',
 
@@ -632,6 +698,42 @@ module.exports = function markdownSourcePlugin(context, options) {
             return path.resolve(__dirname, './theme');
         },
 
+        // Dev-mode middleware: postBuild doesn't run during `docusaurus start`,
+        // so without this the Copy/View as Markdown buttons hit the SPA fallback
+        // (HTML shell + 404). Intercept `.md` requests and produce the same
+        // cleaned output the production build would.
+        configureWebpack(_config, isServer) {
+            if (isServer) return {};
+            return {
+                devServer: {
+                    setupMiddlewares: (middlewares, devServer) => {
+                        devServer.app.get(/\.md$/, (req, res, next) => {
+                            try {
+                                const sourcePath = resolveSourcePath(req.path);
+                                if (!sourcePath) return next();
+                                const content = fs.readFileSync(sourcePath, 'utf8');
+                                const relPath = path.relative(docsDir, sourcePath);
+                                const cleaned = cleanMarkdownForDisplay(
+                                    content,
+                                    relPath,
+                                    context.siteDir,
+                                    docsDir
+                                );
+                                res.setHeader(
+                                    'Content-Type',
+                                    'text/markdown; charset=utf-8'
+                                );
+                                res.send(cleaned);
+                            } catch (err) {
+                                next(err);
+                            }
+                        });
+                        return middlewares;
+                    },
+                },
+            };
+        },
+
         async postBuild({ outDir }) {
             const docsDir = path.join(context.siteDir, 'content');
             const buildDir = outDir;
diff --git a/apps/docs/src/theme/MDXComponents/index.tsx b/apps/docs/src/theme/MDXComponents/index.tsx
index 5598eb6ad..5a1c1a656 100644
--- a/apps/docs/src/theme/MDXComponents/index.tsx
+++ b/apps/docs/src/theme/MDXComponents/index.tsx
@@ -9,6 +9,7 @@ import MDXDetails from './Details';
 import DocCard from '@theme/DocCard';
 import DocCardList from '@theme/DocCardList';
 import ExpandableTable from '@site/src/components/ExpandableTable';
+import AsciiGraph from '@site/src/components/AsciiGraph';
 
 const components = {
   // Re-use the default mapping
@@ -25,6 +26,7 @@ const components = {
   DocCardList,
   Note,
   ExpandableTable,
+  AsciiGraph,
 };
 
 export default components;
\ No newline at end of file
diff --git a/apps/docs/static/fonts/JetBrainsMono-Regular.woff2 b/apps/docs/static/fonts/JetBrainsMono-Regular.woff2
new file mode 100644
index 000000000..66c54672c
Binary files /dev/null and b/apps/docs/static/fonts/JetBrainsMono-Regular.woff2 differ
diff --git a/apps/docs/static/img/landscape/aider.png b/apps/docs/static/img/landscape/aider.png
new file mode 100644
index 000000000..0a921307c
Binary files /dev/null and b/apps/docs/static/img/landscape/aider.png differ
diff --git a/apps/docs/static/img/landscape/anthropic.ico b/apps/docs/static/img/landscape/anthropic.ico
new file mode 100644
index 000000000..ec917df6e
Binary files /dev/null and b/apps/docs/static/img/landscape/anthropic.ico differ
diff --git a/apps/docs/static/img/landscape/aws.png b/apps/docs/static/img/landscape/aws.png
new file mode 100644
index 000000000..80944f5d6
Binary files /dev/null and b/apps/docs/static/img/landscape/aws.png differ
diff --git a/apps/docs/static/img/landscape/bolt.png b/apps/docs/static/img/landscape/bolt.png
new file mode 100644
index 000000000..53806753b
Binary files /dev/null and b/apps/docs/static/img/landscape/bolt.png differ
diff --git a/apps/docs/static/img/landscape/claude.png b/apps/docs/static/img/landscape/claude.png
new file mode 100644
index 000000000..505717358
Binary files /dev/null and b/apps/docs/static/img/landscape/claude.png differ
diff --git a/apps/docs/static/img/landscape/cline.png b/apps/docs/static/img/landscape/cline.png
new file mode 100644
index 000000000..19d1a41c4
Binary files /dev/null and b/apps/docs/static/img/landscape/cline.png differ
diff --git a/apps/docs/static/img/landscape/cloudflare.png b/apps/docs/static/img/landscape/cloudflare.png
new file mode 100644
index 000000000..a000261dc
Binary files /dev/null and b/apps/docs/static/img/landscape/cloudflare.png differ
diff --git a/apps/docs/static/img/landscape/coder.svg b/apps/docs/static/img/landscape/coder.svg
new file mode 100644
index 000000000..41e19b928
--- /dev/null
+++ b/apps/docs/static/img/landscape/coder.svg
@@ -0,0 +1 @@
+<svg fill="#090B0B" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Coder</title><path d="M14.862 6.67H24v10.663h-9.138zM6.945 15.304c-1.934 0-3.366-1.264-3.366-3.305s1.432-3.323 3.366-3.365c1.411-.03 2.787.99 2.878 2.543l3.472-.106c-.076-2.802-2.33-4.706-6.35-4.706S0 8.558 0 12c0 3.426 3.046 5.635 6.945 5.635 3.898 0 6.29-1.935 6.38-4.782l-3.472-.077c-.152 1.553-1.497 2.528-2.908 2.528Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/landscape/codesandbox.svg b/apps/docs/static/img/landscape/codesandbox.svg
new file mode 100644
index 000000000..453e07354
--- /dev/null
+++ b/apps/docs/static/img/landscape/codesandbox.svg
@@ -0,0 +1 @@
+<svg fill="#151515" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>CodeSandbox</title><path d="M0 24H24V0H0V2.45455H21.5455V21.5455H2.45455V0H0Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/landscape/cursor.png b/apps/docs/static/img/landscape/cursor.png
new file mode 100644
index 000000000..86fe0427b
Binary files /dev/null and b/apps/docs/static/img/landscape/cursor.png differ
diff --git a/apps/docs/static/img/landscape/daytona.ico b/apps/docs/static/img/landscape/daytona.ico
new file mode 100644
index 000000000..602d9e3e4
Binary files /dev/null and b/apps/docs/static/img/landscape/daytona.ico differ
diff --git a/apps/docs/static/img/landscape/devin.ico b/apps/docs/static/img/landscape/devin.ico
new file mode 100644
index 000000000..dd0ead691
Binary files /dev/null and b/apps/docs/static/img/landscape/devin.ico differ
diff --git a/apps/docs/static/img/landscape/digitalocean.png b/apps/docs/static/img/landscape/digitalocean.png
new file mode 100644
index 000000000..b71812af4
Binary files /dev/null and b/apps/docs/static/img/landscape/digitalocean.png differ
diff --git a/apps/docs/static/img/landscape/e2b.ico b/apps/docs/static/img/landscape/e2b.ico
new file mode 100644
index 000000000..0e138eb9e
Binary files /dev/null and b/apps/docs/static/img/landscape/e2b.ico differ
diff --git a/apps/docs/static/img/landscape/fly.png b/apps/docs/static/img/landscape/fly.png
new file mode 100644
index 000000000..f891620de
Binary files /dev/null and b/apps/docs/static/img/landscape/fly.png differ
diff --git a/apps/docs/static/img/landscape/github.png b/apps/docs/static/img/landscape/github.png
new file mode 100644
index 000000000..fbaa2a6ff
Binary files /dev/null and b/apps/docs/static/img/landscape/github.png differ
diff --git a/apps/docs/static/img/landscape/gitpod.ico b/apps/docs/static/img/landscape/gitpod.ico
new file mode 100644
index 000000000..6c92eda0d
Binary files /dev/null and b/apps/docs/static/img/landscape/gitpod.ico differ
diff --git a/apps/docs/static/img/landscape/hetzner.ico b/apps/docs/static/img/landscape/hetzner.ico
new file mode 100644
index 000000000..882f0c0dd
Binary files /dev/null and b/apps/docs/static/img/landscape/hetzner.ico differ
diff --git a/apps/docs/static/img/landscape/linode.png b/apps/docs/static/img/landscape/linode.png
new file mode 100644
index 000000000..d3b37b14d
Binary files /dev/null and b/apps/docs/static/img/landscape/linode.png differ
diff --git a/apps/docs/static/img/landscape/lovable.png b/apps/docs/static/img/landscape/lovable.png
new file mode 100644
index 000000000..09b6a1fa7
Binary files /dev/null and b/apps/docs/static/img/landscape/lovable.png differ
diff --git a/apps/docs/static/img/landscape/mastra.png b/apps/docs/static/img/landscape/mastra.png
new file mode 100644
index 000000000..ccd648bfc
Binary files /dev/null and b/apps/docs/static/img/landscape/mastra.png differ
diff --git a/apps/docs/static/img/landscape/modal.png b/apps/docs/static/img/landscape/modal.png
new file mode 100644
index 000000000..05f51a49a
Binary files /dev/null and b/apps/docs/static/img/landscape/modal.png differ
diff --git a/apps/docs/static/img/landscape/openhands.png b/apps/docs/static/img/landscape/openhands.png
new file mode 100644
index 000000000..cb10e2510
Binary files /dev/null and b/apps/docs/static/img/landscape/openhands.png differ
diff --git a/apps/docs/static/img/landscape/railway.png b/apps/docs/static/img/landscape/railway.png
new file mode 100644
index 000000000..db788283b
Binary files /dev/null and b/apps/docs/static/img/landscape/railway.png differ
diff --git a/apps/docs/static/img/landscape/render.svg b/apps/docs/static/img/landscape/render.svg
new file mode 100644
index 000000000..6a0f238ca
--- /dev/null
+++ b/apps/docs/static/img/landscape/render.svg
@@ -0,0 +1 @@
+<svg fill="#000000" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Render</title><path d="M18.263.007c-3.121-.147-5.744 2.109-6.192 5.082-.018.138-.045.272-.067.405-.696 3.703-3.936 6.507-7.827 6.507-1.388 0-2.691-.356-3.825-.979a.2024.2024 0 0 0-.302.178V24H12v-8.999c0-1.656 1.338-3 2.987-3h2.988c3.382 0 6.103-2.817 5.97-6.244-.12-3.084-2.61-5.603-5.682-5.75"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/landscape/replit.png b/apps/docs/static/img/landscape/replit.png
new file mode 100644
index 000000000..93dd74230
Binary files /dev/null and b/apps/docs/static/img/landscape/replit.png differ
diff --git a/apps/docs/static/img/landscape/v0.png b/apps/docs/static/img/landscape/v0.png
new file mode 100644
index 000000000..f94547534
Binary files /dev/null and b/apps/docs/static/img/landscape/v0.png differ
diff --git a/apps/docs/static/img/landscape/vercel.ico b/apps/docs/static/img/landscape/vercel.ico
new file mode 100644
index 000000000..40cc5977d
Binary files /dev/null and b/apps/docs/static/img/landscape/vercel.ico differ
diff --git a/apps/docs/static/img/landscape/vultr.png b/apps/docs/static/img/landscape/vultr.png
new file mode 100644
index 000000000..2d0ee6bf2
Binary files /dev/null and b/apps/docs/static/img/landscape/vultr.png differ
diff --git a/apps/docs/static/img/landscape/windsurf.png b/apps/docs/static/img/landscape/windsurf.png
new file mode 100644
index 000000000..545a64fae
Binary files /dev/null and b/apps/docs/static/img/landscape/windsurf.png differ
diff --git a/apps/docs/static/img/landscape/zed.png b/apps/docs/static/img/landscape/zed.png
new file mode 100644
index 000000000..3f56a5d48
Binary files /dev/null and b/apps/docs/static/img/landscape/zed.png differ
diff --git a/apps/docs/static/img/recipes/astro.svg b/apps/docs/static/img/recipes/astro.svg
new file mode 100644
index 000000000..911c59f05
--- /dev/null
+++ b/apps/docs/static/img/recipes/astro.svg
@@ -0,0 +1 @@
+<svg fill="#BC52EE" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Astro</title><path d="M8.358 20.162c-1.186-1.07-1.532-3.316-1.038-4.944.856 1.026 2.043 1.352 3.272 1.535 1.897.283 3.76.177 5.522-.678.202-.098.388-.229.608-.36.166.473.209.95.151 1.437-.14 1.185-.738 2.1-1.688 2.794-.38.277-.782.525-1.175.787-1.205.804-1.531 1.747-1.078 3.119l.044.148a3.158 3.158 0 0 1-1.407-1.188 3.31 3.31 0 0 1-.544-1.815c-.004-.32-.004-.642-.048-.958-.106-.769-.472-1.113-1.161-1.133-.707-.02-1.267.411-1.415 1.09-.012.053-.028.104-.045.165h.002zm-5.961-4.445s3.24-1.575 6.49-1.575l2.451-7.565c.092-.366.36-.614.662-.614.302 0 .57.248.662.614l2.45 7.565c3.85 0 6.491 1.575 6.491 1.575L16.088.727C15.93.285 15.663 0 15.303 0H8.697c-.36 0-.615.285-.784.727l-5.516 14.99z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/claude.png b/apps/docs/static/img/recipes/claude.png
new file mode 100644
index 000000000..505717358
Binary files /dev/null and b/apps/docs/static/img/recipes/claude.png differ
diff --git a/apps/docs/static/img/recipes/codex.svg b/apps/docs/static/img/recipes/codex.svg
new file mode 100644
index 000000000..ebbdab0ec
--- /dev/null
+++ b/apps/docs/static/img/recipes/codex.svg
@@ -0,0 +1 @@
+<svg role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>OpenAI</title><path d="M22.2819 9.8211a5.9847 5.9847 0 0 0-.5157-4.9108 6.0462 6.0462 0 0 0-6.5098-2.9A6.0651 6.0651 0 0 0 4.9807 4.1818a5.9847 5.9847 0 0 0-3.9977 2.9 6.0462 6.0462 0 0 0 .7427 7.0966 5.98 5.98 0 0 0 .511 4.9107 6.051 6.051 0 0 0 6.5146 2.9001A5.9847 5.9847 0 0 0 13.2599 24a6.0557 6.0557 0 0 0 5.7718-4.2058 5.9894 5.9894 0 0 0 3.9977-2.9001 6.0557 6.0557 0 0 0-.7475-7.0729zm-9.022 12.6081a4.4755 4.4755 0 0 1-2.8764-1.0408l.1419-.0804 4.7783-2.7582a.7948.7948 0 0 0 .3927-.6813v-6.7369l2.02 1.1686a.071.071 0 0 1 .038.052v5.5826a4.504 4.504 0 0 1-4.4945 4.4944zm-9.6607-4.1254a4.4708 4.4708 0 0 1-.5346-3.0137l.142.0852 4.783 2.7582a.7712.7712 0 0 0 .7806 0l5.8428-3.3685v2.3324a.0804.0804 0 0 1-.0332.0615L9.74 19.9502a4.4992 4.4992 0 0 1-6.1408-1.6464zM2.3408 7.8956a4.485 4.485 0 0 1 2.3655-1.9728V11.6a.7664.7664 0 0 0 .3879.6765l5.8144 3.3543-2.0201 1.1685a.0757.0757 0 0 1-.071 0l-4.8303-2.7865A4.504 4.504 0 0 1 2.3408 7.872zm16.5963 3.8558L13.1038 8.364 15.1192 7.2a.0757.0757 0 0 1 .071 0l4.8303 2.7913a4.4944 4.4944 0 0 1-.6765 8.1042v-5.6772a.79.79 0 0 0-.407-.667zm2.0107-3.0231l-.142-.0852-4.7735-2.7818a.7759.7759 0 0 0-.7854 0L9.409 9.2297V6.8974a.0662.0662 0 0 1 .0284-.0615l4.8303-2.7866a4.4992 4.4992 0 0 1 6.6802 4.66zM8.3065 12.863l-2.02-1.1638a.0804.0804 0 0 1-.038-.0567V6.0742a4.4992 4.4992 0 0 1 7.3757-3.4537l-.142.0805L8.704 5.459a.7948.7948 0 0 0-.3927.6813zm1.0976-2.3654l2.602-1.4998 2.6069 1.4998v2.9994l-2.5974 1.4997-2.6067-1.4997Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/django.svg b/apps/docs/static/img/recipes/django.svg
new file mode 100644
index 000000000..2ab6f7636
--- /dev/null
+++ b/apps/docs/static/img/recipes/django.svg
@@ -0,0 +1 @@
+<svg fill="#092E20" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Django</title><path d="M11.146 0h3.924v18.166c-2.013.382-3.491.535-5.096.535-4.791 0-7.288-2.166-7.288-6.32 0-4.002 2.65-6.6 6.753-6.6.637 0 1.121.05 1.707.203zm0 9.143a3.894 3.894 0 00-1.325-.204c-1.988 0-3.134 1.223-3.134 3.365 0 2.09 1.096 3.236 3.109 3.236.433 0 .79-.025 1.35-.102V9.142zM21.314 6.06v9.098c0 3.134-.229 4.638-.917 5.937-.637 1.249-1.478 2.039-3.211 2.905l-3.644-1.733c1.733-.815 2.574-1.53 3.109-2.625.561-1.121.739-2.421.739-5.835V6.059h3.924zM17.39.021h3.924v4.026H17.39z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/dotnet.svg b/apps/docs/static/img/recipes/dotnet.svg
new file mode 100644
index 000000000..c4b482ecc
--- /dev/null
+++ b/apps/docs/static/img/recipes/dotnet.svg
@@ -0,0 +1 @@
+<svg fill="#512BD4" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>.NET</title><path d="M24 8.77h-2.468v7.565h-1.425V8.77h-2.462V7.53H24zm-6.852 7.565h-4.821V7.53h4.63v1.24h-3.205v2.494h2.953v1.234h-2.953v2.604h3.396zm-6.708 0H8.882L4.78 9.863a2.896 2.896 0 0 1-.258-.51h-.036c.032.189.048.592.048 1.21v5.772H3.157V7.53h1.659l3.965 6.32c.167.261.275.442.323.54h.024c-.04-.233-.06-.629-.06-1.185V7.529h1.372zm-8.703-.693a.868.829 0 0 1-.869.829.868.829 0 0 1-.868-.83.868.829 0 0 1 .868-.828.868.829 0 0 1 .869.829Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/express.svg b/apps/docs/static/img/recipes/express.svg
new file mode 100644
index 000000000..96c2be8f0
--- /dev/null
+++ b/apps/docs/static/img/recipes/express.svg
@@ -0,0 +1 @@
+<svg fill="#000000" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Express</title><path d="M24 18.588a1.529 1.529 0 01-1.895-.72l-3.45-4.771-.5-.667-4.003 5.444a1.466 1.466 0 01-1.802.708l5.158-6.92-4.798-6.251a1.595 1.595 0 011.9.666l3.576 4.83 3.596-4.81a1.435 1.435 0 011.788-.668L21.708 7.9l-2.522 3.283a.666.666 0 000 .994l4.804 6.412zM.002 11.576l.42-2.075c1.154-4.103 5.858-5.81 9.094-3.27 1.895 1.489 2.368 3.597 2.275 5.973H1.116C.943 16.447 4.005 19.009 7.92 17.7a4.078 4.078 0 002.582-2.876c.207-.666.548-.78 1.174-.588a5.417 5.417 0 01-2.589 3.957 6.272 6.272 0 01-7.306-.933 6.575 6.575 0 01-1.64-3.858c0-.235-.08-.455-.134-.666A88.33 88.33 0 010 11.577zm1.127-.286h9.654c-.06-3.076-2.001-5.258-4.59-5.278-2.882-.04-4.944 2.094-5.071 5.264z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/fastapi.svg b/apps/docs/static/img/recipes/fastapi.svg
new file mode 100644
index 000000000..6bab9e10c
--- /dev/null
+++ b/apps/docs/static/img/recipes/fastapi.svg
@@ -0,0 +1 @@
+<svg fill="#009688" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>FastAPI</title><path d="M12 .0387C5.3729.0384.0003 5.3931 0 11.9988c-.001 6.6066 5.372 11.9628 12 11.9625 6.628.0003 12.001-5.3559 12-11.9625-.0003-6.6057-5.3729-11.9604-12-11.96m-.829 5.4153h7.55l-7.5805 5.3284h5.1828L5.279 18.5436q2.9466-6.5444 5.892-13.0896"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/flask.svg b/apps/docs/static/img/recipes/flask.svg
new file mode 100644
index 000000000..4c32ea9a8
--- /dev/null
+++ b/apps/docs/static/img/recipes/flask.svg
@@ -0,0 +1 @@
+<svg fill="#3BABC3" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Flask</title><path d="M10.773 2.878c-.013 1.434.322 4.624.445 5.734l-8.558 3.83c-.56-.959-.98-2.304-1.237-3.38l-.06.027c-.205.09-.406.053-.494-.088l-.011-.018-.82-1.506c-.058-.105-.05-.252.024-.392a.78.78 0 0 1 .358-.331l9.824-4.207c.146-.064.299-.063.4.004.106.062.127.128.13.327Zm.68 7c.523 1.97.675 2.412.832 2.818l-7.263 3.7a19.35 19.35 0 0 1-1.81-2.83l8.24-3.689Zm12.432 8.786h.003c.283.402-.047.657-.153.698l-.947.37c.037.125.035.319-.217.414l-.736.287c-.229.09-.398-.059-.42-.2l-.025-.125c-4.427 1.784-7.94 1.685-10.696.647-1.981-.745-3.576-1.983-4.846-3.379l6.948-3.54c.721 1.431 1.586 2.454 2.509 3.178 2.086 1.638 4.415 1.712 5.793 1.563l-.047-.233c-.015-.077.007-.135.086-.165l.734-.288a.302.302 0 0 1 .342.086l.748-.288a.306.306 0 0 1 .341.086l.583.89Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/gemini.svg b/apps/docs/static/img/recipes/gemini.svg
new file mode 100644
index 000000000..e15e53ce0
--- /dev/null
+++ b/apps/docs/static/img/recipes/gemini.svg
@@ -0,0 +1 @@
+<svg fill="#8E75B2" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Google Gemini</title><path d="M11.04 19.32Q12 21.51 12 24q0-2.49.93-4.68.96-2.19 2.58-3.81t3.81-2.55Q21.51 12 24 12q-2.49 0-4.68-.93a12.3 12.3 0 0 1-3.81-2.58 12.3 12.3 0 0 1-2.58-3.81Q12 2.49 12 0q0 2.49-.96 4.68-.93 2.19-2.55 3.81a12.3 12.3 0 0 1-3.81 2.58Q2.49 12 0 12q2.49 0 4.68.96 2.19.93 3.81 2.55t2.55 3.81"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/go.svg b/apps/docs/static/img/recipes/go.svg
new file mode 100644
index 000000000..51990bd01
--- /dev/null
+++ b/apps/docs/static/img/recipes/go.svg
@@ -0,0 +1 @@
+<svg fill="#00ADD8" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Go</title><path d="M1.811 10.231c-.047 0-.058-.023-.035-.059l.246-.315c.023-.035.081-.058.128-.058h4.172c.046 0 .058.035.035.07l-.199.303c-.023.036-.082.07-.117.07zM.047 11.306c-.047 0-.059-.023-.035-.058l.245-.316c.023-.035.082-.058.129-.058h5.328c.047 0 .07.035.058.07l-.093.28c-.012.047-.058.07-.105.07zm2.828 1.075c-.047 0-.059-.035-.035-.07l.163-.292c.023-.035.07-.07.117-.07h2.337c.047 0 .07.035.07.082l-.023.28c0 .047-.047.082-.082.082zm12.129-2.36c-.736.187-1.239.327-1.963.514-.176.046-.187.058-.34-.117-.174-.199-.303-.327-.548-.444-.737-.362-1.45-.257-2.115.175-.795.514-1.204 1.274-1.192 2.22.011.935.654 1.706 1.577 1.835.795.105 1.46-.175 1.987-.77.105-.13.198-.27.315-.434H10.47c-.245 0-.304-.152-.222-.35.152-.362.432-.97.596-1.274a.315.315 0 01.292-.187h4.253c-.023.316-.023.631-.07.947a4.983 4.983 0 01-.958 2.29c-.841 1.11-1.94 1.8-3.33 1.986-1.145.152-2.209-.07-3.143-.77-.865-.655-1.356-1.52-1.484-2.595-.152-1.274.222-2.419.993-3.424.83-1.086 1.928-1.776 3.272-2.02 1.098-.2 2.15-.07 3.096.571.62.41 1.063.97 1.356 1.648.07.105.023.164-.117.2m3.868 6.461c-1.064-.024-2.034-.328-2.852-1.029a3.665 3.665 0 01-1.262-2.255c-.21-1.32.152-2.489.947-3.529.853-1.122 1.881-1.706 3.272-1.95 1.192-.21 2.314-.095 3.33.595.923.63 1.496 1.484 1.648 2.605.198 1.578-.257 2.863-1.344 3.962-.771.783-1.718 1.273-2.805 1.495-.315.06-.63.07-.934.106zm2.78-4.72c-.011-.153-.011-.27-.034-.387-.21-1.157-1.274-1.81-2.384-1.554-1.087.245-1.788.935-2.045 2.033-.21.912.234 1.835 1.075 2.21.643.28 1.285.244 1.905-.07.923-.48 1.425-1.228 1.484-2.233z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/laravel.svg b/apps/docs/static/img/recipes/laravel.svg
new file mode 100644
index 000000000..36f0035a9
--- /dev/null
+++ b/apps/docs/static/img/recipes/laravel.svg
@@ -0,0 +1 @@
+<svg fill="#FF2D20" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Laravel</title><path d="M23.642 5.43a.364.364 0 01.014.1v5.149c0 .135-.073.26-.189.326l-4.323 2.49v4.934a.378.378 0 01-.188.326L9.93 23.949a.316.316 0 01-.066.027c-.008.002-.016.008-.024.01a.348.348 0 01-.192 0c-.011-.002-.02-.008-.03-.012-.02-.008-.042-.014-.062-.025L.533 18.755a.376.376 0 01-.189-.326V2.974c0-.033.005-.066.014-.098.003-.012.01-.02.014-.032a.369.369 0 01.023-.058c.004-.013.015-.022.023-.033l.033-.045c.012-.01.025-.018.037-.027.014-.012.027-.024.041-.034H.53L5.043.05a.375.375 0 01.375 0L9.93 2.647h.002c.015.01.027.021.04.033l.038.027c.013.014.02.03.033.045.008.011.02.021.025.033.01.02.017.038.024.058.003.011.01.021.013.032.01.031.014.064.014.098v9.652l3.76-2.164V5.527c0-.033.004-.066.013-.098.003-.01.01-.02.013-.032a.487.487 0 01.024-.059c.007-.012.018-.02.025-.033.012-.015.021-.03.033-.043.012-.012.025-.02.037-.028.014-.01.026-.023.041-.032h.001l4.513-2.598a.375.375 0 01.375 0l4.513 2.598c.016.01.027.021.042.031.012.01.025.018.036.028.013.014.022.03.034.044.008.012.019.021.024.033.011.02.018.04.024.06.006.01.012.021.015.032zm-.74 5.032V6.179l-1.578.908-2.182 1.256v4.283zm-4.51 7.75v-4.287l-2.147 1.225-6.126 3.498v4.325zM1.093 3.624v14.588l8.273 4.761v-4.325l-4.322-2.445-.002-.003H5.04c-.014-.01-.025-.021-.04-.031-.011-.01-.024-.018-.035-.027l-.001-.002c-.013-.012-.021-.025-.031-.04-.01-.011-.021-.022-.028-.036h-.002c-.008-.014-.013-.031-.02-.047-.006-.016-.014-.027-.018-.043a.49.49 0 01-.008-.057c-.002-.014-.006-.027-.006-.041V5.789l-2.18-1.257zM5.23.81L1.47 2.974l3.76 2.164 3.758-2.164zm1.956 13.505l2.182-1.256V3.624l-1.58.91-2.182 1.255v9.435zm11.581-10.95l-3.76 2.163 3.76 2.163 3.759-2.164zm-.376 4.978L16.21 7.087 14.63 6.18v4.283l2.182 1.256 1.58.908zm-8.65 9.654l5.514-3.148 2.756-1.572-3.757-2.163-4.323 2.489-3.941 2.27z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/nestjs.svg b/apps/docs/static/img/recipes/nestjs.svg
new file mode 100644
index 000000000..61770a794
--- /dev/null
+++ b/apps/docs/static/img/recipes/nestjs.svg
@@ -0,0 +1 @@
+<svg fill="#E0234E" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>NestJS</title><path d="M14.131.047c-.173 0-.334.037-.483.087.316.21.49.49.576.806.007.043.019.074.025.117a.681.681 0 0 1 .013.112c.024.545-.143.614-.26.936-.18.415-.13.861.086 1.22a.74.74 0 0 0 .074.137c-.235-1.568 1.073-1.803 1.314-2.293.019-.428-.334-.713-.613-.911a1.37 1.37 0 0 0-.732-.21zM16.102.4c-.024.143-.006.106-.012.18-.006.05-.006.112-.012.161-.013.05-.025.1-.044.149-.012.05-.03.1-.05.149l-.067.142c-.02.025-.031.05-.05.075l-.037.055a2.152 2.152 0 0 1-.093.124c-.037.038-.068.081-.112.112v.006c-.037.031-.074.068-.118.1-.13.099-.278.173-.415.266-.043.03-.087.056-.124.093a.906.906 0 0 0-.118.099c-.043.037-.074.074-.111.118-.031.037-.068.08-.093.124a1.582 1.582 0 0 0-.087.13c-.025.05-.043.093-.068.142-.019.05-.037.093-.05.143a2.007 2.007 0 0 0-.043.155c-.006.025-.006.056-.012.08-.007.025-.007.05-.013.075 0 .05-.006.105-.006.155 0 .037 0 .074.006.111 0 .05.006.1.019.155.006.05.018.1.03.15.02.049.032.098.05.148.013.03.031.062.044.087l-1.426-.552c-.241-.068-.477-.13-.719-.186l-.39-.093c-.372-.074-.75-.13-1.128-.167-.013 0-.019-.006-.031-.006A11.082 11.082 0 0 0 8.9 2.855c-.378.025-.756.074-1.134.136a12.45 12.45 0 0 0-.837.174l-.279.074c-.092.037-.18.08-.266.118l-.205.093c-.012.006-.024.006-.03.012-.063.031-.118.056-.174.087a2.738 2.738 0 0 0-.236.118c-.043.018-.086.043-.124.062a.559.559 0 0 1-.055.03c-.056.032-.112.063-.162.094a1.56 1.56 0 0 0-.148.093c-.044.03-.087.055-.124.086-.006.007-.013.007-.019.013-.037.025-.08.056-.118.087l-.012.012-.093.074c-.012.007-.025.019-.037.025-.031.025-.062.056-.093.08-.006.013-.019.02-.025.025-.037.038-.074.069-.111.106-.007 0-.007.006-.013.012a1.742 1.742 0 0 0-.111.106c-.007.006-.007.012-.013.012a1.454 1.454 0 0 0-.093.1c-.012.012-.03.024-.043.036a1.374 1.374 0 0 1-.106.112c-.006.012-.018.019-.024.03-.05.05-.093.1-.143.15l-.018.018c-.1.106-.205.211-.317.304-.111.1-.229.192-.347.273a3.777 3.777 0 0 1-.762.421c-.13.056-.267.106-.403.149-.26.056-.527.161-.756.18-.05 0-.105.012-.155.018l-.155.037-.149.056c-.05.019-.099.044-.148.068-.044.031-.093.056-.137.087a1.011 1.011 0 0 0-.124.106c-.043.03-.087.074-.124.111-.037.043-.074.08-.105.124-.031.05-.068.093-.093.143a1.092 1.092 0 0 0-.087.142c-.025.056-.05.106-.068.161-.019.05-.037.106-.056.161-.012.05-.025.1-.03.15 0 .005-.007.012-.007.018-.012.056-.012.13-.019.167C.006 7.95 0 7.986 0 8.03a.657.657 0 0 0 .074.31v.006c.019.037.044.075.069.112.024.037.05.074.08.111.031.031.068.069.106.1a.906.906 0 0 0 .117.099c.149.13.186.173.378.272.031.019.062.031.1.05.006 0 .012.006.018.006 0 .013 0 .019.006.031a1.272 1.272 0 0 0 .08.298c.02.037.032.074.05.111.007.013.013.025.02.031.024.05.049.093.073.137l.093.13c.031.037.069.08.106.118.037.037.074.068.118.105 0 0 .006.006.012.006.037.031.074.062.112.087a.986.986 0 0 0 .136.08c.043.025.093.05.142.069a.73.73 0 0 0 .124.043c.007.006.013.006.025.012.025.007.056.013.08.019-.018.335-.024.65.026.762.055.124.328-.254.6-.688-.036.428-.061.93 0 1.079.069.155.44-.329.763-.862 4.395-1.016 8.405 2.02 8.826 6.31-.08-.67-.905-1.041-1.283-.948-.186.458-.502 1.047-1.01 1.413.043-.41.025-.83-.062-1.24a4.009 4.009 0 0 1-.769 1.562c-.588.043-1.177-.242-1.487-.67-.025-.018-.031-.055-.05-.08-.018-.043-.037-.087-.05-.13a.515.515 0 0 1-.037-.13c-.006-.044-.006-.087-.006-.137v-.093a.992.992 0 0 1 .031-.13c.013-.043.025-.086.044-.13.024-.043.043-.087.074-.13.105-.298.105-.54-.087-.682a.706.706 0 0 0-.118-.062c-.024-.006-.055-.018-.08-.025l-.05-.018a.847.847 0 0 0-.13-.031.472.472 0 0 0-.13-.019 1.01 1.01 0 0 0-.136-.012c-.031 0-.062.006-.093.006a.484.484 0 0 0-.137.019c-.043.006-.086.012-.13.024a1.068 1.068 0 0 0-.13.044c-.043.018-.08.037-.124.056-.037.018-.074.043-.118.062-1.444.942-.582 3.148.403 3.787-.372.068-.75.148-.855.229l-.013.012c.267.161.546.298.837.416.397.13.818.247 1.004.297v.006a5.996 5.996 0 0 0 1.562.112c2.746-.192 4.996-2.281 5.405-5.033l.037.161c.019.112.043.23.056.347v.006c.012.056.018.112.025.162v.024c.006.056.012.112.012.162.006.068.012.136.012.204v.1c0 .03.007.067.007.098 0 .038-.007.075-.007.112v.087c0 .043-.006.08-.006.124 0 .025 0 .05-.006.08 0 .044-.006.087-.006.137-.006.018-.006.037-.006.055l-.02.143c0 .019 0 .037-.005.056-.007.062-.019.118-.025.18v.012l-.037.174v.018l-.037.167c0 .007-.007.02-.007.025a1.663 1.663 0 0 1-.043.168v.018c-.019.062-.037.118-.05.174-.006.006-.006.012-.006.012l-.056.186c-.024.062-.043.118-.068.18-.025.062-.043.124-.068.18-.025.062-.05.117-.074.18h-.007c-.024.055-.05.117-.08.173a.302.302 0 0 1-.019.043c-.006.006-.006.013-.012.019a5.867 5.867 0 0 1-1.742 2.082c-.05.031-.099.069-.149.106-.012.012-.03.018-.043.03a2.603 2.603 0 0 1-.136.094l.018.037h.007l.26-.037h.006c.161-.025.322-.056.483-.087.044-.006.093-.019.137-.031l.087-.019c.043-.006.086-.018.13-.024.037-.013.074-.02.111-.031.62-.15 1.221-.354 1.798-.595a9.926 9.926 0 0 1-3.85 3.142c.714-.05 1.426-.167 2.114-.366a9.903 9.903 0 0 0 5.857-4.68 9.893 9.893 0 0 1-1.667 3.986 9.758 9.758 0 0 0 1.655-1.376 9.824 9.824 0 0 0 2.61-5.268c.21.98.272 1.99.18 2.987 4.474-6.241.371-12.712-1.346-14.416-.006-.013-.012-.019-.012-.031-.006.006-.006.006-.006.012 0-.006 0-.006-.007-.012 0 .074-.006.148-.012.223a8.34 8.34 0 0 1-.062.415c-.03.136-.068.273-.105.41-.044.13-.093.266-.15.396a5.322 5.322 0 0 1-.185.378 4.735 4.735 0 0 1-.477.688c-.093.111-.192.21-.292.31a3.994 3.994 0 0 1-.18.155l-.142.124a3.459 3.459 0 0 1-.347.241 4.295 4.295 0 0 1-.366.211c-.13.062-.26.118-.39.174a4.364 4.364 0 0 1-.818.223c-.143.025-.285.037-.422.05a4.914 4.914 0 0 1-.297.012 4.66 4.66 0 0 1-.422-.025 3.137 3.137 0 0 1-.421-.062 3.136 3.136 0 0 1-.415-.105h-.007c.137-.013.273-.025.41-.05a4.493 4.493 0 0 0 .818-.223c.136-.05.266-.112.39-.174.13-.062.248-.13.372-.204.118-.08.235-.161.347-.248.112-.087.217-.18.316-.279.105-.093.198-.198.291-.304.093-.111.18-.223.26-.334.013-.019.026-.044.038-.062.062-.1.124-.199.18-.298a4.272 4.272 0 0 0 .334-.775c.044-.13.075-.266.106-.403.025-.142.05-.278.062-.415.012-.142.025-.285.025-.421 0-.1-.007-.199-.013-.298a6.726 6.726 0 0 0-.05-.415 4.493 4.493 0 0 0-.092-.415c-.044-.13-.087-.267-.137-.397-.05-.13-.111-.26-.173-.384-.069-.124-.137-.248-.211-.366a6.843 6.843 0 0 0-.248-.34c-.093-.106-.186-.212-.285-.317a3.878 3.878 0 0 0-.161-.155c-.28-.217-.57-.421-.862-.607a1.154 1.154 0 0 0-.124-.062 2.415 2.415 0 0 0-.589-.26Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/nextjs.svg b/apps/docs/static/img/recipes/nextjs.svg
new file mode 100644
index 000000000..42e365b4d
--- /dev/null
+++ b/apps/docs/static/img/recipes/nextjs.svg
@@ -0,0 +1 @@
+<svg fill="#000000" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Next.js</title><path d="M18.665 21.978C16.758 23.255 14.465 24 12 24 5.377 24 0 18.623 0 12S5.377 0 12 0s12 5.377 12 12c0 3.583-1.574 6.801-4.067 9.001L9.219 7.2H7.2v9.596h1.615V9.251l9.85 12.727Zm-3.332-8.533 1.6 2.061V7.2h-1.6v6.245Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/nodejs.svg b/apps/docs/static/img/recipes/nodejs.svg
new file mode 100644
index 000000000..3cc5893e0
--- /dev/null
+++ b/apps/docs/static/img/recipes/nodejs.svg
@@ -0,0 +1 @@
+<svg fill="#5FA04E" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Node.js</title><path d="M11.998,24c-0.321,0-0.641-0.084-0.922-0.247l-2.936-1.737c-0.438-0.245-0.224-0.332-0.08-0.383 c0.585-0.203,0.703-0.25,1.328-0.604c0.065-0.037,0.151-0.023,0.218,0.017l2.256,1.339c0.082,0.045,0.197,0.045,0.272,0l8.795-5.076 c0.082-0.047,0.134-0.141,0.134-0.238V6.921c0-0.099-0.053-0.192-0.137-0.242l-8.791-5.072c-0.081-0.047-0.189-0.047-0.271,0 L3.075,6.68C2.99,6.729,2.936,6.825,2.936,6.921v10.15c0,0.097,0.054,0.189,0.139,0.235l2.409,1.392 c1.307,0.654,2.108-0.116,2.108-0.89V7.787c0-0.142,0.114-0.253,0.256-0.253h1.115c0.139,0,0.255,0.112,0.255,0.253v10.021 c0,1.745-0.95,2.745-2.604,2.745c-0.508,0-0.909,0-2.026-0.551L2.28,18.675c-0.57-0.329-0.922-0.945-0.922-1.604V6.921 c0-0.659,0.353-1.275,0.922-1.603l8.795-5.082c0.557-0.315,1.296-0.315,1.848,0l8.794,5.082c0.57,0.329,0.924,0.944,0.924,1.603 v10.15c0,0.659-0.354,1.273-0.924,1.604l-8.794,5.078C12.643,23.916,12.324,24,11.998,24z M19.099,13.993 c0-1.9-1.284-2.406-3.987-2.763c-2.731-0.361-3.009-0.548-3.009-1.187c0-0.528,0.235-1.233,2.258-1.233 c1.807,0,2.473,0.389,2.747,1.607c0.024,0.115,0.129,0.199,0.247,0.199h1.141c0.071,0,0.138-0.031,0.186-0.081 c0.048-0.054,0.074-0.123,0.067-0.196c-0.177-2.098-1.571-3.076-4.388-3.076c-2.508,0-4.004,1.058-4.004,2.833 c0,1.925,1.488,2.457,3.895,2.695c2.88,0.282,3.103,0.703,3.103,1.269c0,0.983-0.789,1.402-2.642,1.402 c-2.327,0-2.839-0.584-3.011-1.742c-0.02-0.124-0.126-0.215-0.253-0.215h-1.137c-0.141,0-0.254,0.112-0.254,0.253 c0,1.482,0.806,3.248,4.655,3.248C17.501,17.007,19.099,15.91,19.099,13.993z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/nuxt.svg b/apps/docs/static/img/recipes/nuxt.svg
new file mode 100644
index 000000000..024d2464c
--- /dev/null
+++ b/apps/docs/static/img/recipes/nuxt.svg
@@ -0,0 +1 @@
+<svg fill="#00DC82" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Nuxt</title><path d="M13.4642 19.8295h8.9218c.2834 0 .5618-.0723.8072-.2098a1.5899 1.5899 0 0 0 .5908-.5732 1.5293 1.5293 0 0 0 .216-.783 1.529 1.529 0 0 0-.2167-.7828L17.7916 7.4142a1.5904 1.5904 0 0 0-.5907-.573 1.6524 1.6524 0 0 0-.807-.2099c-.2833 0-.5616.0724-.807.2098a1.5904 1.5904 0 0 0-.5907.5731L13.4642 9.99l-2.9954-5.0366a1.5913 1.5913 0 0 0-.591-.573 1.6533 1.6533 0 0 0-.8071-.2098c-.2834 0-.5617.0723-.8072.2097a1.5913 1.5913 0 0 0-.591.573L.2168 17.4808A1.5292 1.5292 0 0 0 0 18.2635c-.0001.2749.0744.545.216.783a1.59 1.59 0 0 0 .5908.5732c.2454.1375.5238.2098.8072.2098h5.6003c2.219 0 3.8554-.9454 4.9813-2.7899l2.7337-4.5922L16.3935 9.99l4.3944 7.382h-5.8586ZM7.123 17.3694l-3.9083-.0009 5.8586-9.8421 2.9232 4.921-1.9572 3.2892c-.7478 1.1967-1.5972 1.6328-2.9163 1.6328z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/opencode.png b/apps/docs/static/img/recipes/opencode.png
new file mode 100644
index 000000000..70fd01b0e
Binary files /dev/null and b/apps/docs/static/img/recipes/opencode.png differ
diff --git a/apps/docs/static/img/recipes/php.svg b/apps/docs/static/img/recipes/php.svg
new file mode 100644
index 000000000..92bdc7de4
--- /dev/null
+++ b/apps/docs/static/img/recipes/php.svg
@@ -0,0 +1 @@
+<svg fill="#777BB4" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>PHP</title><path d="M7.01 10.207h-.944l-.515 2.648h.838c.556 0 .97-.105 1.242-.314.272-.21.455-.559.55-1.049.092-.47.05-.802-.124-.995-.175-.193-.523-.29-1.047-.29zM12 5.688C5.373 5.688 0 8.514 0 12s5.373 6.313 12 6.313S24 15.486 24 12c0-3.486-5.373-6.312-12-6.312zm-3.26 7.451c-.261.25-.575.438-.917.551-.336.108-.765.164-1.285.164H5.357l-.327 1.681H3.652l1.23-6.326h2.65c.797 0 1.378.209 1.744.628.366.418.476 1.002.33 1.752a2.836 2.836 0 0 1-.305.847c-.143.255-.33.49-.561.703zm4.024.715l.543-2.799c.063-.318.039-.536-.068-.651-.107-.116-.336-.174-.687-.174H11.46l-.704 3.625H9.388l1.23-6.327h1.367l-.327 1.682h1.218c.767 0 1.295.134 1.586.401s.378.7.263 1.299l-.572 2.944h-1.389zm7.597-2.265a2.782 2.782 0 0 1-.305.847c-.143.255-.33.49-.561.703a2.44 2.44 0 0 1-.917.551c-.336.108-.765.164-1.286.164h-1.18l-.327 1.682h-1.378l1.23-6.326h2.649c.797 0 1.378.209 1.744.628.366.417.477 1.001.331 1.751zM17.766 10.207h-.943l-.516 2.648h.838c.557 0 .971-.105 1.242-.314.272-.21.455-.559.551-1.049.092-.47.049-.802-.125-.995s-.524-.29-1.047-.29z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/python.svg b/apps/docs/static/img/recipes/python.svg
new file mode 100644
index 000000000..e1b14ec64
--- /dev/null
+++ b/apps/docs/static/img/recipes/python.svg
@@ -0,0 +1 @@
+<svg fill="#3776AB" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Python</title><path d="M14.25.18l.9.2.73.26.59.3.45.32.34.34.25.34.16.33.1.3.04.26.02.2-.01.13V8.5l-.05.63-.13.55-.21.46-.26.38-.3.31-.33.25-.35.19-.35.14-.33.1-.3.07-.26.04-.21.02H8.77l-.69.05-.59.14-.5.22-.41.27-.33.32-.27.35-.2.36-.15.37-.1.35-.07.32-.04.27-.02.21v3.06H3.17l-.21-.03-.28-.07-.32-.12-.35-.18-.36-.26-.36-.36-.35-.46-.32-.59-.28-.73-.21-.88-.14-1.05-.05-1.23.06-1.22.16-1.04.24-.87.32-.71.36-.57.4-.44.42-.33.42-.24.4-.16.36-.1.32-.05.24-.01h.16l.06.01h8.16v-.83H6.18l-.01-2.75-.02-.37.05-.34.11-.31.17-.28.25-.26.31-.23.38-.2.44-.18.51-.15.58-.12.64-.1.71-.06.77-.04.84-.02 1.27.05zm-6.3 1.98l-.23.33-.08.41.08.41.23.34.33.22.41.09.41-.09.33-.22.23-.34.08-.41-.08-.41-.23-.33-.33-.22-.41-.09-.41.09zm13.09 3.95l.28.06.32.12.35.18.36.27.36.35.35.47.32.59.28.73.21.88.14 1.04.05 1.23-.06 1.23-.16 1.04-.24.86-.32.71-.36.57-.4.45-.42.33-.42.24-.4.16-.36.09-.32.05-.24.02-.16-.01h-8.22v.82h5.84l.01 2.76.02.36-.05.34-.11.31-.17.29-.25.25-.31.24-.38.2-.44.17-.51.15-.58.13-.64.09-.71.07-.77.04-.84.01-1.27-.04-1.07-.14-.9-.2-.73-.25-.59-.3-.45-.33-.34-.34-.25-.34-.16-.33-.1-.3-.04-.25-.02-.2.01-.13v-5.34l.05-.64.13-.54.21-.46.26-.38.3-.32.33-.24.35-.2.35-.14.33-.1.3-.06.26-.04.21-.02.13-.01h5.84l.69-.05.59-.14.5-.21.41-.28.33-.32.27-.35.2-.36.15-.36.1-.35.07-.32.04-.28.02-.21V6.07h2.09l.14.01zm-6.47 14.25l-.23.33-.08.41.08.41.23.33.33.23.41.08.41-.08.33-.23.23-.33.08-.41-.08-.41-.23-.33-.33-.23-.41-.08-.41.08z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/rails.svg b/apps/docs/static/img/recipes/rails.svg
new file mode 100644
index 000000000..172cb977e
--- /dev/null
+++ b/apps/docs/static/img/recipes/rails.svg
@@ -0,0 +1 @@
+<svg fill="#D30001" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Ruby on Rails</title><path d="M.741 19.365h8.36s-1.598-7.291 3.693-10.243l.134-.066c1.286-.637 4.907-2.431 10.702 1.854.19-.159.37-.286.37-.286s-5.503-5.492-11.63-4.878c-3.079.275-6.867 3.079-9.09 6.783C1.058 16.233.741 19.365.741 19.365Zm8.804-.783a10.682 10.682 0 0 1-.127-1.333l1.143.412c.063.498.159.963.254 1.376l-1.27-.455Zm-7.799-4.317L.529 13.82c-.201.455-.423.984-.529 1.27l1.217.444c.137-.359.36-.878.529-1.269Zm7.831.296.857.677c.042-.413.116-.825.222-1.238l-.762-.603c-.137.391-.233.783-.317 1.164Zm2.042-2.646-.508-.762c.191-.243.413-.486.656-.709l.476.72a5.958 5.958 0 0 0-.624.751ZM4.19 8.878l.752.656c-.254.265-.498.551-.72.836l-.815-.698c.244-.265.508-.529.783-.794Zm9.799 1.027-.243-.73c.265-.117.571-.233.931-.339l.233.698a6.82 6.82 0 0 0-.921.371Zm3.122-.656.042-.667c.339.021.688.064 1.048.138l-.042.656a5.859 5.859 0 0 0-1.048-.127ZM8.942 6.392l-.476-.731c-.265.138-.54.286-.826.455l.487.741c.275-.169.54-.328.815-.465Zm9.217-.053.042-.709c-.095-.053-.36-.18-1.026-.371l-.043.699c.349.116.688.243 1.027.381ZM13.238 5.28h.106l-.212-.645c-.328 0-.666.021-1.016.063l.201.625a8.87 8.87 0 0 1 .921-.043Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/remix.svg b/apps/docs/static/img/recipes/remix.svg
new file mode 100644
index 000000000..31169d9a3
--- /dev/null
+++ b/apps/docs/static/img/recipes/remix.svg
@@ -0,0 +1 @@
+<svg fill="#000000" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Remix</title><path d="M21.511 18.508c.216 2.773.216 4.073.216 5.492H15.31c0-.309.006-.592.011-.878.018-.892.036-1.821-.109-3.698-.19-2.747-1.374-3.358-3.55-3.358H1.574v-5h10.396c2.748 0 4.122-.835 4.122-3.049 0-1.946-1.374-3.125-4.122-3.125H1.573V0h11.541c6.221 0 9.313 2.938 9.313 7.632 0 3.511-2.176 5.8-5.114 6.182 2.48.497 3.93 1.909 4.198 4.694ZM1.573 24v-3.727h6.784c1.133 0 1.379.84 1.379 1.342V24Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/rust.svg b/apps/docs/static/img/recipes/rust.svg
new file mode 100644
index 000000000..faa8c3a34
--- /dev/null
+++ b/apps/docs/static/img/recipes/rust.svg
@@ -0,0 +1 @@
+<svg fill="#000000" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Rust</title><path d="M23.8346 11.7033l-1.0073-.6236a13.7268 13.7268 0 00-.0283-.2936l.8656-.8069a.3483.3483 0 00-.1154-.578l-1.1066-.414a8.4958 8.4958 0 00-.087-.2856l.6904-.9587a.3462.3462 0 00-.2257-.5446l-1.1663-.1894a9.3574 9.3574 0 00-.1407-.2622l.49-1.0761a.3437.3437 0 00-.0274-.3361.3486.3486 0 00-.3006-.154l-1.1845.0416a6.7444 6.7444 0 00-.1873-.2268l.2723-1.153a.3472.3472 0 00-.417-.4172l-1.1532.2724a14.0183 14.0183 0 00-.2278-.1873l.0415-1.1845a.3442.3442 0 00-.49-.328l-1.076.491c-.0872-.0476-.1742-.0952-.2623-.1407l-.1903-1.1673A.3483.3483 0 0016.256.955l-.9597.6905a8.4867 8.4867 0 00-.2855-.086l-.414-1.1066a.3483.3483 0 00-.5781-.1154l-.8069.8666a9.2936 9.2936 0 00-.2936-.0284L12.2946.1683a.3462.3462 0 00-.5892 0l-.6236 1.0073a13.7383 13.7383 0 00-.2936.0284L9.9803.3374a.3462.3462 0 00-.578.1154l-.4141 1.1065c-.0962.0274-.1903.0567-.2855.086L7.744.955a.3483.3483 0 00-.5447.2258L7.009 2.348a9.3574 9.3574 0 00-.2622.1407l-1.0762-.491a.3462.3462 0 00-.49.328l.0416 1.1845a7.9826 7.9826 0 00-.2278.1873L3.8413 3.425a.3472.3472 0 00-.4171.4171l.2713 1.1531c-.0628.075-.1255.1509-.1863.2268l-1.1845-.0415a.3462.3462 0 00-.328.49l.491 1.0761a9.167 9.167 0 00-.1407.2622l-1.1662.1894a.3483.3483 0 00-.2258.5446l.6904.9587a13.303 13.303 0 00-.087.2855l-1.1065.414a.3483.3483 0 00-.1155.5781l.8656.807a9.2936 9.2936 0 00-.0283.2935l-1.0073.6236a.3442.3442 0 000 .5892l1.0073.6236c.008.0982.0182.1964.0283.2936l-.8656.8079a.3462.3462 0 00.1155.578l1.1065.4141c.0273.0962.0567.1914.087.2855l-.6904.9587a.3452.3452 0 00.2268.5447l1.1662.1893c.0456.088.0922.1751.1408.2622l-.491 1.0762a.3462.3462 0 00.328.49l1.1834-.0415c.0618.0769.1235.1528.1873.2277l-.2713 1.1541a.3462.3462 0 00.4171.4161l1.153-.2713c.075.0638.151.1255.2279.1863l-.0415 1.1845a.3442.3442 0 00.49.327l1.0761-.49c.087.0486.1741.0951.2622.1407l.1903 1.1662a.3483.3483 0 00.5447.2268l.9587-.6904a9.299 9.299 0 00.2855.087l.414 1.1066a.3452.3452 0 00.5781.1154l.8079-.8656c.0972.0111.1954.0203.2936.0294l.6236 1.0073a.3472.3472 0 00.5892 0l.6236-1.0073c.0982-.0091.1964-.0183.2936-.0294l.8069.8656a.3483.3483 0 00.578-.1154l.4141-1.1066a8.4626 8.4626 0 00.2855-.087l.9587.6904a.3452.3452 0 00.5447-.2268l.1903-1.1662c.088-.0456.1751-.0931.2622-.1407l1.0762.49a.3472.3472 0 00.49-.327l-.0415-1.1845a6.7267 6.7267 0 00.2267-.1863l1.1531.2713a.3472.3472 0 00.4171-.416l-.2713-1.1542c.0628-.0749.1255-.1508.1863-.2278l1.1845.0415a.3442.3442 0 00.328-.49l-.49-1.076c.0475-.0872.0951-.1742.1407-.2623l1.1662-.1893a.3483.3483 0 00.2258-.5447l-.6904-.9587.087-.2855 1.1066-.414a.3462.3462 0 00.1154-.5781l-.8656-.8079c.0101-.0972.0202-.1954.0283-.2936l1.0073-.6236a.3442.3442 0 000-.5892zm-6.7413 8.3551a.7138.7138 0 01.2986-1.396.714.714 0 11-.2997 1.396zm-.3422-2.3142a.649.649 0 00-.7715.5l-.3573 1.6685c-1.1035.501-2.3285.7795-3.6193.7795a8.7368 8.7368 0 01-3.6951-.814l-.3574-1.6684a.648.648 0 00-.7714-.499l-1.473.3158a8.7216 8.7216 0 01-.7613-.898h7.1676c.081 0 .1356-.0141.1356-.088v-2.536c0-.074-.0536-.0881-.1356-.0881h-2.0966v-1.6077h2.2677c.2065 0 1.1065.0587 1.394 1.2088.0901.3533.2875 1.5044.4232 1.8729.1346.413.6833 1.2381 1.2685 1.2381h3.5716a.7492.7492 0 00.1296-.0131 8.7874 8.7874 0 01-.8119.9526zM6.8369 20.024a.714.714 0 11-.2997-1.396.714.714 0 01.2997 1.396zM4.1177 8.9972a.7137.7137 0 11-1.304.5791.7137.7137 0 011.304-.579zm-.8352 1.9813l1.5347-.6824a.65.65 0 00.33-.8585l-.3158-.7147h1.2432v5.6025H3.5669a8.7753 8.7753 0 01-.2834-3.348zm6.7343-.5437V8.7836h2.9601c.153 0 1.0792.1772 1.0792.8697 0 .575-.7107.7815-1.2948.7815zm10.7574 1.4862c0 .2187-.008.4363-.0243.651h-.9c-.09 0-.1265.0586-.1265.1477v.413c0 .973-.5487 1.1846-1.0296 1.2382-.4576.0517-.9648-.1913-1.0275-.4717-.2704-1.5186-.7198-1.8436-1.4305-2.4034.8817-.5599 1.799-1.386 1.799-2.4915 0-1.1936-.819-1.9458-1.3769-2.3153-.7825-.5163-1.6491-.6195-1.883-.6195H5.4682a8.7651 8.7651 0 014.907-2.7699l1.0974 1.151a.648.648 0 00.9182.0213l1.227-1.1743a8.7753 8.7753 0 016.0044 4.2762l-.8403 1.8982a.652.652 0 00.33.8585l1.6178.7188c.0283.2875.0425.577.0425.8717zm-9.3006-9.5993a.7128.7128 0 11.984 1.0316.7137.7137 0 01-.984-1.0316zm8.3389 6.71a.7107.7107 0 01.9395-.3625.7137.7137 0 11-.9405.3635z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/spring.svg b/apps/docs/static/img/recipes/spring.svg
new file mode 100644
index 000000000..11a2af992
--- /dev/null
+++ b/apps/docs/static/img/recipes/spring.svg
@@ -0,0 +1 @@
+<svg fill="#6DB33F" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Spring</title><path d="M21.8537 1.4158a10.4504 10.4504 0 0 1-1.284 2.2471A11.9666 11.9666 0 1 0 3.8518 20.7757l.4445.3951a11.9543 11.9543 0 0 0 19.6316-8.2971c.3457-3.0126-.568-6.8649-2.0743-11.458zM5.5805 20.8745a1.0174 1.0174 0 1 1-.1482-1.4323 1.0396 1.0396 0 0 1 .1482 1.4323zm16.1991-3.5806c-2.9385 3.9263-9.2601 2.5928-13.2852 2.7904 0 0-.7161.0494-1.4323.1481 0 0 .2717-.1234.6174-.2469 2.8398-.9877 4.1732-1.1853 5.9018-2.0743 3.2349-1.6545 6.4698-5.2844 7.1118-9.0379-1.2347 3.6053-4.9881 6.7167-8.3959 7.9761-2.3459.8643-6.5685 1.7039-6.5685 1.7039l-.1729-.0988c-2.8645-1.4076-2.9632-7.6304 2.2718-9.6306 2.2966-.889 4.4696-.395 6.9637-.9877 2.6422-.6174 5.7043-2.5929 6.939-5.1857 1.3828 4.1732 3.062 10.643.0493 14.6434z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/svelte.svg b/apps/docs/static/img/recipes/svelte.svg
new file mode 100644
index 000000000..a3f86d5b8
--- /dev/null
+++ b/apps/docs/static/img/recipes/svelte.svg
@@ -0,0 +1 @@
+<svg fill="#FF3E00" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Svelte</title><path d="M10.354 21.125a4.44 4.44 0 0 1-4.765-1.767 4.109 4.109 0 0 1-.703-3.107 3.898 3.898 0 0 1 .134-.522l.105-.321.287.21a7.21 7.21 0 0 0 2.186 1.092l.208.063-.02.208a1.253 1.253 0 0 0 .226.83 1.337 1.337 0 0 0 1.435.533 1.231 1.231 0 0 0 .343-.15l5.59-3.562a1.164 1.164 0 0 0 .524-.778 1.242 1.242 0 0 0-.211-.937 1.338 1.338 0 0 0-1.435-.533 1.23 1.23 0 0 0-.343.15l-2.133 1.36a4.078 4.078 0 0 1-1.135.499 4.44 4.44 0 0 1-4.765-1.766 4.108 4.108 0 0 1-.702-3.108 3.855 3.855 0 0 1 1.742-2.582l5.589-3.563a4.072 4.072 0 0 1 1.135-.499 4.44 4.44 0 0 1 4.765 1.767 4.109 4.109 0 0 1 .703 3.107 3.943 3.943 0 0 1-.134.522l-.105.321-.286-.21a7.204 7.204 0 0 0-2.187-1.093l-.208-.063.02-.207a1.255 1.255 0 0 0-.226-.831 1.337 1.337 0 0 0-1.435-.532 1.231 1.231 0 0 0-.343.15L8.62 9.368a1.162 1.162 0 0 0-.524.778 1.24 1.24 0 0 0 .211.937 1.338 1.338 0 0 0 1.435.533 1.235 1.235 0 0 0 .344-.151l2.132-1.36a4.067 4.067 0 0 1 1.135-.498 4.44 4.44 0 0 1 4.765 1.766 4.108 4.108 0 0 1 .702 3.108 3.857 3.857 0 0 1-1.742 2.583l-5.589 3.562a4.072 4.072 0 0 1-1.135.499m10.358-17.95C18.484-.015 14.082-.96 10.9 1.068L5.31 4.63a6.412 6.412 0 0 0-2.896 4.295 6.753 6.753 0 0 0 .666 4.336 6.43 6.43 0 0 0-.96 2.396 6.833 6.833 0 0 0 1.168 5.167c2.229 3.19 6.63 4.135 9.812 2.108l5.59-3.562a6.41 6.41 0 0 0 2.896-4.295 6.756 6.756 0 0 0-.665-4.336 6.429 6.429 0 0 0 .958-2.396 6.831 6.831 0 0 0-1.167-5.168Z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/symfony.svg b/apps/docs/static/img/recipes/symfony.svg
new file mode 100644
index 000000000..4cc586fcf
--- /dev/null
+++ b/apps/docs/static/img/recipes/symfony.svg
@@ -0,0 +1 @@
+<svg fill="#000000" role="img" viewBox="0 0 24 24" xmlns="http://www.w3.org/2000/svg"><title>Symfony</title><path d="M24 12c0 6.628-5.372 12-12 12S0 18.628 0 12 5.372 0 12 0s12 5.372 12 12zm-6.753-7.561c-1.22.042-2.283.715-3.075 1.644-.878 1.02-1.461 2.229-1.881 3.461-.753-.614-1.332-1.414-2.539-1.761-.966-.297-2.015-.105-2.813.514-.41.319-.71.757-.861 1.254-.36 1.176.381 2.225.719 2.6l.737.79c.15.154.519.56.339 1.138-.193.631-.951 1.037-1.732.799-.348-.106-.848-.366-.734-.73.045-.15.152-.263.21-.391.052-.11.077-.194.095-.242.141-.465-.053-1.07-.551-1.223-.465-.143-.939-.03-1.125.566-.209.68.117 1.913 1.86 2.449 2.04.628 3.765-.484 4.009-1.932.153-.907-.255-1.582-1.006-2.447l-.612-.677c-.371-.37-.497-1.002-.114-1.485.324-.409.785-.584 1.539-.379 1.103.3 1.594 1.063 2.412 1.68-.338 1.11-.56 2.223-.759 3.222l-.123.746c-.585 3.07-1.033 4.757-2.194 5.726-.234.166-.57.416-1.073.434-.266.005-.352-.176-.355-.257-.006-.184.15-.271.255-.353.154-.083.39-.224.372-.674-.016-.532-.456-.994-1.094-.973-.477.017-1.203.465-1.176 1.286.028.85.819 1.485 2.012 1.444.638-.021 2.062-.281 3.464-1.949 1.633-1.911 2.09-4.101 2.434-5.706l.383-2.116c.213.024.441.042.69.048 2.032.044 3.049-1.01 3.064-1.776.01-.464-.304-.921-.744-.91-.386.009-.718.278-.806.654-.094.428.646.813.068 1.189-.41.266-1.146.452-2.184.3l.188-1.042c.386-1.976.859-4.407 2.661-4.467.132-.007.612.006.623.323.003.105-.022.134-.147.375-.115.155-.174.345-.168.537.017.504.4.836.957.816.743-.023.955-.748.945-1.119-.032-.874-.952-1.424-2.17-1.386z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/zerops/analog.svg b/apps/docs/static/img/recipes/zerops/analog.svg
new file mode 100644
index 000000000..21f9e11d0
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/analog.svg
@@ -0,0 +1,28 @@
+<svg viewBox="0 0 237 169" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g clip-path="url(#clip0_96_4)">
+<mask id="mask0_96_4" style="mask-type:luminance" maskUnits="userSpaceOnUse" x="44" y="-1" width="193" height="169">
+<path d="M44.8398 -0.00354004H236.982V167.609H44.8398V-0.00354004Z" fill="white"/>
+</mask>
+<g mask="url(#mask0_96_4)">
+<path d="M140.911 0L236.982 167.609H44.8398L140.911 0Z" fill="#AF0023"/>
+</g>
+<mask id="mask1_96_4" style="mask-type:luminance" maskUnits="userSpaceOnUse" x="-1" y="24" width="165" height="145">
+<path d="M-0.0186594 24.9658H163.505V168.048H-0.0195312L-0.0186594 24.9658Z" fill="white"/>
+</mask>
+<g mask="url(#mask1_96_4)">
+<path d="M81.7421 24.9658L163.502 168.048H-0.0175781L81.7412 24.9658" fill="#CD0024"/>
+</g>
+<path d="M220.691 125.252H16.7998V123.013H220.691V125.252Z" fill="white"/>
+<mask id="mask2_96_4" style="mask-type:luminance" maskUnits="userSpaceOnUse" x="25" y="81" width="184" height="78">
+<path d="M25.3896 81.6847H208.57V158.337H25.3896V81.6847Z" fill="white"/>
+</mask>
+<g mask="url(#mask2_96_4)">
+<path d="M189.193 158C188.395 158 187.646 157.669 187.019 157.043C183.274 153.281 183.111 137.985 183.292 115.077C183.394 102.56 183.53 85.4129 181.533 84.06C179.584 84.8677 179.39 99.032 179.263 108.409C179.113 119.32 178.961 130.609 177.188 136.357C176.66 138.06 175.979 139.62 174.609 139.495C172.678 139.325 172.053 136.274 170.612 124.24C170.013 119.242 169.392 114.075 168.667 112.075C168.571 111.823 168.49 111.622 168.418 111.466C167.644 113.214 166.752 118.018 166.132 121.354C165.273 125.96 164.462 130.312 163.447 132.21C162.663 133.668 161.419 135.57 159.681 135.201C157.313 134.704 156.605 129.93 156.393 127.129C156.393 103.564 153.309 100.821 152.693 100.51L152.594 100.586L152.444 100.551C150.243 101.513 150.124 109.156 150.011 116.546C149.923 121.967 149.828 128.111 149.037 133.859C148.011 141.311 146.771 142.748 145.227 142.66C141.674 142.418 141.571 130.179 141.571 128.785C141.571 128.349 141.581 127.834 141.595 127.265C141.663 124.417 141.785 119.118 140.034 117.449C139.803 117.227 139.476 116.971 139.22 117.044C137.973 117.357 136.678 121.408 136.249 122.74C136.113 123.163 136.004 123.511 135.911 123.749C135.84 123.947 135.748 124.226 135.639 124.564C134.695 127.429 133.622 130.288 131.789 130.993C131.11 131.255 130.402 131.198 129.737 130.823C128.855 130.322 128.136 129.3 127.464 127.599C127.097 126.659 126.784 125.705 126.463 124.747C126.075 123.578 125.676 122.369 125.181 121.221C124.793 120.328 123.826 119.926 122.592 120.144C120.03 120.601 119.6 123.19 119.239 127.088C119.175 127.766 119.113 128.432 119.028 129.058C119.018 129.241 118.564 134.963 118.275 136.782C117.474 141.772 116.421 143.737 114.673 143.594C110.359 143.226 108.38 124.305 108.486 116.311C108.567 110.209 107.463 107.98 106.802 107.626C106.734 107.594 106.628 107.537 106.377 107.714C105.596 108.242 104.901 109.888 105.115 111.616C107.49 130.427 105.739 151.972 101.449 156.825C100.097 158.351 98.2564 158.331 96.975 157.043C93.2268 153.281 93.0707 137.985 93.2477 115.077C93.3498 102.56 93.4832 85.4129 91.4892 84.06C89.5405 84.8677 89.3495 99.032 89.2204 108.409C89.0703 119.32 88.9168 130.609 87.1417 136.357C86.6131 138.06 85.9318 139.62 84.5658 139.495C82.6302 139.324 82.01 136.274 80.5655 124.24C79.9654 119.242 79.3452 114.075 78.6203 112.075C78.5278 111.823 78.4459 111.622 78.3708 111.466C77.6006 113.214 76.7082 118.018 76.088 121.354C75.2297 125.96 74.4185 130.312 73.3997 132.21C72.6163 133.668 71.3725 135.57 69.6383 135.201C67.2701 134.704 66.5609 129.93 66.3498 127.129C66.3463 103.564 63.2663 100.821 62.6496 100.51L62.551 100.586L62.3975 100.551C60.1993 101.513 60.0798 109.155 59.9638 116.546C59.8792 121.967 59.7841 128.111 58.9929 133.859C57.968 141.311 56.7372 142.762 55.1871 142.66C51.6264 142.418 51.5235 130.179 51.5235 128.785C51.5235 128.349 51.5383 127.834 51.5514 127.265C51.6195 124.417 51.7424 119.118 49.9909 117.449C49.7589 117.227 49.4326 116.971 49.1762 117.043C47.9288 117.357 46.6308 121.408 46.2086 122.741C46.0726 123.159 45.9565 123.511 45.8711 123.749C45.7725 124.017 45.6806 124.288 45.5954 124.56C44.6516 127.426 43.5778 130.288 41.7486 130.994C41.0674 131.255 40.3547 131.198 39.6935 130.823C38.8116 130.322 38.0885 129.3 37.4212 127.599C37.0531 126.659 36.7364 125.705 36.4189 124.747C36.0308 123.578 35.6286 122.369 35.1349 121.221C34.7494 120.328 33.7785 119.926 32.5451 120.144C29.5941 120.669 28.8954 124.328 28.3337 128.697L28.2351 129.473L26.0029 129.177L26.1085 128.414C26.5961 124.584 27.3384 118.795 32.1534 117.943C34.4188 117.541 36.3989 118.481 37.1961 120.335C37.7309 121.575 38.1504 122.83 38.5526 124.046C38.8526 124.962 39.1588 125.878 39.5129 126.785C40.1366 128.366 40.6208 128.775 40.8013 128.874C41.9292 128.523 43.0806 125.017 43.4618 123.862C43.5813 123.49 43.6842 123.184 43.7654 122.966C43.8439 122.75 43.9459 122.437 44.0689 122.059C45.0843 118.884 46.3587 115.445 48.6214 114.873C49.3131 114.696 50.3834 114.719 51.5444 115.831C54.0113 118.186 53.8822 123.681 53.7967 127.32C53.7836 127.865 53.7705 128.363 53.7705 128.786C53.7705 134.592 54.6315 138.65 55.2892 140.044C55.6294 139.331 56.2129 137.607 56.7686 133.555C57.5379 127.941 57.6374 121.869 57.7194 116.512C57.8685 107.033 57.9741 100.16 61.4057 98.5444C61.9168 98.2312 62.7656 98.0611 63.6614 98.5138C66.9805 100.183 68.5916 109.517 68.5916 127.044C68.8001 129.753 69.5293 132.605 70.1286 133.014C70.1321 132.953 70.6197 132.653 71.4196 131.153C72.2753 129.562 73.1275 124.983 73.8768 120.945C75.5359 112.045 76.2896 108.92 78.2522 108.756C79.7473 108.61 80.439 110.511 80.7295 111.312C81.5468 113.554 82.1531 118.614 82.7942 123.974C83.2949 128.131 84.0067 134.067 84.7324 136.469C84.8109 136.258 84.8999 136.006 84.995 135.695C86.675 130.254 86.8286 119.136 86.9751 108.379C87.1792 93.4362 87.4418 84.1795 90.1677 82.2474C90.7739 81.8182 91.5136 81.7118 92.235 81.9543C95.4276 83.0141 95.6736 92.3738 95.493 115.098C95.3639 131.575 95.2034 152.085 98.5696 155.465C98.8627 155.761 99.0711 155.761 99.1453 155.761C99.3023 155.761 99.5273 155.611 99.7664 155.343C103.174 151.489 105.33 131.252 102.887 111.898C102.584 109.489 103.514 106.958 105.102 105.867C105.978 105.264 106.986 105.186 107.859 105.653C109.845 106.708 110.81 110.304 110.731 116.342C110.591 126.884 113.123 139.222 114.776 141.191C115.038 140.755 115.556 139.559 116.053 136.429C116.332 134.697 116.793 128.881 116.8 128.822C116.882 128.165 116.943 127.528 117 126.881C117.341 123.248 117.76 118.73 122.196 117.943C124.459 117.541 126.439 118.478 127.24 120.335C127.775 121.575 128.191 122.83 128.592 124.046C128.899 124.962 129.206 125.878 129.56 126.785C130.18 128.366 130.668 128.775 130.844 128.874C131.972 128.523 133.128 125.017 133.506 123.865C133.628 123.494 133.731 123.183 133.809 122.965C133.891 122.754 133.99 122.437 134.109 122.059C135.128 118.884 136.403 115.445 138.668 114.873C139.353 114.696 140.426 114.719 141.588 115.831C144.055 118.185 143.926 123.681 143.844 127.32C143.827 127.809 143.816 128.297 143.813 128.786C143.813 134.592 144.675 138.65 145.333 140.044C145.671 139.331 146.253 137.607 146.815 133.555C147.585 127.941 147.677 121.869 147.766 116.512C147.912 107.033 148.018 100.16 151.45 98.5444C151.96 98.2312 152.809 98.0611 153.709 98.5138C157.023 100.183 158.639 109.516 158.639 127.044C158.847 129.753 159.576 132.605 160.172 133.014C160.179 132.953 160.659 132.653 161.467 131.153C162.322 129.562 163.17 124.983 163.923 120.945C165.576 112.045 166.333 108.92 168.295 108.756C169.795 108.61 170.486 110.511 170.776 111.312C171.59 113.554 172.197 118.614 172.843 123.974C173.338 128.131 174.051 134.067 174.78 136.469C174.855 136.258 174.943 136.006 175.039 135.695C176.718 130.254 176.868 119.136 177.018 108.379C177.219 93.4362 177.485 84.1795 180.211 82.2474C180.507 82.0361 180.849 81.8992 181.209 81.8482C181.569 81.7972 181.936 81.8336 182.279 81.9543C185.475 83.0141 185.721 92.3738 185.537 115.098C185.407 131.575 185.247 152.085 188.61 155.465C188.91 155.761 189.114 155.761 189.193 155.761C189.346 155.761 189.571 155.611 189.806 155.343C193.22 151.489 195.374 131.252 192.93 111.898C192.614 109.377 193.329 106.835 194.634 105.857C195.292 105.36 196.092 105.257 196.829 105.567C198.73 106.378 200.018 109.854 200.768 116.199C201.081 118.856 201.361 121.729 201.63 124.564C202.223 130.751 203.026 139.089 204.114 140.922C204.447 140.496 205.129 139.345 206.141 136.258L208.277 136.956C206.707 141.73 205.477 143.529 203.875 143.345C201.385 143.069 200.665 138.036 199.394 124.778C199.125 121.957 198.849 119.102 198.536 116.457C197.581 108.365 195.96 107.632 195.942 107.625C195.626 107.785 194.89 109.469 195.163 111.616C197.531 130.427 195.786 151.976 191.493 156.825C190.801 157.604 190.024 158 189.193 158" fill="white"/>
+</g>
+</g>
+<defs>
+<clipPath id="clip0_96_4">
+<rect width="237" height="168.048" fill="white"/>
+</clipPath>
+</defs>
+</svg>
diff --git a/apps/docs/static/img/recipes/zerops/angular.png b/apps/docs/static/img/recipes/zerops/angular.png
new file mode 100644
index 000000000..4c7e8f0c5
Binary files /dev/null and b/apps/docs/static/img/recipes/zerops/angular.png differ
diff --git a/apps/docs/static/img/recipes/zerops/astro.svg b/apps/docs/static/img/recipes/zerops/astro.svg
new file mode 100644
index 000000000..9ccc83d3e
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/astro.svg
@@ -0,0 +1,3 @@
+<svg xmlns="http://www.w3.org/2000/svg" shape-rendering="geometricPrecision" text-rendering="geometricPrecision" image-rendering="optimizeQuality" fill-rule="evenodd" clip-rule="evenodd" viewBox="0 0 410 512.32">
+    <path class="recipe-logo" fill="#17191E" fill-rule="nonzero" d="M0 335.49s69.19-33.61 138.56-33.61l52.31-161.48c1.96-7.81 7.68-13.12 14.13-13.12 6.46 0 12.17 5.31 14.13 13.12l52.31 161.48c82.17 0 138.56 33.61 138.56 33.61S292.49 16.16 292.26 15.52C288.88 6.08 283.19 0 275.51 0H134.5c-7.68 0-13.14 6.08-16.74 15.52C117.5 16.15 0 335.49 0 335.49zm127.25 94.89c-25.3-22.82-32.69-70.78-22.15-105.52 18.28 21.9 43.6 28.84 69.84 32.76 40.49 6.04 80.27 3.78 117.89-14.48 4.3-2.09 8.28-4.87 12.98-7.69 3.53 10.1 4.45 20.31 3.22 30.69-3 25.29-15.76 44.83-36.04 59.64-8.11 5.92-16.69 11.21-25.07 16.8-25.74 17.16-32.7 37.29-23.03 66.57.23.71.43 1.43.95 3.17-13.14-5.81-22.74-14.26-30.05-25.37-7.72-11.72-11.4-24.69-11.59-38.73-.1-6.83-.1-13.72-1.03-20.45-2.27-16.42-10.08-23.77-24.79-24.19-15.1-.43-27.05 8.78-30.21 23.28-.25 1.12-.6 2.21-.95 3.51l.03.01z"/>
+</svg>
diff --git a/apps/docs/static/img/recipes/zerops/bun.svg b/apps/docs/static/img/recipes/zerops/bun.svg
new file mode 100644
index 000000000..e883b1642
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/bun.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 80 70"><path d="M71.09 20.74c-.16-.17-.33-.34-.5-.5s-.33-.34-.5-.5-.33-.34-.5-.5-.33-.34-.5-.5-.33-.34-.5-.5-.33-.34-.5-.5-.33-.34-.5-.5A26.46 26.46 0 0 1 75.5 35.7c0 16.57-16.82 30.05-37.5 30.05-11.58 0-21.94-4.23-28.83-10.86l.5.5.5.5.5.5.5.5.5.5.5.5.5.5C19.55 65.3 30.14 69.75 42 69.75c20.68 0 37.5-13.48 37.5-30 0-7.06-3.04-13.75-8.41-19.01Z"/><path fill="#fbf0df" d="M73 35.7c0 15.21-15.67 27.54-35 27.54S3 50.91 3 35.7C3 26.27 9 17.94 18.22 13S33.18 3 38 3s8.94 4.13 19.78 10C67 17.94 73 26.27 73 35.7Z"/><path fill="#f6dece" d="M73 35.7a21.67 21.67 0 0 0-.8-5.78c-2.73 33.3-43.35 34.9-59.32 24.94A40 40 0 0 0 38 63.24c19.3 0 35-12.35 35-27.54Z" data-name="Bottom Shadow"/><path fill="#fffefc" d="M24.53 11.17C29 8.49 34.94 3.46 40.78 3.45A9.29 9.29 0 0 0 38 3c-2.42 0-5 1.25-8.25 3.13-1.13.66-2.3 1.39-3.54 2.15-2.33 1.44-5 3.07-8 4.7C8.69 18.13 3 26.62 3 35.7v1.19c6.06-21.41 17.07-23.04 21.53-25.72Z" data-name="Light Shine"/><path fill="#ccbea7" fill-rule="evenodd" d="M35.12 5.53A16.41 16.41 0 0 1 29.49 18c-.28.25-.06.73.3.59 3.37-1.31 7.92-5.23 6-13.14-.08-.45-.67-.33-.67.08Zm2.27 0A16.24 16.24 0 0 1 39 19c-.12.35.31.65.55.36 2.19-2.8 4.1-8.36-1.62-14.36-.29-.26-.74.14-.54.49Zm2.76-.17A16.42 16.42 0 0 1 47 17.12a.33.33 0 0 0 .65.11c.92-3.49.4-9.44-7.17-12.53-.4-.16-.66.38-.33.62Zm-18.46 10.4a16.94 16.94 0 0 0 10.47-9c.18-.36.75-.22.66.18-1.73 8-7.52 9.67-11.12 9.45-.38.01-.37-.52-.01-.63Z"/><path d="M38 65.75C17.32 65.75.5 52.27.5 35.7c0-10 6.18-19.33 16.53-24.92 3-1.6 5.57-3.21 7.86-4.62 1.26-.78 2.45-1.51 3.6-2.19C32 1.89 35 .5 38 .5s5.62 1.2 8.9 3.14c1 .57 2 1.19 3.07 1.87 2.49 1.54 5.3 3.28 9 5.27C69.32 16.37 75.5 25.69 75.5 35.7c0 16.57-16.82 30.05-37.5 30.05ZM38 3c-2.42 0-5 1.25-8.25 3.13-1.13.66-2.3 1.39-3.54 2.15-2.33 1.44-5 3.07-8 4.7C8.69 18.13 3 26.62 3 35.7c0 15.19 15.7 27.55 35 27.55S73 50.89 73 35.7c0-9.08-5.69-17.57-15.22-22.7-3.78-2-6.73-3.88-9.12-5.36-1.09-.67-2.09-1.29-3-1.84C42.63 4 40.42 3 38 3Z"/><path fill="#b71422" d="M45.05 43a8.93 8.93 0 0 1-2.92 4.71 6.81 6.81 0 0 1-4 1.88A6.84 6.84 0 0 1 34 47.71 8.93 8.93 0 0 1 31.12 43a.72.72 0 0 1 .8-.81h12.34a.72.72 0 0 1 .79.81Z" data-name="Background"/><path fill="#ff6164" d="M34 47.79a6.91 6.91 0 0 0 4.12 1.9 6.91 6.91 0 0 0 4.11-1.9 10.63 10.63 0 0 0 1-1.07 6.83 6.83 0 0 0-4.9-2.31 6.15 6.15 0 0 0-5 2.78c.23.21.43.41.67.6Z" data-name="Background"/><path d="M34.16 47a5.36 5.36 0 0 1 4.19-2.08 6 6 0 0 1 4 1.69c.23-.25.45-.51.66-.77a7 7 0 0 0-4.71-1.93 6.36 6.36 0 0 0-4.89 2.36 9.53 9.53 0 0 0 .75.73Z" data-name="Outline"/><path d="M38.09 50.19a7.42 7.42 0 0 1-4.45-2 9.52 9.52 0 0 1-3.11-5.05 1.2 1.2 0 0 1 .26-1 1.41 1.41 0 0 1 1.13-.51h12.34a1.44 1.44 0 0 1 1.13.51 1.19 1.19 0 0 1 .25 1 9.52 9.52 0 0 1-3.11 5.05 7.42 7.42 0 0 1-4.44 2Zm-6.17-7.4c-.16 0-.2.07-.21.09a8.29 8.29 0 0 0 2.73 4.37A6.23 6.23 0 0 0 38.09 49a6.28 6.28 0 0 0 3.65-1.73 8.3 8.3 0 0 0 2.72-4.37.21.21 0 0 0-.2-.09Z" data-name="Outline"/><ellipse cx="53.22" cy="40.18" fill="#febbd0" data-name="Right Blush" rx="5.85" ry="3.44"/><ellipse cx="22.95" cy="40.18" fill="#febbd0" data-name="Left Bluch" rx="5.85" ry="3.44"/><path fill-rule="evenodd" d="M25.7 38.8a5.51 5.51 0 1 0-5.5-5.51 5.51 5.51 0 0 0 5.5 5.51Zm24.77 0A5.51 5.51 0 1 0 45 33.29a5.5 5.5 0 0 0 5.47 5.51Z"/><path fill="#fff" fill-rule="evenodd" d="M24 33.64a2.07 2.07 0 1 0-2.06-2.07A2.07 2.07 0 0 0 24 33.64Zm24.77 0a2.07 2.07 0 1 0-2.06-2.07 2.07 2.07 0 0 0 2.04 2.07Z"/></svg>
diff --git a/apps/docs/static/img/recipes/zerops/deno.svg b/apps/docs/static/img/recipes/zerops/deno.svg
new file mode 100644
index 000000000..c7f7189e2
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/deno.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" version="1.0" viewBox="0 0 1024 1024"><path class="recipe-logo" d="M472 106.6c-1.9.2-8 .9-13.5 1.4-78.2 8.2-155.2 41.3-218 93.9-11.6 9.6-38 36-47.6 47.6-52 62.1-82.4 131.8-93.6 214.3-2.5 18.3-2.5 80.1 0 98.4 11.2 82.5 41.6 152.2 93.6 214.3 9.6 11.6 36 38 47.6 47.6 62.1 52 131.8 82.4 214.3 93.6 18.3 2.5 80.1 2.5 98.4 0 82.5-11.2 152.2-41.6 214.3-93.6 11.6-9.6 38-36 47.6-47.6 52-62.1 82.4-131.8 93.6-214.3 2.5-18.3 2.5-80.1 0-98.4-11.2-82.5-41.6-152.2-93.6-214.3-9.6-11.6-36-38-47.6-47.6-61.9-51.8-132.3-82.6-213.7-93.5-8.8-1.2-21.6-1.7-45.3-1.9-18.1-.2-34.6-.1-36.5.1zm5 43.2c0 11.7.8 37.1 1.9 61.2.6 11.8 1.3 28.7 1.6 37.5 1.1 31.2 4.4 113.1 4.9 120.4l.5 7.3-4.5-.5c-2.5-.2-4.8-.8-5.2-1.1-.3-.4-1-7.3-1.4-15.4-1.8-35.6-7.7-173.7-8.3-193.9l-.6-22.2 2.8-.4c1.5-.2 4-.5 5.6-.6l2.7-.1v7.8zm95.7-2.4c.1.1.4 30.3.7 67.1.4 36.9.9 70 1.2 73.6.3 3.7.2 6.9-.3 7.1-.4.3-2.9.3-5.4 0l-4.6-.4-.7-29.1c-.4-16.1-.9-33.9-1.1-39.7-.8-17.7-1.5-77.8-.9-79.3.4-1.1 1.5-1.2 5.7-.5 2.9.6 5.3 1.1 5.4 1.2zm-231.3 33.5c.6.9 5.3 56 11.1 128.1 1.9 24.5 3.8 46.9 4.1 49.7.5 5.1.4 5.3-2.8 7.3-1.8 1.1-3.6 2-4 2-.3 0-.9-2.6-1.2-5.8-1.4-13-6.8-75.8-10.6-121.2-2.2-26.7-4.2-50.6-4.5-53.2-.5-4.4-.4-4.8 2.2-6.2 3.2-1.7 5-2 5.7-.7zM616.7 201c2.8 1 3.1 1.5 3.7 7.2 1 10 .7 57.8-.4 57.8-2.9 0-8.9-3.4-9.4-5.3-.3-1.2-.6-15.4-.6-31.5 0-32.5-.4-30.6 6.7-28.2zM432 205.7c0 2.7.7 17.6 1.5 33.3.8 15.7 1.7 35.6 2.1 44.2.7 17.4.9 16.8-5.8 17.2-3.3.1-3.3.1-3.5-4.9-.2-2.8-.7-11.5-1.3-19.5-.5-8-1.7-25.3-2.5-38.5s-1.8-26.3-2.1-29.1c-.6-5-.5-5.2 2.2-6.2 1.6-.6 4.4-1.1 6.2-1.1 3.2-.1 3.2-.1 3.2 4.6zm277.4 13.7 3.4 1.4.7 13.4c.3 7.3.5 23.1.3 35l-.3 21.8-4.2-2.1-4.2-2-.3-33.2c-.2-18.3-.1-33.8.1-34.5.4-1.5.4-1.5 4.5.2zm-182.6 13.1c.6.6 2 49.1 2.1 73.7l.1 14.8-4.7-.7c-2.7-.3-4.9-.6-5-.7-.3-.2-3.3-74.3-3.3-81.5v-7.4l5.1.6c2.9.4 5.4.9 5.7 1.2zm230.3 7.1c1.2 1.4 1.4 23.3 1.7 144.1.3 138.7.3 142.3-1.5 142.3-1.1 0-2.6-.6-3.5-1.3-1.5-1.1-1.7-13.2-2.2-131.7-.4-71.8-.9-137-1.2-144.9l-.6-14.4 2.9 2.1c1.7 1.2 3.6 2.9 4.4 3.8zm-89.7 20.5c.5.4 1 6.1 1.1 12.6.5 22.1.6 157.6.1 158-.2.2-2-.3-4-1.1l-3.6-1.5V258l2.8.6c1.5.4 3.1 1 3.6 1.5zm-276 5.6c.3 2.7.8 8.8 1.1 13.8.3 4.9 1 16.1 1.6 24.8 1.2 17.6 1 18.7-4.7 18.7-3 0-3.4-.3-3.8-3.3-1-5.9-4.5-55.1-4-55.9.5-.7 5.7-2.5 8.1-2.7.6-.1 1.4 2 1.7 4.6zM226 291.2c1.1 10.6 3.3 32.8 4.9 49.3 1.7 16.5 3.1 30.5 3.1 31.1 0 1.2-7.7 5-8.5 4.2-.5-.5-10.5-89-10.5-93 0-2.4 7.7-12.5 8.7-11.4.3.2 1.3 9.1 2.3 19.8zm392.1 10.5 2.9 1.7.1 21.6c.1 11.8.3 25 .3 29.3.2 9-.9 10.5-6.3 8.6l-3.1-1.1v-8.6c0-4.8-.3-18.7-.7-31l-.6-22.2h2.3c1.2 0 3.5.8 5.1 1.7zm-348.2 38.8c1.8 19.2 4.7 51.6 6.6 72l3.4 37-3.9 3.9-3.8 3.9-.7-7.9c-.4-4.4-2.4-24.8-4.5-45.4-2.1-20.6-5.1-50.5-6.6-66.4l-2.8-28.8 3.9-3.6c3.5-3.3 3.9-3.4 4.6-1.6.4 1 2.1 17.6 3.8 36.9zM195 352.6c2.2 19.7 8 72.1 13 116.4 5 44.3 9.7 87 10.6 95 .8 8 2.2 20.1 3 27 1.4 11.7 1.4 12.5-.2 13.7-2.4 1.8-3.4 1.6-3.4-.5 0-.9-.9-8.5-2-16.7-1.8-13.7-4.8-36.9-11.5-89-1.4-10.5-4.1-31.4-6-46.5-2-15.1-4.9-37.6-6.5-50-1.6-12.4-4.3-33.6-6-47.3-1.8-13.6-2.9-25.7-2.6-27 .7-2.7 6.6-12.1 7.2-11.5.2.3 2.2 16.6 4.4 36.4zm-30.6 43.1c1.5 12 4.3 33.9 6.2 48.8 1.9 14.8 4.3 33.3 5.4 41l1.9 14-2.1 1.8c-1.2 1-2.4 1.4-2.8 1-.4-.4-1.2-4.4-1.8-8.8-.6-4.4-4.3-30.1-8.3-57l-7.1-49 2.3-6.8c1.2-3.7 2.5-6.7 2.8-6.7.4 0 1.9 9.8 3.5 21.7zm549-13.1c1.4 1.4 1.6 7.6 1.6 53.5V488h-2.8c-6.1 0-6 1.5-6.4-55.3l-.3-51.7h3.2c1.7 0 3.9.7 4.7 1.6zm-218.9 17.9c22.6 3.4 42.3 9.7 61.8 19.7 12.6 6.5 18.6 11 32.6 24.4 20.8 19.9 33.6 37.3 45.6 61.9C652 542.3 658.8 574 667.4 659c3.9 38.1 9 107.2 10.1 135.5.3 8.2 1 21.7 1.6 30 1.1 17.6 2.4 15.2-13.1 22.7-21.5 10.4-42.2 17.6-69.5 24.3-33.4 8.2-55 10.8-88 10.9l-24 .1.2-11.5c0-6.3.6-21 1.2-32.5 3-55.7 2.4-126-1.5-165-2.2-22.4-6.5-49.6-8.9-55.6-.5-1.3 1.8-2.4 11.7-5.8 18.1-6.3 33.8-14.2 36.2-18.1 4.3-7.4-3.4-18-13.2-18-1.7 0-6.8 1.8-11.5 3.9-22.4 10.3-67.3 22.4-93.2 25.1-17.9 1.9-45.7.8-65-2.7-10.5-1.9-29.3-9-45-17.1-18.1-9.4-29.2-21.9-32.5-36.7-1.8-8-1.3-24 1-33 2.5-9.9 9.5-24.3 15.9-32.7 28.5-37.5 87.3-70 147.6-81.4 19.2-3.6 46.4-4 67-.9zm308.5 3.1c3.6 1.5 4 1.9 4 5.3.2 27.3-.4 89.7-.9 92.3-.1.9-5.3 1-7.5.2-1.4-.5-1.6-5.9-1.6-50 0-31.6.4-49.4 1-49.4.5 0 2.8.7 5 1.6zm43.7 54.9 3.6 1.5-.7 82.8c-.8 105.5-.9 108.6-4.7 117.7-6.2 14.9-5.9 17.9-5.3-47.5.2-32.7.7-65.8.9-73.5.2-7.7.4-29.4.5-48.3 0-22.8.3-34.2 1-34.2.6 0 2.7.7 4.7 1.5zm-601.4 24.9c.6 8.1.4 8.9-2.5 15.3l-3.2 6.8-1.2-10c-1.9-16-1.9-16.7 1.9-19.1 1.7-1.2 3.5-2 3.8-1.8.3.2.9 4.2 1.2 8.8zm-61.8 60.3c.9 8.2 7.9 62.6 11.5 89.3 5.4 41.3 5.8 47.2 3.4 44.7-.3-.3-2.6-14.2-5-30.9-15.6-107.8-15.5-107.1-14.2-107.9 2.7-1.8 3.6-.8 4.3 4.8zm72 45.8c.6 2.5 3.5 29.6 3.5 32.9 0 2.8-3.6 5.4-5.2 3.8-.5-.5-1.8-9-2.8-18.8-1.1-9.9-2.2-20.2-2.5-22.9l-.6-5 3.5 4c2 2.2 3.8 4.9 4.1 6zm80.7 37.7c1.1 1 1.8 5 2.7 15.8 1.5 19.5 1.7 18-2.4 18-4.2 0-4.1.3-5.5-17.3-1.4-17.9-1.4-17.7 1.3-17.7 1.3 0 3 .6 3.9 1.2zm79.2 1.5c.2 1 .7 7 1.1 13.3.3 6.3 1.2 20.5 2 31.5 2.8 40.4 2.9 45.5 1.2 45.5-1.9 0-2.1-1.5-4.3-30-.8-11.8-2.3-30.4-3.3-41.3-.9-10.9-1.5-20-1.2-20.2 1.1-1.2 4-.3 4.5 1.2zm-188 19.2c.6.9 4.4 32.9 9.1 76.6 1.4 13.2 2.8 25.9 3.1 28.3l.5 4.3-2.5-1.6c-1.9-1.3-2.6-2.6-2.6-4.9 0-6.3-4.3-47.8-7.6-73.2-1.9-14.4-3.4-27.1-3.4-28.3 0-2.1 2.4-2.9 3.4-1.2zm577.1 41.8-.7 41.8-2.5 3.7c-5.7 8.4-5.4 10-5.1-36.8l.2-42.9 3.7-3.8c2-2 4-3.7 4.4-3.7.3 0 .3 18.8 0 41.7zM712 756c.5 58.1.4 62.6-1.2 64.4-1 1.1-1.9 1.8-2.2 1.5-.7-.8-1.7-127.5-.9-128.2.4-.4 1.4-.6 2.3-.5 1.3.3 1.6 7.4 2 62.8zm-326.6-39.8c.7 6.2 3.2 35.9 4.2 49.9.6 9.4.6 9.7-1.6 10.4-1.2.4-2.6.3-3-.2-.7-.7-2.9-22.9-5.6-57.1l-.7-8.2h3.1c2.9 0 3.1.2 3.6 5.2zm-78.6 35c.7.7 1.2 3.2 1.2 5.7 0 2.6 1.2 16.1 2.5 30.1 3.8 38.3 4.1 43.5 2.4 42.5-2.6-1.5-4.9-3.8-4.4-4.4.2-.4-.2-5.4-1-11.1-.7-5.8-1.6-15.2-2-21-.4-5.8-1.3-16.4-2.1-23.5-1.9-17.5-1.8-19.5.4-19.5 1 0 2.3.5 3 1.2zm47.3 67.3c.3 2.2.9 10.4 1.3 18.2.7 15 .4 16.1-3.7 13-1.2-.9-2-4.7-3.2-16.1-2.1-20.6-2.2-19.8 1.7-19.4 2.9.3 3.3.7 3.9 4.3z"/><path d="M318.4 448.4C308 452.9 307.2 467 317 472c7.1 3.6 14.3 1.9 18-4.3 7-11.4-4.4-24.6-16.6-19.3zM386.2 458c-9.6 5.9-9.6 20.1 0 26 9.5 5.7 21.8-1.8 21.8-13.2 0-11-12.6-18.4-21.8-12.8z"/></svg>
diff --git a/apps/docs/static/img/recipes/zerops/dotnet.svg b/apps/docs/static/img/recipes/zerops/dotnet.svg
new file mode 100644
index 000000000..d9e61fda5
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/dotnet.svg
@@ -0,0 +1 @@
+<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 121.95 121.95"><defs><style>.cls-2-dotnet{stroke-width:0;fill:#fff !important;}</style></defs><path style="stroke-width:0;fill:#512bd4" d="M0 0h121.95v121.95H0z"/><path class="cls-2-dotnet" d="M21.73 77.91c-.86 0-1.6-.29-2.2-.86-.6-.59-.91-1.29-.91-2.1s.3-1.53.91-2.12c.6-.59 1.34-.88 2.2-.88s1.62.29 2.22.88c.62.59.93 1.3.93 2.12s-.31 1.51-.93 2.1c-.6.57-1.34.86-2.22.86ZM56.2 77.42h-5.6l-14.77-23.3c-.37-.59-.68-1.2-.93-1.83h-.13c.11.68.17 2.13.17 4.35v20.78h-4.96V45.73h5.97l14.27 22.74c.6.94.99 1.59 1.16 1.94h.09c-.14-.84-.22-2.26-.22-4.27V45.72h4.94v31.69ZM80.35 77.42H63V45.73h16.66v4.46H68.13v8.97h10.63v4.44H68.13v9.37h12.22v4.44ZM105.01 50.19h-8.88v27.23H91V50.19h-8.86v-4.46h22.87v4.46Z"/></svg>
diff --git a/apps/docs/static/img/recipes/zerops/gleam.svg b/apps/docs/static/img/recipes/zerops/gleam.svg
new file mode 100644
index 000000000..2e0a9fe1a
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/gleam.svg
@@ -0,0 +1,7 @@
+<svg viewBox="0 0 237 227" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M94.8029 14.5645C97.9653 5.60308 109.722 3.53015 115.758 10.8693L147.398 49.3368C151.313 54.0966 157.107 56.9171 163.27 57.0672L213.106 58.2798C222.621 58.5111 228.209 69.0317 223.09 77.0295L196.228 118.988C194.585 121.553 193.515 124.442 193.09 127.458C192.665 130.473 192.895 133.546 193.766 136.464L207.99 184.182C210.701 193.274 202.422 201.86 193.206 199.465L144.964 186.931C142.015 186.164 138.936 186.041 135.936 186.57C132.936 187.099 130.084 188.267 127.576 189.997L86.5311 218.276C78.69 223.676 67.9733 218.441 67.41 208.97L64.4575 159.264C64.0921 153.112 61.0653 147.427 56.1669 143.685L16.5734 113.444C9.02702 107.68 10.6801 95.8822 19.5416 92.4105L65.9584 74.2257C71.6982 71.977 76.1776 67.3451 78.2283 61.5334L94.8029 14.5645Z" fill="#FFAFF3"/>
+<path d="M103.459 2.31593C97.8364 3.30754 92.6968 7.04074 90.5689 13.07L73.992 60.0384C72.3757 64.6175 68.8505 68.2633 64.3252 70.0364L17.9066 88.2222C5.99534 92.8888 3.69199 109.272 13.8463 117.028L53.4397 147.266C55.3461 148.72 56.9163 150.569 58.0428 152.687C59.1694 154.803 59.826 157.139 59.9678 159.532L62.9187 209.237C63.6758 221.989 78.5498 229.243 89.0903 221.983L89.0905 221.982L130.138 193.703V193.702C132.114 192.34 134.362 191.419 136.725 191.002C139.089 190.585 141.515 190.682 143.838 191.287L192.081 203.819C204.469 207.038 215.965 195.133 212.315 182.89V182.891L198.091 135.174C197.406 132.876 197.225 130.457 197.559 128.082C197.893 125.707 198.737 123.433 200.031 121.414V121.413L226.895 79.4536L226.894 79.4533C233.784 68.6923 226.018 54.0855 213.229 53.7744L163.39 52.5637C158.532 52.4457 153.972 50.2256 150.889 46.4757L119.249 8.00932C115.188 3.07184 109.081 1.32188 103.458 2.31357M104.971 10.8981C107.527 10.4475 110.317 11.3302 112.292 13.7315L143.932 52.1968C148.676 57.9659 155.705 61.3863 163.171 61.5679L213.01 62.7786C219.25 62.9301 222.66 69.3637 219.308 74.5975L192.445 116.557C188.416 122.847 187.326 130.589 189.458 137.746L203.683 185.463C205.454 191.405 200.389 196.671 194.346 195.101L146.102 182.568C138.873 180.689 131.176 182.047 125.026 186.286L83.9784 214.565C78.8354 218.108 72.276 214.891 71.9079 208.702L68.9573 158.997C68.5146 151.541 64.8416 144.641 58.905 140.106L19.3117 109.868C14.3733 106.096 15.3774 98.885 21.1896 96.607L67.608 78.4209C74.5628 75.696 79.9973 70.0779 82.4836 63.0334V63.0331L99.0606 16.0649C100.096 13.133 102.416 11.349 104.971 10.8984" fill="#1A1A1A"/>
+<path d="M89.0164 128.831C93.828 127.982 97.041 123.394 96.1927 118.584C95.3445 113.772 90.7564 110.56 85.9448 111.408C81.1331 112.257 77.9202 116.845 78.7684 121.656C79.6167 126.467 84.2049 129.68 89.0164 128.831Z" fill="#1A1A1A"/>
+<path d="M160.293 116.263C165.104 115.415 168.317 110.827 167.468 106.015C166.621 101.204 162.033 97.9917 157.22 98.8403C152.41 99.6888 149.196 104.277 150.044 109.088C150.893 113.9 155.481 117.112 160.293 116.263Z" fill="#1A1A1A"/>
+<path d="M117.328 126.86C116.776 127.073 116.272 127.392 115.843 127.8C115.415 128.208 115.071 128.696 114.832 129.237C114.592 129.778 114.461 130.36 114.447 130.951C114.432 131.543 114.535 132.131 114.747 132.683C115.304 134.121 116.137 135.436 117.201 136.553C118.265 137.67 119.538 138.565 120.949 139.188L120.95 139.19C122.358 139.813 123.876 140.153 125.417 140.19H125.419H125.421C126.961 140.226 128.493 139.96 129.931 139.405H129.932C131.37 138.85 132.685 138.016 133.801 136.952H133.802V136.951C134.918 135.888 135.813 134.615 136.437 133.207C137.063 131.796 137.403 130.275 137.439 128.732C137.467 127.539 137.02 126.383 136.196 125.518C135.37 124.654 134.237 124.153 133.042 124.125C132.451 124.111 131.863 124.214 131.312 124.427C130.76 124.641 130.255 124.961 129.828 125.369C129.4 125.777 129.056 126.265 128.818 126.807C128.579 127.347 128.448 127.931 128.435 128.522C128.426 128.879 128.347 129.231 128.202 129.558V129.559L128.201 129.561C128.055 129.889 127.847 130.185 127.588 130.432C127.328 130.68 127.023 130.874 126.689 131.002L126.686 131.003C126.351 131.133 125.994 131.195 125.635 131.187C125.277 131.178 124.923 131.098 124.596 130.953H124.593L124.592 130.951C124.265 130.806 123.97 130.599 123.722 130.34V130.339C123.474 130.079 123.281 129.774 123.151 129.438C122.938 128.887 122.619 128.382 122.211 127.954C121.802 127.526 121.315 127.182 120.773 126.943C120.233 126.703 119.65 126.573 119.058 126.558C118.467 126.544 117.88 126.646 117.328 126.86Z" fill="#1A1A1A"/>
+</svg>
diff --git a/apps/docs/static/img/recipes/zerops/golang.svg b/apps/docs/static/img/recipes/zerops/golang.svg
new file mode 100644
index 000000000..64e962077
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/golang.svg
@@ -0,0 +1,60 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 22.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 254.5 225" style="enable-background:new 0 0 254.5 225;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#2DBCAF;}
+	.st1{fill:#5DC9E1;}
+	.st2{fill:#FDDD00;}
+	.st3{fill:#CE3262;}
+	.st4{fill:#00ACD7;}
+	.st5{fill:#FFFFFF;}
+</style>
+<g>
+	<g>
+		<g>
+			<g>
+				<path class="st4" d="M40.2,101.1c-0.4,0-0.5-0.2-0.3-0.5l2.1-2.7c0.2-0.3,0.7-0.5,1.1-0.5l35.7,0c0.4,0,0.5,0.3,0.3,0.6
+					l-1.7,2.6c-0.2,0.3-0.7,0.6-1,0.6L40.2,101.1z"/>
+			</g>
+		</g>
+	</g>
+	<g>
+		<g>
+			<g>
+				<path class="st4" d="M25.1,110.3c-0.4,0-0.5-0.2-0.3-0.5l2.1-2.7c0.2-0.3,0.7-0.5,1.1-0.5l45.6,0c0.4,0,0.6,0.3,0.5,0.6
+					l-0.8,2.4c-0.1,0.4-0.5,0.6-0.9,0.6L25.1,110.3z"/>
+			</g>
+		</g>
+	</g>
+	<g>
+		<g>
+			<g>
+				<path class="st4" d="M49.3,119.5c-0.4,0-0.5-0.3-0.3-0.6l1.4-2.5c0.2-0.3,0.6-0.6,1-0.6l20,0c0.4,0,0.6,0.3,0.6,0.7l-0.2,2.4
+					c0,0.4-0.4,0.7-0.7,0.7L49.3,119.5z"/>
+			</g>
+		</g>
+	</g>
+	<g>
+		<g id="CXHf1q_3_">
+			<g>
+				<g>
+					<path class="st4" d="M153.1,99.3c-6.3,1.6-10.6,2.8-16.8,4.4c-1.5,0.4-1.6,0.5-2.9-1c-1.5-1.7-2.6-2.8-4.7-3.8
+						c-6.3-3.1-12.4-2.2-18.1,1.5c-6.8,4.4-10.3,10.9-10.2,19c0.1,8,5.6,14.6,13.5,15.7c6.8,0.9,12.5-1.5,17-6.6
+						c0.9-1.1,1.7-2.3,2.7-3.7c-3.6,0-8.1,0-19.3,0c-2.1,0-2.6-1.3-1.9-3c1.3-3.1,3.7-8.3,5.1-10.9c0.3-0.6,1-1.6,2.5-1.6
+						c5.1,0,23.9,0,36.4,0c-0.2,2.7-0.2,5.4-0.6,8.1c-1.1,7.2-3.8,13.8-8.2,19.6c-7.2,9.5-16.6,15.4-28.5,17
+						c-9.8,1.3-18.9-0.6-26.9-6.6c-7.4-5.6-11.6-13-12.7-22.2c-1.3-10.9,1.9-20.7,8.5-29.3c7.1-9.3,16.5-15.2,28-17.3
+						c9.4-1.7,18.4-0.6,26.5,4.9c5.3,3.5,9.1,8.3,11.6,14.1C154.7,98.5,154.3,99,153.1,99.3z"/>
+				</g>
+				<g>
+					<path class="st4" d="M186.2,154.6c-9.1-0.2-17.4-2.8-24.4-8.8c-5.9-5.1-9.6-11.6-10.8-19.3c-1.8-11.3,1.3-21.3,8.1-30.2
+						c7.3-9.6,16.1-14.6,28-16.7c10.2-1.8,19.8-0.8,28.5,5.1c7.9,5.4,12.8,12.7,14.1,22.3c1.7,13.5-2.2,24.5-11.5,33.9
+						c-6.6,6.7-14.7,10.9-24,12.8C191.5,154.2,188.8,154.3,186.2,154.6z M210,114.2c-0.1-1.3-0.1-2.3-0.3-3.3
+						c-1.8-9.9-10.9-15.5-20.4-13.3c-9.3,2.1-15.3,8-17.5,17.4c-1.8,7.8,2,15.7,9.2,18.9c5.5,2.4,11,2.1,16.3-0.6
+						C205.2,129.2,209.5,122.8,210,114.2z"/>
+				</g>
+			</g>
+		</g>
+	</g>
+</g>
+</svg>
diff --git a/apps/docs/static/img/recipes/zerops/java.svg b/apps/docs/static/img/recipes/zerops/java.svg
new file mode 100644
index 000000000..bd9542c51
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/java.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="64" height="64" viewBox="0 0 32 32"><path d="M11.622 24.74s-1.23.748.855.962c2.51.32 3.847.267 6.625-.267a10.02 10.02 0 0 0 1.763.855c-6.25 2.672-14.16-.16-9.244-1.55zm-.8-3.473s-1.336 1.015.748 1.23c2.725.267 4.862.32 8.55-.427a3.26 3.26 0 0 0 1.282.801c-7.534 2.244-15.976.214-10.58-1.603zm14.747 6.09s.908.748-1.015 1.336c-3.58 1.07-15.014 1.39-18.22 0-1.122-.48 1.015-1.175 1.7-1.282.695-.16 1.07-.16 1.07-.16-1.23-.855-8.175 1.763-3.526 2.51 12.77 2.084 23.296-.908 19.983-2.404zM12.2 17.633s-5.824 1.39-2.084 1.87c1.603.214 4.755.16 7.694-.053 2.404-.214 4.81-.64 4.81-.64s-.855.374-1.443.748c-5.93 1.55-17.312.855-14.052-.748 2.778-1.336 5.076-1.175 5.076-1.175zm10.42 5.824c5.984-3.1 3.206-6.09 1.282-5.717-.48.107-.695.214-.695.214s.16-.32.534-.427c3.794-1.336 6.786 4.007-1.23 6.09 0 0 .053-.053.107-.16zm-9.83 8.442c5.77.374 14.587-.214 14.8-2.94 0 0-.427 1.07-4.755 1.87-4.916.908-11.007.8-14.587.214 0 0 .748.64 4.542.855z" fill="#4e7896"/><path d="M18.996.001s3.313 3.366-3.152 8.442c-5.183 4.114-1.175 6.465 0 9.137-3.046-2.725-5.236-5.13-3.74-7.373C14.294 6.893 20.332 5.3 18.996.001zm-1.7 15.335c1.55 1.763-.427 3.366-.427 3.366s3.954-2.03 2.137-4.542c-1.656-2.404-2.94-3.58 4.007-7.587 0 0-10.953 2.725-5.717 8.763z" fill="#f58219"/></svg>
diff --git a/apps/docs/static/img/recipes/zerops/laravel.svg b/apps/docs/static/img/recipes/zerops/laravel.svg
new file mode 100644
index 000000000..e1309dd21
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/laravel.svg
@@ -0,0 +1 @@
+<svg width="50" height="52" viewBox="0 0 50 52" xmlns="http://www.w3.org/2000/svg"><title>Logomark</title><path d="M49.626 11.564a.809.809 0 0 1 .028.209v10.972a.8.8 0 0 1-.402.694l-9.209 5.302V39.25c0 .286-.152.55-.4.694L20.42 51.01c-.044.025-.092.041-.14.058-.018.006-.035.017-.054.022a.805.805 0 0 1-.41 0c-.022-.006-.042-.018-.063-.026-.044-.016-.09-.03-.132-.054L.402 39.944A.801.801 0 0 1 0 39.25V6.334c0-.072.01-.142.028-.21.006-.023.02-.044.028-.067.015-.042.029-.085.051-.124.015-.026.037-.047.055-.071.023-.032.044-.065.071-.093.023-.023.053-.04.079-.06.029-.024.055-.05.088-.069h.001l9.61-5.533a.802.802 0 0 1 .8 0l9.61 5.533h.002c.032.02.059.045.088.068.026.02.055.038.078.06.028.029.048.062.072.094.017.024.04.045.054.071.023.04.036.082.052.124.008.023.022.044.028.068a.809.809 0 0 1 .028.209v20.559l8.008-4.611v-10.51c0-.07.01-.141.028-.208.007-.024.02-.045.028-.068.016-.042.03-.085.052-.124.015-.026.037-.047.054-.071.024-.032.044-.065.072-.093.023-.023.052-.04.078-.06.03-.024.056-.05.088-.069h.001l9.611-5.533a.801.801 0 0 1 .8 0l9.61 5.533c.034.02.06.045.09.068.025.02.054.038.077.06.028.029.048.062.072.094.018.024.04.045.054.071.023.039.036.082.052.124.009.023.022.044.028.068zm-1.574 10.718v-9.124l-3.363 1.936-4.646 2.675v9.124l8.01-4.611zm-9.61 16.505v-9.13l-4.57 2.61-13.05 7.448v9.216l17.62-10.144zM1.602 7.719v31.068L19.22 48.93v-9.214l-9.204-5.209-.003-.002-.004-.002c-.031-.018-.057-.044-.086-.066-.025-.02-.054-.036-.076-.058l-.002-.003c-.026-.025-.044-.056-.066-.084-.02-.027-.044-.05-.06-.078l-.001-.003c-.018-.03-.029-.066-.042-.1-.013-.03-.03-.058-.038-.09v-.001c-.01-.038-.012-.078-.016-.117-.004-.03-.012-.06-.012-.09v-.002-21.481L4.965 9.654 1.602 7.72zm8.81-5.994L2.405 6.334l8.005 4.609 8.006-4.61-8.006-4.608zm4.164 28.764l4.645-2.674V7.719l-3.363 1.936-4.646 2.675v20.096l3.364-1.937zM39.243 7.164l-8.006 4.609 8.006 4.609 8.005-4.61-8.005-4.608zm-.801 10.605l-4.646-2.675-3.363-1.936v9.124l4.645 2.674 3.364 1.937v-9.124zM20.02 38.33l11.743-6.704 5.87-3.35-8-4.606-9.211 5.303-8.395 4.833 7.993 4.524z" fill="#FF2D20" fill-rule="evenodd"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/zerops/nestjs.svg b/apps/docs/static/img/recipes/zerops/nestjs.svg
new file mode 100644
index 000000000..69830240c
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/nestjs.svg
@@ -0,0 +1 @@
+<svg height="966" viewBox="0 0 264.58333 255.58751" width="1000" xmlns="http://www.w3.org/2000/svg"><path d="m153.33845 45.652481c-1.80934 0-3.48944.387729-5.04032.904673 3.29558 2.19706 5.10493 5.104961 6.00963 8.400551.0648.45233.19386.775444.25856 1.227759.0648.387729.12916.775444.12916 1.163171.2586 5.686509-1.48628 6.397323-2.71403 9.757543-1.87398 4.329529-1.35704 8.982133.90466 12.730079.19387.452318.45234.969275.77546 1.421618-2.45558-16.348759 11.17919-18.804304 13.69932-23.90924.19386-4.458761-3.48944-7.431263-6.39731-9.499092-2.77864-1.680104-5.29884-2.197062-7.62513-2.197062zm20.54903 3.683318c-.25858 1.486247-.0647 1.09853-.12913 1.873973-.0647.516945-.0647 1.163157-.12914 1.680102-.12914.516959-.2586 1.033904-.45236 1.550886-.12913.516945-.32309 1.033903-.51694 1.550847-.2586.516983-.45234.969301-.71082 1.486258-.19385.258585-.32309.516945-.51695.775443-.12914.193857-.25858.387715-.38771.581572-.32309.452355-.64621.904673-.96929 1.292387-.38774.387729-.71083.840046-1.16319 1.163171v.0647c-.38771.3231-.77543.710815-1.22775 1.033903-1.35702 1.033902-2.90787 1.809344-4.32952 2.778644-.45231.323088-.90468.581587-1.29238.9693-.45233.323088-.84006.646176-1.22776 1.033903-.45236.387715-.77545.775442-1.16318 1.227784-.32309.387728-.7108.840048-.96927 1.292402-.32312.452317-.6462.904661-.9047 1.35699-.25857.516944-.45233.969299-.71081 1.486245-.19385.516944-.38773.969301-.51695 1.486244-.19386.581586-.3231 1.098544-.45234 1.615514-.0647.258583-.0647.58156-.12914.840045-.0648.258584-.0648.516945-.12913.775443 0 .516944-.0647 1.09853-.0647 1.615475 0 .387727 0 .775441.0647 1.163169 0 .516946.0647 1.033892.19385 1.615476.0647.516944.19384 1.033902.32312 1.550885.19386.516944.3231 1.033902.51694 1.550847.12916.323126.32309.646213.45236.904673l-14.86252-5.75114c-2.52018-.710815-4.9757-1.35699-7.49588-1.938576-1.357-.323087-2.714-.646198-4.07102-.969299-3.87719-.77543-7.81895-1.356991-11.76076-1.744705-.12913 0-.19385-.06471-.32309-.06471-3.8772-.387714-7.68973-.581572-11.5669-.581572-2.84328 0-5.68656.129131-8.465201.323088-3.941798.258584-7.883602.775442-11.825373 1.421617-.969302.129144-1.938602.323125-2.907905.516984-2.003199.387689-3.941771.840044-5.815742 1.292386-.9693.258584-1.938602.516958-2.907903.775419-.96927.387713-1.87394.84007-2.778642 1.227784-.710811.323088-1.421619.646187-2.132431.9693-.129139.06471-.25858.06471-.32309.129144-.64621.323087-1.22779.581547-1.809341.904671-.193861.06471-.323122.129132-.452351.193859-.71081.323089-1.421618.710803-2.003201 1.033902-.45235.193858-.90467.452343-1.292389.646213-.193862.129131-.452353.258572-.581582.323088-.581579.323088-1.16316.646174-1.680111.9693-.581581.323087-1.098532.646175-1.550882.969263-.452318.323125-.904667.581585-1.29239.904672-.06474.06471-.129139.06471-.193861.129145-.387719.258583-.840039.581571-1.227758.904696 0 0-.06473.0647-.12914.129142-.32309.258584-.646212.516947-.969301.775407-.129138.06471-.258581.193857-.38772.258583-.32309.258586-.64618.581586-.969271.84007-.06473.129143-.193859.193858-.258581.258585-.38772.387715-.775441.710802-1.163161 1.09853-.06473 0-.06473.06471-.129139.129131-.38772.3231-.775439.710816-1.163159 1.098543-.06473.06471-.06473.12913-.12914.12913-.32309.323089-.64618.646213-.969301 1.033902-.129137.129143-.32309.258586-.452319.387715-.32309.387728-.710811.775443-1.09853 1.163171-.06473.129132-.19386.193858-.258582.323087-.516952.516983-.969302 1.033928-1.486252 1.550885-.06473.06471-.129138.129128-.193859.193858-1.033931 1.098529-2.132463 2.197059-3.295594 3.166352-1.163159 1.0339-2.390922 2.0032-3.618711 2.84325-1.292392.9047-2.520152 1.68011-3.877173 2.45555-1.292392.71079-2.649412 1.35701-4.071032 1.9386-1.357022.58157-2.778641 1.09854-4.200264 1.55085-2.714041.58157-5.492684 1.68011-7.883605 1.87397-.51695 0-1.098531.12915-1.615482.19385-.581578.12914-1.098529.25859-1.615479.38774-.516951.19384-1.033931.38771-1.550883.58156-.516951.19386-1.033901.45235-1.550852.71083-.45235.32308-.969299.58157-1.421651.90466-.452322.32309-.904672.7108-1.292393 1.09853-.452319.32312-.904669.77545-1.29239 1.16315-.387721.45237-.77544.84008-1.0985304 1.29239-.3230901.51695-.7108108.96931-.9693016 1.48627-.32309.45235-.6461799.96929-.9046707 1.48622-.2585815.58161-.5169498 1.09855-.7108107 1.68014-.1938599.51695-.3877199 1.09852-.5815799 1.68011-.1291382.51694-.2585813 1.0339-.3230898 1.55083 0 .0648-.064719.12916-.064719.19387-.1291392.58161-.1291392 1.35706-.1938608 1.74479-.064719.45232-.1291373.84002-.1291373 1.29238 0 .25858 0 .58155.064719.84003.064719.45236.1291371.84007.2585814 1.22782.1291382.38766.2585815.77539.4523201 1.16312v.0647c.1938599.38775.4523506.77545.7108108 1.16317.2585814.38772.5169804.77544.8400704 1.16317.3230899.32309.7108109.71078 1.0985304 1.03389.3877209.38772.7754421.71081 1.2277611 1.0339 1.550881 1.35703 1.938601 1.80938 3.941806 2.84327.323087.19387.64621.32311 1.03393.51697.06473 0 .129139.0647.193859.0647 0 .12913 0 .19387.06473.32313.06472.51696.193859 1.03389.32309 1.55086.129138.58158.323121 1.09855.516981 1.55087.19386.38773.32309.77543.516951 1.16317.06472.12915.12914.25858.19386.32309.258581.51694.51695.96932.77541 1.42162.323121.45233.64621.90466.969299 1.35703.323092.3877.710813.84004 1.098532 1.22775.387721.38773.775442.71083 1.227793 1.09852 0 0 .06473.0648.129137.0648.387722.32312.77544.64622 1.163162.90466.45232.32311.90467.58157 1.421619.84007.452351.25858.969302.51695 1.486252.71082.387721.19386.84004.32311 1.292392.45234.06473.0648.129138.0648.258582.12916.258581.0648.581548.12912.840039.19384-.193859 3.48945-.258582 6.78504.258583 7.94822.58155 1.29238 3.424821-2.64941 6.268094-7.17277-.387719 4.45875-.646211 9.6929 0 11.24381.710809 1.61545 4.587982-3.42487 7.948203-8.98215 45.815262-10.59757 87.62418 21.066 92.01829 65.78273-.84006-6.97892-9.43446-10.85608-13.37623-9.88677-1.93861 4.78183-5.2342 10.92068-10.53299 14.73324.45233-4.2649.25856-8.65901-.64619-12.92392-1.42165 5.94501-4.2003 11.50232-8.01287 16.28415-6.138857.45232-12.277729-2.52019-15.50872-6.97891-.258582-.19388-.323091-.58159-.516951-.84006-.193862-.45238-.387719-.90467-.516951-1.35703-.193859-.45232-.323089-.90467-.387719-1.35699-.06473-.45236-.06473-.90469-.06473-1.42163 0-.32312 0-.6462 0-.96928.06473-.45238.19386-.90471.323091-1.35705.129138-.45232.25858-.90467.45235-1.35701.258582-.45231.45232-.90466.775441-1.35698 1.09853-3.10178 1.09853-5.62192-.90467-7.10816-.387721-.25858-.775441-.45236-1.227791-.64622-.258584-.0647-.581582-.19386-.84004-.25857-.193861-.0647-.32309-.12916-.516951-.19387-.452351-.12914-.904702-.25859-1.357022-.32309-.45235-.12913-.90467-.19386-1.35702-.19386-.452321-.0648-.969303-.12914-1.421622-.12914-.323089 0-.64621.0647-.969301.0647-.516949 0-.969299.0648-1.421621.19386-.45235.0648-.904669.12913-1.357019.25856-.452322.12915-.904673.25859-1.357023.45238-.452319.19385-.840041.38771-1.292389.58157-.38769.19387-.775412.45232-1.227761.64618-15.056371 9.82217-6.074235 32.82674 4.200264 39.48256-3.877175.71081-7.818947 1.5509-8.917479 2.39092-.06473.0647-.129138.12915-.129138.12915 2.778642 1.68009 5.686516 3.10173 8.723616 4.32949 4.135665 1.35702 8.529786 2.58479 10.468387 3.10176v.0647c5.363424 1.09854 10.79148 1.48626 16.284139 1.16317 28.62649-2.00321 52.0834-23.78003 56.3483-52.47111.12914.58159.25858 1.09852.38772 1.68012.19387 1.16312.45232 2.3909.58155 3.61867v.0648c.12914.58158.19386 1.16315.25858 1.6801v.25859c.0648.58157.12915 1.16316.12915 1.6801.0647.71082.12914 1.42162.12914 2.13247v1.0339c0 .32312.0647.7108.0647 1.03392 0 .38773-.0647.77542-.0647 1.16314v.90467c0 .45236-.0648.84006-.0648 1.2924 0 .25856 0 .51696-.0647.84006 0 .45236-.0647.90466-.0647 1.42162-.0648.19386-.0648.38772-.0648.58159-.0647.51696-.12914.9693-.19387 1.48626 0 .19387 0 .38771-.0647.58159-.0648.64617-.19385 1.22777-.25855 1.87394v.0648.0647c-.12914.58157-.2586 1.22776-.38775 1.80933v.19387c-.12912.58156-.25858 1.16316-.3877 1.74471 0 .0648-.0647.19387-.0647.25856-.12916.5816-.2586 1.16317-.45232 1.74478v.19384c-.19386.64617-.38773 1.22776-.51698 1.80934-.0647.0647-.0647.12914-.0647.12914-.19387.64621-.38771 1.29239-.58155 1.93858-.25858.64621-.45234 1.22778-.71081 1.87398-.25857.6462-.45236 1.2924-.71083 1.87396-.25859.64622-.51697 1.2278-.77543 1.87397h-.0648c-.2586.58157-.51699 1.22779-.8401 1.80938-.0647.19383-.12912.32309-.19384.4523-.0647.0648-.0647.12914-.12914.19388-4.20026 8.46514-10.40377 15.89639-18.15809 21.71217-.51695.32309-1.03392.71082-1.55086 1.09852-.12915.12915-.32312.19388-.45235.32309-.45235.3231-.90468.64618-1.42161.96931l.19385.38772h.0647c.90466-.12913 1.80934-.25858 2.71402-.38772h.0647c1.68012-.25858 3.36023-.58158 5.04035-.90467.45231-.0648.9693-.19385 1.42161-.32312.32309-.0648.58158-.12913.90467-.19386.45235-.0648.90468-.19386 1.35704-.25857.3877-.12914.77543-.19388 1.16314-.3231 6.46195-1.55089 12.73007-3.68335 18.73965-6.20349-10.27448 14.02243-24.03847 25.33087-40.12874 32.76212 7.43127-.51696 14.86251-1.74472 22.03528-3.81254 26.0417-7.68977 47.94772-25.20165 61.06549-48.7878-2.6494 14.92714-8.5944 29.14344-17.38265 41.55041 6.26809-4.13569 12.01923-8.91753 17.25342-14.34557 14.47478-15.12097 23.97388-34.31296 27.20483-54.92665 2.19708 10.2099 2.84328 20.74293 1.87398 31.14666 46.65534-65.07192 3.87717-132.53476-14.02244-150.305141-.0648-.129133-.12914-.193858-.12914-.323089-.0648.0647-.0648.0647-.0648.129144 0-.06471 0-.06471-.0647-.129144 0 .775442-.0647 1.550848-.12914 2.326291-.19387 1.48625-.38771 2.907879-.64621 4.329529-.32308 1.42162-.71081 2.84322-1.09854 4.26488-.45232 1.35699-.96925 2.77862-1.55085 4.13565-.58158 1.29237-1.22778 2.64939-1.93859 3.9418-.71082 1.22778-1.48625 2.52016-2.32629 3.6833-.84006 1.2278-1.74474 2.39093-2.64943 3.48944-.96931 1.16318-2.00319 2.1971-3.03712 3.23101-.64618.58158-1.22775 1.09853-1.87398 1.61546-.51694.45236-.96927.84009-1.48625 1.29239-1.16314.90468-2.32629 1.74474-3.61867 2.52019-1.22778.77542-2.52014 1.55086-3.81254 2.19707-1.35702.64619-2.71404 1.22776-4.07104 1.80935-1.35702.51693-2.77864.96928-4.20031 1.35701-1.42161.3877-2.90785.71081-4.32949.96928-1.48623.25858-2.97249.38771-4.39412.51697-1.03392.0647-2.06782.12915-3.10175.12915-1.48626 0-2.97248-.12915-4.39412-.25858-1.48624-.12914-2.97251-.32314-4.39413-.64623-1.48625-.25858-2.9079-.64621-4.32953-1.09851h-.0647c1.42163-.12914 2.84327-.2586 4.26492-.51697 1.48622-.25858 2.90785-.58156 4.3295-.96931 1.42162-.38771 2.84325-.84006 4.20026-1.357 1.42162-.51696 2.77865-1.16313 4.07105-1.80936 1.357-.64621 2.58478-1.357 3.87716-2.13244 1.22776-.84005 2.45554-1.68009 3.61869-2.58479 1.16316-.90466 2.26167-1.87394 3.29562-2.90786 1.09853-.96932 2.06781-2.06784 3.03711-3.16638.96927-1.16312 1.87396-2.32628 2.71402-3.48944.12915-.19387.25859-.45232.38774-.64619.64617-1.03392 1.29235-2.06783 1.87392-3.10176.71083-1.29239 1.35704-2.58479 1.9386-3.94177.58159-1.35702 1.09855-2.71405 1.55089-4.13566.45232-1.35703.77542-2.77864 1.09853-4.200258.25859-1.486258.51694-2.90791.64619-4.329528.12914-1.486244.25857-2.972503.25857-4.394119 0-1.033928-.0648-2.06783-.12912-3.101733-.12915-1.486246-.32311-2.9079-.51696-4.329519-.25859-1.486257-.58157-2.907873-.96931-4.329529-.45231-1.356991-.90467-2.778634-1.42161-4.135623-.51699-1.357028-1.16315-2.714042-1.80938-4.006443-.71081-1.292388-1.42161-2.584776-2.19704-3.812536-.84005-1.22776-1.68013-2.390917-2.5848-3.554087-.96927-1.098531-1.93857-2.19706-2.97251-3.29559-.51694-.516947-1.09853-1.098532-1.6801-1.615476-2.90787-2.2617-5.945-4.394159-8.9821-6.332732-.45233-.258574-.84005-.452342-1.2924-.646212-2.13246-1.356992-4.13566-2.067831-6.13885-2.714007z" fill="#e0234e" fill-rule="evenodd" transform="translate(0 -41.412487)"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/zerops/nextjs.svg b/apps/docs/static/img/recipes/zerops/nextjs.svg
new file mode 100644
index 000000000..50ccbbd18
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/nextjs.svg
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
+<svg width="800px" height="800px" viewBox="0 0 256 256" version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid">
+    <g>
+        <path d="M119.616813,0.0688905149 C119.066276,0.118932037 117.314565,0.294077364 115.738025,0.419181169 C79.3775171,3.69690087 45.3192571,23.3131775 23.7481916,53.4631946 C11.7364614,70.2271045 4.05395894,89.2428829 1.15112414,109.384595 C0.12512219,116.415429 0,118.492153 0,128.025062 C0,137.557972 0.12512219,139.634696 1.15112414,146.665529 C8.10791789,194.730411 42.3163245,235.11392 88.7116325,250.076335 C97.0197458,252.753556 105.778299,254.580072 115.738025,255.680985 C119.616813,256.106338 136.383187,256.106338 140.261975,255.680985 C157.453763,253.779407 172.017986,249.525878 186.382014,242.194795 C188.584164,241.068861 189.00958,240.768612 188.709286,240.518404 C188.509091,240.36828 179.124927,227.782837 167.86393,212.570214 L147.393939,184.922273 L121.743891,146.965779 C107.630108,126.098464 96.0187683,109.034305 95.9186706,109.034305 C95.8185728,109.009284 95.7184751,125.873277 95.6684262,146.465363 C95.5933529,182.52028 95.5683284,183.971484 95.1178886,184.82219 C94.4672532,186.048207 93.9667644,186.548623 92.915738,187.099079 C92.114956,187.499411 91.4142717,187.574474 87.6355816,187.574474 L83.3063539,187.574474 L82.1552297,186.848872 C81.4044966,186.373477 80.8539589,185.747958 80.4785924,185.022356 L79.9530792,183.896422 L80.0031281,133.729796 L80.0782014,83.5381493 L80.8539589,82.5623397 C81.25435,82.0369037 82.1051808,81.3613431 82.7057674,81.0360732 C83.7317693,80.535658 84.1321603,80.4856165 88.4613881,80.4856165 C93.5663734,80.4856165 94.4172043,80.6857826 95.7434995,82.1369867 C96.1188661,82.5373189 110.007429,103.454675 126.623656,128.650581 C143.239883,153.846488 165.962072,188.250034 177.122972,205.139048 L197.392766,235.839522 L198.418768,235.163961 C207.502639,229.259062 217.112023,220.852086 224.719453,212.09482 C240.910264,193.504394 251.345455,170.835585 254.848876,146.665529 C255.874878,139.634696 256,137.557972 256,128.025062 C256,118.492153 255.874878,116.415429 254.848876,109.384595 C247.892082,61.3197135 213.683675,20.9362052 167.288368,5.97379012 C159.105376,3.32158945 150.396872,1.49507389 140.637341,0.394160408 C138.234995,0.143952798 121.693842,-0.131275573 119.616813,0.0688905149 L119.616813,0.0688905149 Z M172.017986,77.4831252 C173.219159,78.0836234 174.195112,79.2345784 174.545455,80.435575 C174.74565,81.0861148 174.795699,94.9976579 174.74565,126.348671 L174.670577,171.336 L166.73783,159.17591 L158.780059,147.01582 L158.780059,114.313685 C158.780059,93.1711423 158.880156,81.2862808 159.030303,80.7108033 C159.430694,79.3096407 160.306549,78.2087272 161.507722,77.5581875 C162.533724,77.0327515 162.909091,76.98271 166.837928,76.98271 C170.541544,76.98271 171.19218,77.0327515 172.017986,77.4831252 Z" fill="#000000">
+
</path>
+    </g>
+</svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/zerops/nodejs.svg b/apps/docs/static/img/recipes/zerops/nodejs.svg
new file mode 100644
index 000000000..4d140b28e
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/nodejs.svg
@@ -0,0 +1 @@
+<svg width="71" height="80" viewBox="0 0 71 80" fill="none" xmlns="http://www.w3.org/2000/svg"><g clipPath="url(#clip0_337_7891)" fill="#5FA04E"><path d="M35.625 79.5c-1.081 0-2.09-.288-3.028-.792l-9.59-5.686c-1.442-.792-.721-1.08-.289-1.224 1.947-.648 2.308-.792 4.327-1.944.216-.144.504-.072.72.072l7.356 4.391c.288.144.649.144.865 0l28.77-16.628c.289-.144.433-.431.433-.791V23.714c0-.36-.144-.648-.432-.792L35.986 6.366c-.288-.144-.65-.144-.865 0L6.35 22.922c-.29.144-.434.504-.434.792v33.184c0 .287.145.647.433.791l7.86 4.535c4.254 2.16 6.922-.36 6.922-2.879V26.593c0-.432.36-.864.865-.864h3.678c.432 0 .865.36.865.864v32.752c0 5.687-3.1 8.998-8.509 8.998-1.658 0-2.956 0-6.633-1.8l-7.572-4.319A6.073 6.073 0 0 1 .798 56.97V23.786a6.073 6.073 0 0 1 3.028-5.255l28.77-16.628c1.804-1.008 4.255-1.008 6.058 0l28.77 16.628a6.073 6.073 0 0 1 3.029 5.255V56.97a6.073 6.073 0 0 1-3.029 5.254l-28.77 16.628c-.865.36-1.947.648-3.029.648Z" /><path d="M44.567 56.682c-12.62 0-15.215-5.759-15.215-10.654 0-.432.36-.864.865-.864h3.75c.433 0 .793.288.793.72.577 3.815 2.235 5.687 9.879 5.687 6.057 0 8.652-1.368 8.652-4.607 0-1.871-.72-3.24-10.167-4.175-7.86-.792-12.762-2.52-12.762-8.782 0-5.83 4.903-9.285 13.123-9.285 9.23 0 13.772 3.167 14.35 10.077 0 .216-.073.432-.217.648-.144.144-.36.288-.577.288h-3.822a.844.844 0 0 1-.793-.648c-.865-3.96-3.1-5.255-9.013-5.255-6.634 0-7.427 2.304-7.427 4.031 0 2.088.937 2.736 9.879 3.887 8.869 1.152 13.05 2.808 13.05 8.998 0 6.335-5.263 9.934-14.348 9.934Z" /></g><defs><clipPath id="clip0_337_7891"><path fill="#fff" d="M0 .5h71v79H0z" /></clipPath></defs></svg>
diff --git a/apps/docs/static/img/recipes/zerops/nuxt.svg b/apps/docs/static/img/recipes/zerops/nuxt.svg
new file mode 100644
index 000000000..ead151fc7
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/nuxt.svg
@@ -0,0 +1,3 @@
+<svg width="512" height="512" viewBox="0 0 512 512" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M281.44 397.667H438.32C443.326 397.667 448.118 395.908 452.453 393.427C456.789 390.946 461.258 387.831 463.76 383.533C466.262 379.236 468.002 374.36 468 369.399C467.998 364.437 466.266 359.563 463.76 355.268L357.76 172.947C355.258 168.65 352.201 165.534 347.867 163.053C343.532 160.573 337.325 158.813 332.32 158.813C327.315 158.813 322.521 160.573 318.187 163.053C313.852 165.534 310.795 168.65 308.293 172.947L281.44 219.587L227.733 129.13C225.229 124.834 222.176 120.307 217.84 117.827C213.504 115.346 208.713 115 203.707 115C198.701 115 193.909 115.346 189.573 117.827C185.238 120.307 180.771 124.834 178.267 129.13L46.8267 355.268C44.3208 359.563 44.0022 364.437 44 369.399C43.9978 374.36 44.3246 379.235 46.8267 383.533C49.3288 387.83 53.7979 390.946 58.1333 393.427C62.4688 395.908 67.2603 397.667 72.2667 397.667H171.2C210.401 397.667 238.934 380.082 258.827 346.787L306.88 263.4L332.32 219.587L410.053 352.44H306.88L281.44 397.667ZM169.787 352.44H100.533L203.707 174.36L256 263.4L221.361 323.784C208.151 345.387 193.089 352.44 169.787 352.44Z" fill="#00DC82"/>
+</svg>
diff --git a/apps/docs/static/img/recipes/zerops/php.svg b/apps/docs/static/img/recipes/zerops/php.svg
new file mode 100644
index 000000000..d2f28cb59
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/php.svg
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?><!-- Uploaded to: SVG Repo, www.svgrepo.com, Generator: SVG Repo Mixer Tools -->
+<svg width="800px" height="800px" viewBox="0 0 32 32" fill="none" xmlns="http://www.w3.org/2000/svg">
+<circle cx="16" cy="16" r="14" fill="#8892BF"/>
+<path d="M14.4392 10H16.1192L15.6444 12.5242H17.154C17.9819 12.5419 18.5986 12.7269 19.0045 13.0793C19.4184 13.4316 19.5402 14.1014 19.3698 15.0881L18.5541 19.4889H16.8497L17.6288 15.2863C17.7099 14.8457 17.6856 14.533 17.5558 14.348C17.426 14.163 17.146 14.0705 16.7158 14.0705L15.3644 14.0573L14.3661 19.4889H12.6861L14.4392 10Z" fill="white"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M6.74092 12.5243H10.0036C10.9612 12.533 11.6552 12.8327 12.0854 13.4229C12.5156 14.0132 12.6576 14.8193 12.5115 15.8414C12.4548 16.3085 12.3289 16.7665 12.1341 17.2159C11.9474 17.6652 11.6878 18.0704 11.355 18.4317C10.9491 18.8898 10.5149 19.1805 10.0523 19.304C9.58969 19.4274 9.11076 19.489 8.61575 19.489H7.15484L6.69222 22H5L6.74092 12.5243ZM7.43485 17.9956L8.16287 14.0441H8.40879C8.49815 14.0441 8.5914 14.0396 8.6888 14.0309C9.33817 14.0221 9.87774 14.0882 10.308 14.2291C10.7462 14.37 10.8923 14.9031 10.7462 15.8282C10.5678 16.9296 10.2186 17.5727 9.69926 17.7577C9.1799 17.934 8.53053 18.0176 7.75138 18.0088H7.58094C7.53224 18.0088 7.48355 18.0043 7.43485 17.9956Z" fill="white"/>
+<path fill-rule="evenodd" clip-rule="evenodd" d="M24.4365 12.5243H21.1738L19.4329 22H21.1251L21.5878 19.489H23.0487C23.5437 19.489 24.0226 19.4274 24.4852 19.304C24.9479 19.1805 25.382 18.8898 25.7879 18.4317C26.1207 18.0704 26.3803 17.6652 26.567 17.2159C26.7618 16.7665 26.8877 16.3085 26.9444 15.8414C27.0905 14.8193 26.9486 14.0132 26.5183 13.4229C26.0881 12.8327 25.3942 12.533 24.4365 12.5243ZM22.5958 14.0441L21.8678 17.9956C21.9165 18.0043 21.9652 18.0088 22.0139 18.0088H22.1843C22.9635 18.0176 23.6128 17.934 24.1322 17.7577C24.6515 17.5727 25.0007 16.9296 25.1792 15.8282C25.3253 14.9031 25.1792 14.37 24.7409 14.2291C24.3107 14.0882 23.7711 14.0221 23.1217 14.0309C23.0243 14.0396 22.9311 14.0441 22.8417 14.0441H22.5958Z" fill="white"/>
+</svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/zerops/python.svg b/apps/docs/static/img/recipes/zerops/python.svg
new file mode 100644
index 000000000..44915a4d5
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/python.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 128 128"><linearGradient id="a" gradientUnits="userSpaceOnUse" x1="70.252" y1="1237.476" x2="170.659" y2="1151.089" gradientTransform="matrix(.563 0 0 -.568 -29.215 707.817)"><stop offset="0" stop-color="#5A9FD4"/><stop offset="1" stop-color="#306998"/></linearGradient><linearGradient id="b" gradientUnits="userSpaceOnUse" x1="209.474" y1="1098.811" x2="173.62" y2="1149.537" gradientTransform="matrix(.563 0 0 -.568 -29.215 707.817)"><stop offset="0" stop-color="#FFD43B"/><stop offset="1" stop-color="#FFE873"/></linearGradient><path fill="url(#a)" d="M63.391 1.988c-4.222.02-8.252.379-11.8 1.007-10.45 1.846-12.346 5.71-12.346 12.837v9.411h24.693v3.137H29.977c-7.176 0-13.46 4.313-15.426 12.521-2.268 9.405-2.368 15.275 0 25.096 1.755 7.311 5.947 12.519 13.124 12.519h8.491V67.234c0-8.151 7.051-15.34 15.426-15.34h24.665c6.866 0 12.346-5.654 12.346-12.548V15.833c0-6.693-5.646-11.72-12.346-12.837-4.244-.706-8.645-1.027-12.866-1.008zM50.037 9.557c2.55 0 4.634 2.117 4.634 4.721 0 2.593-2.083 4.69-4.634 4.69-2.56 0-4.633-2.097-4.633-4.69-.001-2.604 2.073-4.721 4.633-4.721z" transform="translate(0 10.26)"/><path fill="url(#b)" d="M91.682 28.38v10.966c0 8.5-7.208 15.655-15.426 15.655H51.591c-6.756 0-12.346 5.783-12.346 12.549v23.515c0 6.691 5.818 10.628 12.346 12.547 7.816 2.297 15.312 2.713 24.665 0 6.216-1.801 12.346-5.423 12.346-12.547v-9.412H63.938v-3.138h37.012c7.176 0 9.852-5.005 12.348-12.519 2.578-7.735 2.467-15.174 0-25.096-1.774-7.145-5.161-12.521-12.348-12.521h-9.268zM77.809 87.927c2.561 0 4.634 2.097 4.634 4.692 0 2.602-2.074 4.719-4.634 4.719-2.55 0-4.633-2.117-4.633-4.719 0-2.595 2.083-4.692 4.633-4.692z" transform="translate(0 10.26)"/><radialGradient id="c" cx="1825.678" cy="444.45" r="26.743" gradientTransform="matrix(0 -.24 -1.055 0 532.979 557.576)" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#B8B8B8" stop-opacity=".498"/><stop offset="1" stop-color="#7F7F7F" stop-opacity="0"/></radialGradient><path opacity=".444" fill="url(#c)" d="M97.309 119.597c0 3.543-14.816 6.416-33.091 6.416-18.276 0-33.092-2.873-33.092-6.416 0-3.544 14.815-6.417 33.092-6.417 18.275 0 33.091 2.872 33.091 6.417z"/></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/zerops/qwik.svg b/apps/docs/static/img/recipes/zerops/qwik.svg
new file mode 100644
index 000000000..9ad975e7c
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/qwik.svg
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg id="Layer_2" data-name="Layer 2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 91.36 97.24">
+  <defs>
+    <style>
+      .custom-icon-qwik-1 {
+        fill: #ac7ef4;
+      }
+
+      .custom-icon-qwik-1, .custom-icon-qwik-2, .custom-icon-qwik-3 {
+        stroke-width: 0px;
+      }
+
+      .custom-icon-qwik-2 {
+        fill: #18b6f6;
+      }
+
+      .custom-icon-qwik-3 {
+        fill: #fff;
+      }
+    </style>
+  </defs>
+  <g id="Layer_1-2" data-name="Layer 1">
+    <path class="custom-icon-qwik-2" d="M80.35,97.24l-17.43-17.34-.25.04v-.18L25.61,43.1l9.15-8.82L29.38,3.44,3.91,35.04C-.41,39.4-1.25,46.54,1.89,51.79l15.92,26.42c2.43,4.05,6.26,6.66,11.6,6.46,11.3-.4,16.27-.4,16.27-.4l34.67,12.96h0s0,0,0,0Z"/>
+    <path class="custom-icon-qwik-1" d="M88.96,48.64c2.51-5.18,3.41-9.7.93-14.25l-3.52-6.48-1.83-3.33-.71-1.3-.07.07-9.59-16.63C71.76,2.52,67.26-.05,62.41,0l-8.41.24-25.09.07c-4.74.03-9.11,2.55-11.51,6.63L2.16,37.22,29.44,3.27l35.79,39.36-6.41,6.49,3.82,30.79.05-.07v.09h-.05l.07.07,2.98,2.91,14.44,14.1c.61.59,1.59-.12,1.19-.84l-8.93-17.56"/>
+    <path class="custom-icon-qwik-3" d="M65.32,42.54L29.43,3.38l5.1,30.66-9.13,8.86,37.19,36.96-3.35-30.68,6.09-6.63h0Z"/>
+  </g>
+</svg>
diff --git a/apps/docs/static/img/recipes/zerops/react.svg b/apps/docs/static/img/recipes/zerops/react.svg
new file mode 100644
index 000000000..ea77a618d
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/react.svg
@@ -0,0 +1,9 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="-11.5 -10.23174 23 20.46348">
+  <title>React Logo</title>
+  <circle cx="0" cy="0" r="2.05" fill="#61dafb"/>
+  <g stroke="#61dafb" stroke-width="1" fill="none">
+    <ellipse rx="11" ry="4.2"/>
+    <ellipse rx="11" ry="4.2" transform="rotate(60)"/>
+    <ellipse rx="11" ry="4.2" transform="rotate(120)"/>
+  </g>
+</svg>
diff --git a/apps/docs/static/img/recipes/zerops/ruby.svg b/apps/docs/static/img/recipes/zerops/ruby.svg
new file mode 100644
index 000000000..59cf324fe
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/ruby.svg
@@ -0,0 +1,948 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Generator: Adobe Illustrator 12.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 51448)  -->
+
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://creativecommons.org/ns#"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:xlink="http://www.w3.org/1999/xlink"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   version="1.1"
+   id="Layer_1"
+   width="198.13"
+   height="197.58"
+   viewBox="0 0 198.13 197.58"
+   overflow="visible"
+   enable-background="new 0 0 198.13 197.58"
+   xml:space="preserve"
+   inkscape:version="0.48.0 r9654"
+   sodipodi:docname="Logo-Ruby.svg"><metadata
+   id="metadata3320"><rdf:RDF><cc:Work
+       rdf:about=""><dc:format>image/svg+xml</dc:format><dc:type
+         rdf:resource="http://purl.org/dc/dcmitype/StillImage" /></cc:Work></rdf:RDF></metadata><defs
+   id="defs3489"><linearGradient
+     id="XMLID_17_-9"
+     gradientUnits="userSpaceOnUse"
+     x1="174.0737"
+     y1="215.5488"
+     x2="132.27631"
+     y2="141.7533"><stop
+       offset="0"
+       style="stop-color:#FB7655"
+       id="stop3272-4" /><stop
+       offset="0"
+       style="stop-color:#FB7655"
+       id="stop3274-5" /><stop
+       offset="0.41"
+       style="stop-color:#E42B1E"
+       id="stop3276-1" /><stop
+       offset="0.99"
+       style="stop-color:#990000"
+       id="stop3278-0" /><stop
+       offset="1"
+       style="stop-color:#990000"
+       id="stop3280-3" /></linearGradient><linearGradient
+     id="XMLID_18_-7"
+     gradientUnits="userSpaceOnUse"
+     x1="194.895"
+     y1="153.5576"
+     x2="141.0276"
+     y2="117.4093"><stop
+       offset="0"
+       style="stop-color:#871101"
+       id="stop3285-8" /><stop
+       offset="0"
+       style="stop-color:#871101"
+       id="stop3287-8" /><stop
+       offset="0.99"
+       style="stop-color:#911209"
+       id="stop3289-6" /><stop
+       offset="1"
+       style="stop-color:#911209"
+       id="stop3291-0" /></linearGradient><linearGradient
+     id="XMLID_19_-4"
+     gradientUnits="userSpaceOnUse"
+     x1="151.79539"
+     y1="217.7852"
+     x2="97.929703"
+     y2="181.638"><stop
+       offset="0"
+       style="stop-color:#871101"
+       id="stop3296-6" /><stop
+       offset="0"
+       style="stop-color:#871101"
+       id="stop3298-7" /><stop
+       offset="0.99"
+       style="stop-color:#911209"
+       id="stop3300-6" /><stop
+       offset="1"
+       style="stop-color:#911209"
+       id="stop3302-0" /></linearGradient><linearGradient
+     id="XMLID_20_-9"
+     gradientUnits="userSpaceOnUse"
+     x1="38.696301"
+     y1="127.3906"
+     x2="47.046902"
+     y2="181.66141"><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3307-7" /><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3309-5" /><stop
+       offset="0.23"
+       style="stop-color:#E57252"
+       id="stop3311-9" /><stop
+       offset="0.46"
+       style="stop-color:#DE3B20"
+       id="stop3313-7" /><stop
+       offset="0.99"
+       style="stop-color:#A60003"
+       id="stop3315-8" /><stop
+       offset="1"
+       style="stop-color:#A60003"
+       id="stop3317-5" /></linearGradient><linearGradient
+     id="XMLID_21_-3"
+     gradientUnits="userSpaceOnUse"
+     x1="96.132797"
+     y1="76.715302"
+     x2="99.209602"
+     y2="132.1021"><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3322-3" /><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3324-8" /><stop
+       offset="0.23"
+       style="stop-color:#E4714E"
+       id="stop3326-3" /><stop
+       offset="0.56"
+       style="stop-color:#BE1A0D"
+       id="stop3328-7" /><stop
+       offset="0.99"
+       style="stop-color:#A80D00"
+       id="stop3330-9" /><stop
+       offset="1"
+       style="stop-color:#A80D00"
+       id="stop3332-3" /></linearGradient><linearGradient
+     id="XMLID_22_-7"
+     gradientUnits="userSpaceOnUse"
+     x1="147.103"
+     y1="25.521"
+     x2="156.3141"
+     y2="65.216202"><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3337-8" /><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3339-7" /><stop
+       offset="0.18"
+       style="stop-color:#E46342"
+       id="stop3341-4" /><stop
+       offset="0.4"
+       style="stop-color:#C82410"
+       id="stop3343-1" /><stop
+       offset="0.99"
+       style="stop-color:#A80D00"
+       id="stop3345-9" /><stop
+       offset="1"
+       style="stop-color:#A80D00"
+       id="stop3347-0" /></linearGradient><linearGradient
+     id="XMLID_23_-9"
+     gradientUnits="userSpaceOnUse"
+     x1="118.9761"
+     y1="11.5415"
+     x2="158.66859"
+     y2="-8.3048"><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3352-8" /><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3354-8" /><stop
+       offset="0.54"
+       style="stop-color:#C81F11"
+       id="stop3356-5" /><stop
+       offset="0.99"
+       style="stop-color:#BF0905"
+       id="stop3358-8" /><stop
+       offset="1"
+       style="stop-color:#BF0905"
+       id="stop3360-4" /></linearGradient><linearGradient
+     id="XMLID_24_-3"
+     gradientUnits="userSpaceOnUse"
+     x1="3.9033"
+     y1="113.5547"
+     x2="7.1701999"
+     y2="146.2628"><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3365-7" /><stop
+       offset="0"
+       style="stop-color:#FFFFFF"
+       id="stop3367-1" /><stop
+       offset="0.31"
+       style="stop-color:#DE4024"
+       id="stop3369-3" /><stop
+       offset="0.99"
+       style="stop-color:#BF190B"
+       id="stop3371-8" /><stop
+       offset="1"
+       style="stop-color:#BF190B"
+       id="stop3373-0" /></linearGradient><linearGradient
+     id="XMLID_25_-9"
+     gradientUnits="userSpaceOnUse"
+     x1="-18.5557"
+     y1="155.10451"
+     x2="135.0152"
+     y2="-2.8092999"><stop
+       offset="0"
+       style="stop-color:#BD0012"
+       id="stop3380-7" /><stop
+       offset="0"
+       style="stop-color:#BD0012"
+       id="stop3382-9" /><stop
+       offset="0.07"
+       style="stop-color:#FFFFFF"
+       id="stop3384-9" /><stop
+       offset="0.17"
+       style="stop-color:#FFFFFF"
+       id="stop3386-3" /><stop
+       offset="0.27"
+       style="stop-color:#C82F1C"
+       id="stop3388-2" /><stop
+       offset="0.33"
+       style="stop-color:#820C01"
+       id="stop3390-4" /><stop
+       offset="0.46"
+       style="stop-color:#A31601"
+       id="stop3392-3" /><stop
+       offset="0.72"
+       style="stop-color:#B31301"
+       id="stop3394-7" /><stop
+       offset="0.99"
+       style="stop-color:#E82609"
+       id="stop3396-1" /><stop
+       offset="1"
+       style="stop-color:#E82609"
+       id="stop3398-2" /></linearGradient><linearGradient
+     id="XMLID_26_-2"
+     gradientUnits="userSpaceOnUse"
+     x1="99.074699"
+     y1="171.0332"
+     x2="52.817699"
+     y2="159.61659"><stop
+       offset="0"
+       style="stop-color:#8C0C01"
+       id="stop3403-0" /><stop
+       offset="0"
+       style="stop-color:#8C0C01"
+       id="stop3405-2" /><stop
+       offset="0.54"
+       style="stop-color:#990C00"
+       id="stop3407-1" /><stop
+       offset="0.99"
+       style="stop-color:#A80D0E"
+       id="stop3409-7" /><stop
+       offset="1"
+       style="stop-color:#A80D0E"
+       id="stop3411-5" /></linearGradient><linearGradient
+     id="XMLID_27_-1"
+     gradientUnits="userSpaceOnUse"
+     x1="178.52589"
+     y1="115.5146"
+     x2="137.43269"
+     y2="78.683998"><stop
+       offset="0"
+       style="stop-color:#7E110B"
+       id="stop3416-7" /><stop
+       offset="0"
+       style="stop-color:#7E110B"
+       id="stop3418-4" /><stop
+       offset="0.99"
+       style="stop-color:#9E0C00"
+       id="stop3420-1" /><stop
+       offset="1"
+       style="stop-color:#9E0C00"
+       id="stop3422-7" /></linearGradient><linearGradient
+     id="XMLID_28_-1"
+     gradientUnits="userSpaceOnUse"
+     x1="193.6235"
+     y1="47.937"
+     x2="173.15421"
+     y2="26.053801"><stop
+       offset="0"
+       style="stop-color:#79130D"
+       id="stop3427-1" /><stop
+       offset="0"
+       style="stop-color:#79130D"
+       id="stop3429-1" /><stop
+       offset="0.99"
+       style="stop-color:#9E120B"
+       id="stop3431-7" /><stop
+       offset="1"
+       style="stop-color:#9E120B"
+       id="stop3433-0" /></linearGradient><radialGradient
+     id="XMLID_29_-4"
+     cx="143.8315"
+     cy="79.388199"
+     r="50.357601"
+     gradientUnits="userSpaceOnUse"><stop
+       offset="0"
+       style="stop-color:#A80D00"
+       id="stop3440-0" /><stop
+       offset="0"
+       style="stop-color:#A80D00"
+       id="stop3442-8" /><stop
+       offset="0.99"
+       style="stop-color:#7E0E08"
+       id="stop3444-5" /><stop
+       offset="1"
+       style="stop-color:#7E0E08"
+       id="stop3446-1" /></radialGradient><radialGradient
+     id="XMLID_30_-6"
+     cx="74.0923"
+     cy="145.75101"
+     r="66.943703"
+     gradientUnits="userSpaceOnUse"><stop
+       offset="0"
+       style="stop-color:#A30C00"
+       id="stop3451-6" /><stop
+       offset="0"
+       style="stop-color:#A30C00"
+       id="stop3453-2" /><stop
+       offset="0.99"
+       style="stop-color:#800E08"
+       id="stop3455-1" /><stop
+       offset="1"
+       style="stop-color:#800E08"
+       id="stop3457-9" /></radialGradient><linearGradient
+     id="XMLID_31_-6"
+     gradientUnits="userSpaceOnUse"
+     x1="26.669901"
+     y1="197.33591"
+     x2="9.9886999"
+     y2="140.742"><stop
+       offset="0"
+       style="stop-color:#8B2114"
+       id="stop3462-4" /><stop
+       offset="0"
+       style="stop-color:#8B2114"
+       id="stop3464-8" /><stop
+       offset="0.43"
+       style="stop-color:#9E100A"
+       id="stop3466-0" /><stop
+       offset="0.99"
+       style="stop-color:#B3100C"
+       id="stop3468-8" /><stop
+       offset="1"
+       style="stop-color:#B3100C"
+       id="stop3470-1" /></linearGradient><linearGradient
+     id="XMLID_32_-0"
+     gradientUnits="userSpaceOnUse"
+     x1="154.6411"
+     y1="9.7979002"
+     x2="192.039"
+     y2="26.305901"><stop
+       offset="0"
+       style="stop-color:#B31000"
+       id="stop3475-2" /><stop
+       offset="0"
+       style="stop-color:#B31000"
+       id="stop3477-2" /><stop
+       offset="0.44"
+       style="stop-color:#910F08"
+       id="stop3479-9" /><stop
+       offset="0.99"
+       style="stop-color:#791C12"
+       id="stop3481-7" /><stop
+       offset="1"
+       style="stop-color:#791C12"
+       id="stop3483-5" /></linearGradient><linearGradient
+     y2="141.7533"
+     x2="132.27631"
+     y1="215.5488"
+     x1="174.0737"
+     gradientUnits="userSpaceOnUse"
+     id="linearGradient3448"
+     xlink:href="#XMLID_17_-9"
+     inkscape:collect="always" /></defs><sodipodi:namedview
+   pagecolor="#ffffff"
+   bordercolor="#666666"
+   borderopacity="1"
+   objecttolerance="10"
+   gridtolerance="10"
+   guidetolerance="10"
+   inkscape:pageopacity="0"
+   inkscape:pageshadow="2"
+   inkscape:window-width="1036"
+   inkscape:window-height="1124"
+   id="namedview3487"
+   showgrid="false"
+   inkscape:zoom="1.3412289"
+   inkscape:cx="99.065005"
+   inkscape:cy="98.790004"
+   inkscape:window-x="882"
+   inkscape:window-y="24"
+   inkscape:window-maximized="0"
+   inkscape:current-layer="Layer_1" />
+<linearGradient
+   id="XMLID_17_"
+   gradientUnits="userSpaceOnUse"
+   x1="174.0737"
+   y1="215.5488"
+   x2="132.2763"
+   y2="141.7533">
+	<stop
+   offset="0"
+   style="stop-color:#FB7655"
+   id="stop3272" />
+	<stop
+   offset="0"
+   style="stop-color:#FB7655"
+   id="stop3274" />
+	<stop
+   offset="0.41"
+   style="stop-color:#E42B1E"
+   id="stop3276" />
+	<stop
+   offset="0.99"
+   style="stop-color:#990000"
+   id="stop3278" />
+	<stop
+   offset="1"
+   style="stop-color:#990000"
+   id="stop3280" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_18_"
+   gradientUnits="userSpaceOnUse"
+   x1="194.895"
+   y1="153.5576"
+   x2="141.0276"
+   y2="117.4093">
+	<stop
+   offset="0"
+   style="stop-color:#871101"
+   id="stop3285" />
+	<stop
+   offset="0"
+   style="stop-color:#871101"
+   id="stop3287" />
+	<stop
+   offset="0.99"
+   style="stop-color:#911209"
+   id="stop3289" />
+	<stop
+   offset="1"
+   style="stop-color:#911209"
+   id="stop3291" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_19_"
+   gradientUnits="userSpaceOnUse"
+   x1="151.7954"
+   y1="217.7852"
+   x2="97.9297"
+   y2="181.638">
+	<stop
+   offset="0"
+   style="stop-color:#871101"
+   id="stop3296" />
+	<stop
+   offset="0"
+   style="stop-color:#871101"
+   id="stop3298" />
+	<stop
+   offset="0.99"
+   style="stop-color:#911209"
+   id="stop3300" />
+	<stop
+   offset="1"
+   style="stop-color:#911209"
+   id="stop3302" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_20_"
+   gradientUnits="userSpaceOnUse"
+   x1="38.6963"
+   y1="127.3906"
+   x2="47.0469"
+   y2="181.6614">
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3307" />
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3309" />
+	<stop
+   offset="0.23"
+   style="stop-color:#E57252"
+   id="stop3311" />
+	<stop
+   offset="0.46"
+   style="stop-color:#DE3B20"
+   id="stop3313" />
+	<stop
+   offset="0.99"
+   style="stop-color:#A60003"
+   id="stop3315" />
+	<stop
+   offset="1"
+   style="stop-color:#A60003"
+   id="stop3317" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_21_"
+   gradientUnits="userSpaceOnUse"
+   x1="96.1328"
+   y1="76.7153"
+   x2="99.2096"
+   y2="132.1021">
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3322" />
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3324" />
+	<stop
+   offset="0.23"
+   style="stop-color:#E4714E"
+   id="stop3326" />
+	<stop
+   offset="0.56"
+   style="stop-color:#BE1A0D"
+   id="stop3328" />
+	<stop
+   offset="0.99"
+   style="stop-color:#A80D00"
+   id="stop3330" />
+	<stop
+   offset="1"
+   style="stop-color:#A80D00"
+   id="stop3332" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_22_"
+   gradientUnits="userSpaceOnUse"
+   x1="147.103"
+   y1="25.521"
+   x2="156.3141"
+   y2="65.2162">
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3337" />
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3339" />
+	<stop
+   offset="0.18"
+   style="stop-color:#E46342"
+   id="stop3341" />
+	<stop
+   offset="0.4"
+   style="stop-color:#C82410"
+   id="stop3343" />
+	<stop
+   offset="0.99"
+   style="stop-color:#A80D00"
+   id="stop3345" />
+	<stop
+   offset="1"
+   style="stop-color:#A80D00"
+   id="stop3347" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_23_"
+   gradientUnits="userSpaceOnUse"
+   x1="118.9761"
+   y1="11.5415"
+   x2="158.6686"
+   y2="-8.3048">
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3352" />
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3354" />
+	<stop
+   offset="0.54"
+   style="stop-color:#C81F11"
+   id="stop3356" />
+	<stop
+   offset="0.99"
+   style="stop-color:#BF0905"
+   id="stop3358" />
+	<stop
+   offset="1"
+   style="stop-color:#BF0905"
+   id="stop3360" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_24_"
+   gradientUnits="userSpaceOnUse"
+   x1="3.9033"
+   y1="113.5547"
+   x2="7.1702"
+   y2="146.2628">
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3365" />
+	<stop
+   offset="0"
+   style="stop-color:#FFFFFF"
+   id="stop3367" />
+	<stop
+   offset="0.31"
+   style="stop-color:#DE4024"
+   id="stop3369" />
+	<stop
+   offset="0.99"
+   style="stop-color:#BF190B"
+   id="stop3371" />
+	<stop
+   offset="1"
+   style="stop-color:#BF190B"
+   id="stop3373" />
+</linearGradient>
+
+
+<linearGradient
+   id="XMLID_25_"
+   gradientUnits="userSpaceOnUse"
+   x1="-18.5557"
+   y1="155.1045"
+   x2="135.0152"
+   y2="-2.8093">
+	<stop
+   offset="0"
+   style="stop-color:#BD0012"
+   id="stop3380" />
+	<stop
+   offset="0"
+   style="stop-color:#BD0012"
+   id="stop3382" />
+	<stop
+   offset="0.07"
+   style="stop-color:#FFFFFF"
+   id="stop3384" />
+	<stop
+   offset="0.17"
+   style="stop-color:#FFFFFF"
+   id="stop3386" />
+	<stop
+   offset="0.27"
+   style="stop-color:#C82F1C"
+   id="stop3388" />
+	<stop
+   offset="0.33"
+   style="stop-color:#820C01"
+   id="stop3390" />
+	<stop
+   offset="0.46"
+   style="stop-color:#A31601"
+   id="stop3392" />
+	<stop
+   offset="0.72"
+   style="stop-color:#B31301"
+   id="stop3394" />
+	<stop
+   offset="0.99"
+   style="stop-color:#E82609"
+   id="stop3396" />
+	<stop
+   offset="1"
+   style="stop-color:#E82609"
+   id="stop3398" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_26_"
+   gradientUnits="userSpaceOnUse"
+   x1="99.0747"
+   y1="171.0332"
+   x2="52.8177"
+   y2="159.6166">
+	<stop
+   offset="0"
+   style="stop-color:#8C0C01"
+   id="stop3403" />
+	<stop
+   offset="0"
+   style="stop-color:#8C0C01"
+   id="stop3405" />
+	<stop
+   offset="0.54"
+   style="stop-color:#990C00"
+   id="stop3407" />
+	<stop
+   offset="0.99"
+   style="stop-color:#A80D0E"
+   id="stop3409" />
+	<stop
+   offset="1"
+   style="stop-color:#A80D0E"
+   id="stop3411" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_27_"
+   gradientUnits="userSpaceOnUse"
+   x1="178.5259"
+   y1="115.5146"
+   x2="137.4327"
+   y2="78.684">
+	<stop
+   offset="0"
+   style="stop-color:#7E110B"
+   id="stop3416" />
+	<stop
+   offset="0"
+   style="stop-color:#7E110B"
+   id="stop3418" />
+	<stop
+   offset="0.99"
+   style="stop-color:#9E0C00"
+   id="stop3420" />
+	<stop
+   offset="1"
+   style="stop-color:#9E0C00"
+   id="stop3422" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_28_"
+   gradientUnits="userSpaceOnUse"
+   x1="193.6235"
+   y1="47.937"
+   x2="173.1542"
+   y2="26.0538">
+	<stop
+   offset="0"
+   style="stop-color:#79130D"
+   id="stop3427" />
+	<stop
+   offset="0"
+   style="stop-color:#79130D"
+   id="stop3429" />
+	<stop
+   offset="0.99"
+   style="stop-color:#9E120B"
+   id="stop3431" />
+	<stop
+   offset="1"
+   style="stop-color:#9E120B"
+   id="stop3433" />
+</linearGradient>
+
+
+<radialGradient
+   id="XMLID_29_"
+   cx="143.8315"
+   cy="79.3882"
+   r="50.3576"
+   gradientUnits="userSpaceOnUse">
+	<stop
+   offset="0"
+   style="stop-color:#A80D00"
+   id="stop3440" />
+	<stop
+   offset="0"
+   style="stop-color:#A80D00"
+   id="stop3442" />
+	<stop
+   offset="0.99"
+   style="stop-color:#7E0E08"
+   id="stop3444" />
+	<stop
+   offset="1"
+   style="stop-color:#7E0E08"
+   id="stop3446" />
+</radialGradient>
+
+<radialGradient
+   id="XMLID_30_"
+   cx="74.0923"
+   cy="145.751"
+   r="66.9437"
+   gradientUnits="userSpaceOnUse">
+	<stop
+   offset="0"
+   style="stop-color:#A30C00"
+   id="stop3451" />
+	<stop
+   offset="0"
+   style="stop-color:#A30C00"
+   id="stop3453" />
+	<stop
+   offset="0.99"
+   style="stop-color:#800E08"
+   id="stop3455" />
+	<stop
+   offset="1"
+   style="stop-color:#800E08"
+   id="stop3457" />
+</radialGradient>
+
+<linearGradient
+   id="XMLID_31_"
+   gradientUnits="userSpaceOnUse"
+   x1="26.6699"
+   y1="197.3359"
+   x2="9.9887"
+   y2="140.742">
+	<stop
+   offset="0"
+   style="stop-color:#8B2114"
+   id="stop3462" />
+	<stop
+   offset="0"
+   style="stop-color:#8B2114"
+   id="stop3464" />
+	<stop
+   offset="0.43"
+   style="stop-color:#9E100A"
+   id="stop3466" />
+	<stop
+   offset="0.99"
+   style="stop-color:#B3100C"
+   id="stop3468" />
+	<stop
+   offset="1"
+   style="stop-color:#B3100C"
+   id="stop3470" />
+</linearGradient>
+
+<linearGradient
+   id="XMLID_32_"
+   gradientUnits="userSpaceOnUse"
+   x1="154.6411"
+   y1="9.7979"
+   x2="192.039"
+   y2="26.3059">
+	<stop
+   offset="0"
+   style="stop-color:#B31000"
+   id="stop3475" />
+	<stop
+   offset="0"
+   style="stop-color:#B31000"
+   id="stop3477" />
+	<stop
+   offset="0.44"
+   style="stop-color:#910F08"
+   id="stop3479" />
+	<stop
+   offset="0.99"
+   style="stop-color:#791C12"
+   id="stop3481" />
+	<stop
+   offset="1"
+   style="stop-color:#791C12"
+   id="stop3483" />
+</linearGradient>
+
+<polygon
+   style="fill:url(#linearGradient3448);fill-rule:evenodd"
+   clip-rule="evenodd"
+   points="153.5,130.41 40.38,197.58 186.849,187.641 198.13,39.95 "
+   id="polygon3282" /><polygon
+   style="fill:url(#XMLID_18_-7);fill-rule:evenodd"
+   clip-rule="evenodd"
+   points="187.089,187.54 174.5,100.65 140.209,145.93 "
+   id="polygon3293" /><polygon
+   style="fill:url(#XMLID_19_-4);fill-rule:evenodd"
+   clip-rule="evenodd"
+   points="187.259,187.54 95.03,180.3 40.87,197.391 "
+   id="polygon3304" /><polygon
+   style="fill:url(#XMLID_20_-9);fill-rule:evenodd"
+   clip-rule="evenodd"
+   points="41,197.41 64.04,121.93 13.34,132.771 "
+   id="polygon3319" /><polygon
+   style="fill:url(#XMLID_21_-3);fill-rule:evenodd"
+   clip-rule="evenodd"
+   points="140.2,146.18 119,63.14 58.33,120.01 "
+   id="polygon3334" /><polygon
+   style="fill:url(#XMLID_22_-7);fill-rule:evenodd"
+   clip-rule="evenodd"
+   points="193.32,64.31 135.97,17.47 120,69.1 "
+   id="polygon3349" /><polygon
+   style="fill:url(#XMLID_23_-9);fill-rule:evenodd"
+   clip-rule="evenodd"
+   points="166.5,0.77 132.77,19.41 111.49,0.52 "
+   id="polygon3362" /><polygon
+   style="fill:url(#XMLID_24_-3);fill-rule:evenodd"
+   clip-rule="evenodd"
+   points="0,158.09 14.13,132.32 2.7,101.62 "
+   id="polygon3375" /><path
+   style="fill:#ffffff;fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 1.94,100.65 11.5,32.62 49.97,-11.211 57.05,-53.02 L 136.56,17.9 111.209,0 68.109,16.13 C 54.53,28.76 28.18,53.75 27.23,54.22 26.29,54.7 9.83,85.81 1.94,100.65 z"
+   id="path3377" /><path
+   style="fill:url(#XMLID_25_-9);fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 42.32,42.05 c 29.43,-29.18 67.37,-46.42 81.93,-31.73 14.551,14.69 -0.88,50.39 -30.31,79.56 -29.43,29.17 -66.9,47.36 -81.45,32.67 -14.56,-14.68 0.4,-51.33 29.83,-80.5 z"
+   id="path3400" /><path
+   style="fill:url(#XMLID_26_-2);fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 41,197.38 22.86,-75.72 75.92,24.39 C 112.33,171.79 81.8,193.55 41,197.38 z"
+   id="path3413" /><path
+   style="fill:url(#XMLID_27_-1);fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 120.56,68.89 19.49,77.2 C 162.98,121.98 183.56,96.06 193.639,64 l -73.079,4.89 z"
+   id="path3424" /><path
+   style="fill:url(#XMLID_28_-1);fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 193.44,64.39 c 7.8,-23.54 9.6,-57.31 -27.181,-63.58 l -30.18,16.67 57.361,46.91 z"
+   id="path3435" /><path
+   style="fill:#9e1209;fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 0,157.75 c 1.08,38.851 29.11,39.43 41.05,39.771 L 13.47,133.11 0,157.75 z"
+   id="path3437" /><path
+   style="fill:url(#XMLID_29_-4);fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 120.669,69.01 c 17.62,10.83 53.131,32.58 53.851,32.98 1.119,0.63 15.31,-23.93 18.53,-37.81 l -72.381,4.83 z"
+   id="path3448" /><path
+   style="fill:url(#XMLID_30_-6);fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 63.83,121.66 30.56,58.96 c 18.07,-9.8 32.22,-21.74 45.18,-34.53 L 63.83,121.66 z"
+   id="path3459" /><path
+   style="fill:url(#XMLID_31_-6);fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 13.35,133.19 -4.33,51.56 c 8.17,11.16 19.41,12.13 31.2,11.26 -8.53,-21.23 -25.57,-63.68 -26.87,-62.82 z"
+   id="path3472" /><path
+   style="fill:url(#XMLID_32_-0);fill-rule:evenodd"
+   inkscape:connector-curvature="0"
+   clip-rule="evenodd"
+   d="m 135.9,17.61 60.71,8.52 C 193.37,12.4 183.42,3.54 166.46,0.77 L 135.9,17.61 z"
+   id="path3485" /></svg>
\ No newline at end of file
diff --git a/apps/docs/static/img/recipes/zerops/rust.svg b/apps/docs/static/img/recipes/zerops/rust.svg
new file mode 100644
index 000000000..aa49a54ac
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/rust.svg
@@ -0,0 +1,4 @@
+<svg id="Layer_1" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 116 116">
+<defs>
+</defs>
+<g class="recipe-logo" id="logo"><path  id="r" d="M48.58 41.94h14.4c8.86 0 8.86 8.86 0 8.86h-14.4v-8.86ZM14.24 82.93h44.31V70.74h-9.97v-8.86h11.08c12.19 0 5.54 21.05 15.51 21.05h27.7V61.88h-6.65v2.22c0 8.86-9.97 7.75-11.08 2.22s-5.54-9.97-6.65-9.97c16.62-8.86 6.65-26.59-6.65-26.59H19.78v12.19h11.08v28.8H14.24v12.19Z" style="stroke-linejoin:round"/><g id="gear"><circle cx="58" cy="58" r="47.64" style="fill:none;stroke-width:9px;"/><g id="cogs"><path id="cog" class="cls-2" d="M108.96 61.32 114.5 58l-5.54-3.32v6.64z"/><path id="cog-2" data-name="cog" class="cls-3" d="m107.33 71.2 6.08-2.18-4.78-4.34-1.3 6.52z"/><path id="cog-3" data-name="cog" class="cls-4" d="m103.81 80.57 6.39-.95-3.85-5.19-2.54 6.14z"/><path id="cog-4" data-name="cog" class="cls-7" d="m98.53 89.08 6.45.31-2.76-5.84-3.69 5.53z"/><path id="cog-5" data-name="cog" class="cls-6" d="m91.68 96.38 6.27 1.57-1.57-6.27-4.7 4.7z"/><path id="cog-6" data-name="cog" class="cls-7" d="m83.55 102.22 5.84 2.76-.31-6.45-5.53 3.69z"/><path id="cog-7" data-name="cog" class="cls-5" d="m74.43 106.35 5.19 3.85.95-6.39-6.14 2.54z"/><path id="cog-8" data-name="cog" class="cls-3" d="m64.68 108.63 4.34 4.78 2.18-6.08-6.52 1.3z"/><path id="cog-9" data-name="cog" class="cls-2" d="M54.68 108.96 58 114.5l3.32-5.54h-6.64z"/><path id="cog-10" data-name="cog" class="cls-3" d="m44.8 107.33 2.18 6.08 4.34-4.78-6.52-1.3z"/><path id="cog-11" data-name="cog" class="cls-5" d="m35.43 103.81.95 6.39 5.19-3.85-6.14-2.54z"/><path id="cog-12" data-name="cog" class="cls-7" d="m26.92 98.53-.31 6.45 5.84-2.76-5.53-3.69z"/><path id="cog-13" data-name="cog" class="cls-6" d="m19.62 91.68-1.57 6.27 6.27-1.57-4.7-4.7z"/><path id="cog-14" data-name="cog" class="cls-7" d="m13.78 83.55-2.76 5.84 6.45-.31-3.69-5.53z"/><path id="cog-15" data-name="cog" class="cls-4" d="M9.65 74.43 5.8 79.62l6.39.95-2.54-6.14z"/><path id="cog-16" data-name="cog" class="cls-3" d="m7.37 64.68-4.78 4.34 6.08 2.18-1.3-6.52z"/><path id="cog-17" data-name="cog" class="cls-2" d="M7.04 54.68 1.5 58l5.54 3.32v-6.64z"/><path id="cog-18" data-name="cog" class="cls-3" d="m8.67 44.8-6.08 2.18 4.78 4.34 1.3-6.52z"/><path id="cog-19" data-name="cog" class="cls-4" d="m12.19 35.43-6.39.95 3.85 5.19 2.54-6.14z"/><path id="cog-20" data-name="cog" class="cls-7" d="m17.47 26.92-6.45-.31 2.76 5.84 3.69-5.53z"/><path id="cog-21" data-name="cog" class="cls-6" d="m24.32 19.62-6.27-1.57 1.57 6.27 4.7-4.7z"/><path id="cog-22" data-name="cog" class="cls-7" d="m32.45 13.78-5.84-2.76.31 6.45 5.53-3.69z"/><path id="cog-23" data-name="cog" class="cls-5" d="M41.57 9.65 36.38 5.8l-.95 6.39 6.14-2.54z"/><path id="cog-24" data-name="cog" class="cls-3" d="m51.32 7.37-4.34-4.78-2.18 6.08 6.52-1.3z"/><path id="cog-25" data-name="cog" class="cls-2" d="M61.32 7.04 58 1.5l-3.32 5.54h6.64z"/><path id="cog-26" data-name="cog" class="cls-3" d="m71.2 8.67-2.18-6.08-4.34 4.78 6.52 1.3z"/><path id="cog-27" data-name="cog" class="cls-5" d="m80.57 12.19-.95-6.39-5.19 3.85 6.14 2.54z"/><path id="cog-28" data-name="cog" class="cls-7" d="m89.08 17.47.31-6.45-5.84 2.76 5.53 3.69z"/><path id="cog-29" data-name="cog" class="cls-6" d="m96.38 24.32 1.57-6.27-6.27 1.57 4.7 4.7z"/><path id="cog-30" data-name="cog" class="cls-7" d="m102.22 32.45 2.76-5.84-6.45.31 3.69 5.53z"/><path id="cog-31" data-name="cog" class="cls-4" d="m106.35 41.57 3.85-5.19-6.39-.95 2.54 6.14z"/><path id="cog-32" data-name="cog" class="cls-3" d="m108.63 51.32 4.78-4.34-6.08-2.18 1.3 6.52z"/></g><g id="mounts"><path id="mount" style="stroke-width:6px;stroke-linejoin:round" d="M50.25 11.47 58 19.23l7.75-7.76h-15.5z"/><path id="mount-2" data-name="mount" class="cls-10" d="m99.86 36.25-4.98 9.77 9.77 4.98-4.79-14.75z"/><path id="mount-3" data-name="mount" class="cls-8" d="m91.62 91.08-10.83-1.71-1.71 10.83 12.54-9.12z"/><path id="mount-4" data-name="mount" class="cls-8" d="m36.92 100.2-1.71-10.83-10.83 1.71 12.54 9.12z"/><path id="mount-5" data-name="mount" class="cls-10" d="m11.35 51 9.77-4.98-4.98-9.77L11.35 51z"/></g></g></g></svg>
diff --git a/apps/docs/static/img/recipes/zerops/solid.svg b/apps/docs/static/img/recipes/zerops/solid.svg
new file mode 100644
index 000000000..e233e84c7
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/solid.svg
@@ -0,0 +1 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 166 155.3"><defs><linearGradient id="a" x1="27.5" x2="152" y1="3" y2="63.5" gradientUnits="userSpaceOnUse"><stop offset=".1" stop-color="#76b3e1"/><stop offset=".3" stop-color="#dcf2fd"/><stop offset="1" stop-color="#76b3e1"/></linearGradient><linearGradient id="b" x1="95.8" x2="74" y1="32.6" y2="105.2" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#76b3e1"/><stop offset=".5" stop-color="#4377bb"/><stop offset="1" stop-color="#1f3b77"/></linearGradient><linearGradient id="c" x1="18.4" x2="144.3" y1="64.2" y2="149.8" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#315aa9"/><stop offset=".5" stop-color="#518ac8"/><stop offset="1" stop-color="#315aa9"/></linearGradient><linearGradient id="d" x1="75.2" x2="24.4" y1="74.5" y2="260.8" gradientUnits="userSpaceOnUse"><stop offset="0" stop-color="#4377bb"/><stop offset=".5" stop-color="#1a336b"/><stop offset="1" stop-color="#1a336b"/></linearGradient></defs><path fill="#76b3e1" d="M163 35S110-4 69 5l-3 1c-6 2-11 5-14 9l-2 3-15 26 26 5c11 7 25 10 38 7l46 9 18-30z"/><path fill="url(#a)" d="M163 35S110-4 69 5l-3 1c-6 2-11 5-14 9l-2 3-15 26 26 5c11 7 25 10 38 7l46 9 18-30z" opacity=".3"/><path fill="#518ac8" d="m52 35-4 1c-17 5-22 21-13 35 10 13 31 20 48 15l62-21S92 26 52 35z"/><path fill="url(#b)" d="m52 35-4 1c-17 5-22 21-13 35 10 13 31 20 48 15l62-21S92 26 52 35z" opacity=".3"/><path fill="url(#c)" d="M134 80a45 45 0 0 0-48-15L24 85 4 120l112 19 20-36c4-7 3-15-2-23z"/><path fill="url(#d)" d="M114 115a45 45 0 0 0-48-15L4 120s53 40 94 30l3-1c17-5 23-21 13-34z"/></svg>
diff --git a/apps/docs/static/img/recipes/zerops/svelte.svg b/apps/docs/static/img/recipes/zerops/svelte.svg
new file mode 100644
index 000000000..4bf279659
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/svelte.svg
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 23.0.2, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 viewBox="0 0 98.1 118" style="enable-background:new 0 0 98.1 118;" xml:space="preserve">
+<style type="text/css">
+	.st0{fill:#FF3E00;}
+	.st1{fill:#FFFFFF;}
+</style>
+<path class="st0" d="M91.8,15.6C80.9-0.1,59.2-4.7,43.6,5.2L16.1,22.8C8.6,27.5,3.4,35.2,1.9,43.9c-1.3,7.3-0.2,14.8,3.3,21.3
+	c-2.4,3.6-4,7.6-4.7,11.8c-1.6,8.9,0.5,18.1,5.7,25.4c11,15.7,32.6,20.3,48.2,10.4l27.5-17.5c7.5-4.7,12.7-12.4,14.2-21.1
+	c1.3-7.3,0.2-14.8-3.3-21.3c2.4-3.6,4-7.6,4.7-11.8C99.2,32.1,97.1,22.9,91.8,15.6"/>
+<path class="st1" d="M40.9,103.9c-8.9,2.3-18.2-1.2-23.4-8.7c-3.2-4.4-4.4-9.9-3.5-15.3c0.2-0.9,0.4-1.7,0.6-2.6l0.5-1.6l1.4,1
+	c3.3,2.4,6.9,4.2,10.8,5.4l1,0.3l-0.1,1c-0.1,1.4,0.3,2.9,1.1,4.1c1.6,2.3,4.4,3.4,7.1,2.7c0.6-0.2,1.2-0.4,1.7-0.7L65.5,72
+	c1.4-0.9,2.3-2.2,2.6-3.8c0.3-1.6-0.1-3.3-1-4.6c-1.6-2.3-4.4-3.3-7.1-2.6c-0.6,0.2-1.2,0.4-1.7,0.7l-10.5,6.7
+	c-1.7,1.1-3.6,1.9-5.6,2.4c-8.9,2.3-18.2-1.2-23.4-8.7c-3.1-4.4-4.4-9.9-3.4-15.3c0.9-5.2,4.1-9.9,8.6-12.7l27.5-17.5
+	c1.7-1.1,3.6-1.9,5.6-2.5c8.9-2.3,18.2,1.2,23.4,8.7c3.2,4.4,4.4,9.9,3.5,15.3c-0.2,0.9-0.4,1.7-0.7,2.6l-0.5,1.6l-1.4-1
+	c-3.3-2.4-6.9-4.2-10.8-5.4l-1-0.3l0.1-1c0.1-1.4-0.3-2.9-1.1-4.1c-1.6-2.3-4.4-3.3-7.1-2.6c-0.6,0.2-1.2,0.4-1.7,0.7L32.4,46.1
+	c-1.4,0.9-2.3,2.2-2.6,3.8s0.1,3.3,1,4.6c1.6,2.3,4.4,3.3,7.1,2.6c0.6-0.2,1.2-0.4,1.7-0.7l10.5-6.7c1.7-1.1,3.6-1.9,5.6-2.5
+	c8.9-2.3,18.2,1.2,23.4,8.7c3.2,4.4,4.4,9.9,3.5,15.3c-0.9,5.2-4.1,9.9-8.6,12.7l-27.5,17.5C44.8,102.5,42.9,103.3,40.9,103.9"/>
+</svg>
diff --git a/apps/docs/static/img/recipes/zerops/vue.svg b/apps/docs/static/img/recipes/zerops/vue.svg
new file mode 100644
index 000000000..a1d285eb2
--- /dev/null
+++ b/apps/docs/static/img/recipes/zerops/vue.svg
@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg version="1.1" viewBox="0 0 261.76 226.69" xmlns="http://www.w3.org/2000/svg"><g transform="matrix(1.3333 0 0 -1.3333 -76.311 313.34)"><g transform="translate(178.06 235.01)"><path d="m0 0-22.669-39.264-22.669 39.264h-75.491l98.16-170.02 98.16 170.02z" fill="#41b883"/></g><g transform="translate(178.06 235.01)"><path d="m0 0-22.669-39.264-22.669 39.264h-36.227l58.896-102.01 58.896 102.01z" fill="#34495e"/></g></g></svg>
diff --git a/apps/docs/static/img/zcp/quickstart-cloud-ide-claude-code.jpg b/apps/docs/static/img/zcp/quickstart-cloud-ide-claude-code.jpg
new file mode 100644
index 000000000..038b66f7d
Binary files /dev/null and b/apps/docs/static/img/zcp/quickstart-cloud-ide-claude-code.jpg differ
diff --git a/apps/docs/static/img/zcp/quickstart-laravel-ai-agent-recipe.png b/apps/docs/static/img/zcp/quickstart-laravel-ai-agent-recipe.png
new file mode 100644
index 000000000..df9e15849
Binary files /dev/null and b/apps/docs/static/img/zcp/quickstart-laravel-ai-agent-recipe.png differ
diff --git a/apps/docs/static/img/zcp/quickstart-zcp-service-ready.png b/apps/docs/static/img/zcp/quickstart-zcp-service-ready.png
new file mode 100644
index 000000000..e3c641382
Binary files /dev/null and b/apps/docs/static/img/zcp/quickstart-zcp-service-ready.png differ
diff --git a/apps/docs/static/img/zcp/remote-setup-claude-code.jpg b/apps/docs/static/img/zcp/remote-setup-claude-code.jpg
new file mode 100644
index 000000000..3b6adf75f
Binary files /dev/null and b/apps/docs/static/img/zcp/remote-setup-claude-code.jpg differ
diff --git a/apps/docs/static/llms-full.txt b/apps/docs/static/llms-full.txt
index 5bebd6c4a..5bb32a4af 100644
--- a/apps/docs/static/llms-full.txt
+++ b/apps/docs/static/llms-full.txt
@@ -2,9 +2,13 @@
 
 # Alpine > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Alpine application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -13,45 +17,58 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: alpine@3.20
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
         - sudo apk add --no-cache something
         - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
-        - 
+        - <your build commands>
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: app
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: some_file
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: alpine@3.20
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Alpine environment by installing additional
       # dependencies to the base Alpine runtime environment.
       prepareCommands:
         - sudo apk add --no-cache something
         - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Alpine application is started.
       initCommands:
        - rm -rf ./cache
+
       # OPTIONAL. Your Alpine application start command
       start: ./app
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -62,6 +79,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -71,11 +89,25 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Alpine builds:
+
+- `alpine@3.23`, `alpine@latest`
+- `alpine@3.22`
+- `alpine@3.21`
+- `alpine@3.20`
+- `alpine@3.19`
+- `alpine@3.18`
+- `alpine@3.17`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -86,11 +118,17 @@ zerops:
       base: alpine@3.20
       ...
 ```
-  The base build environment contains {data.alpine.default}, Zerops command line tool, `git` and `wget`.
+
+<p>
+  The base build environment contains {data.alpine.default}, [Zerops command line tool](/references/cli), `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -104,18 +142,27 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - [Zerops command line tool](/references/cli)
 - `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -124,6 +171,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: alpine@3.20
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -131,20 +179,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/alpine/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -153,93 +212,136 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: alpine@3.20
+
       # OPTIONAL. Build your application
       buildCommands:
-        - 
+        - <your build commands>
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 For detailed information about build commands, refer to the documentation for your specific technology (e.g., [Node.js](/nodejs/how-to/build-pipeline), [Go](/go/how-to/build-pipeline), [Python](/python/how-to/build-pipeline), etc.).
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     cd src
     ./build.sh
 ```
+
 #### Run build commands as separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - cd src
   - ./build.sh
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/alpine/how-to/logs#build-log) to troubleshoot the error.
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -251,22 +353,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -275,6 +388,7 @@ zerops:
     build:
       base: alpine@3.20
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         MODE: production
@@ -283,12 +397,26 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/alpine/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Alpine version for your runtime.
+
 Following options are available for Alpine builds:
+
+- `alpine@3.23`, `alpine@latest`
+- `alpine@3.22`
+- `alpine@3.21`
+- `alpine@3.20`
+- `alpine@3.19`
+- `alpine@3.18`
+- `alpine@3.17`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -298,17 +426,24 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: alpine@3.20
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: alpine@3.20
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, Zerops command line tool, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -318,6 +453,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: alpine@3.20
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -327,29 +463,52 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to an Alpine service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access an Alpine service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Alpine runtime environment by installing additional dependencies or tools to the runtime base environment.
-  The base Alpine environment contains {data.alpine.default}, Zerops command line tool and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+
+<p>
+  The base Alpine environment contains {data.alpine.default}, [Zerops command line tool](/references/cli) and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -357,6 +516,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -366,26 +526,44 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/alpine/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
-  The prepare runtime container contains {data.alpine.default}, Zerops command line tool and `git` and `wget`.
+
+<p>
+  The prepare runtime container contains {data.alpine.default}, [Zerops command line tool](/references/cli) and `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -394,6 +572,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -403,15 +582,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -420,22 +604,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Alpine application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/alpine/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/alpine/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -450,56 +647,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/alpine/how-to/env-variables) in Zerops.
+
 ### start
+
 _OPTIONAL._ Defines the start command for your Alpine application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Your Alpine application start command
       start: ./app
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Your Alpine application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -507,30 +730,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Alpine application.
+
+        The command has access to the same [environment variables](/alpine/how-to/create#set-secret-environment-variables) as your Alpine application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Alpine application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -539,13 +779,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -554,40 +799,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/alpine/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -596,30 +863,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/alpine/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Alpine application.
+
+        The command has access to the same [environment variables](/alpine/how-to/create#set-secret-environment-variables) as your Alpine application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -631,80 +916,123 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/alpine/how-to/deploy-process#readiness-checks) in Zerops.
 
 ----------------------------------------
 
 # Alpine > How To > Build Process
 
-  
+
 ## Build process overview
+
 Zerops starts a temporary build container and performs the following actions:
+
 1. **Installs the build environment** - Sets up base system and  runtime
 2. **Downloads your application source code** - From [GitHub ↗](https://www.github.com), [GitLab ↗](https://www.gitlab.com) or via [Zerops CLI](/references/cli)
 3. **Optionally customizes the build environment** - Runs prepare commands if configured
 4. **Runs the build commands** - Executes your build process
 5. **Uploads the application artifact** - Stores build output to internal Zerops storage
 6. **Caches selected files** - Preserves specified files for faster future builds
+
 The build container is automatically deleted after the build has finished or failed.
+
 ## Build configuration
-Configure your  build process in your `zerops.yaml` file according to the full build & deploy  pipeline guide.
+
+Configure your  build process in your `zerops.yaml` file according to the  pipeline guide</VarLink>.
+
 ## Build environment
+
 ### Default  build environment
+
 The default  build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - [zCLI](/references/cli), Zerops command line tool
-- 
+-
+
 ### Customize build environment
-To install additional packages or tools, add one or more build.prepareCommands to your `zerops.yaml`.
+
+To install additional packages or tools, add one or more  to your `zerops.yaml`.
+
 :::info
 The application code is available in the `/build/source` folder in your build container before the prepare commands are triggered. This allows you to use any file from your application code in your prepare commands (e.g. a configuration file).
 :::
+
 ### Build hardware resources
+
 All runtime services use the same hardware resources for build containers:
-  
-      HW resource
-      Minimum
-      Maximum
-    
-      CPU cores
-      1
-      5
-    
-      RAM
-      8 GB
-      8 GB
-    
-      Disk
-      1 GB
-      100 GB
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>HW resource</strong></th>
+      <th className="w-fit"><strong>Minimum</strong></th>
+      <th className="w-fit"><strong>Maximum</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">CPU cores</td>
+      <td className="w-fit">1</td>
+      <td className="w-fit">5</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">RAM</td>
+      <td className="w-fit">8 GB</td>
+      <td className="w-fit">8 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Disk</td>
+      <td className="w-fit">1 GB</td>
+      <td className="w-fit">100 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 Build containers start with minimum resources and scale vertically up to maximum capacity as needed.
+
 ### Build time limit
+
 The time limit for the whole build pipeline is **1 hour**. After 1 hour, Zerops will terminate the build pipeline and delete the build container.
+
 :::info
 Build container resources are not charged separately. Limited build time is included in your [project core plan](/company/pricing#project-core-plans), with additional build time available if needed.
 :::
+
 ## Troubleshooting  builds
+
 :::tip Advanced troubleshooting
 For complex build issues that require investigation, you can enable [debug mode](/features/debug-mode) to pause the build process at specific points and inspect the build container state interactively.
 :::
+
 ### Build and prepare command failures
-If any build command or prepare command fails (returns non-zero exit code), the build is canceled. Check the build log to troubleshoot the error.
+
+If any  or  fails (returns non-zero exit code), the build is canceled. Check the  to troubleshoot the error.
+
 ### Build cache issues
+
 If you encounter unexpected build behavior or dependency issues, the problem might be related to cached build data. While Zerops maintains the build cache to speed up deployments, sometimes you may need to start fresh.
+
 To invalidate the build cache:
+
 1. Go to your service detail in Zerops GUI
 2. Choose **Pipelines & CI/CD Settings** from the left menu
 3. Click on the **Invalidate build cache** button
+
 This will force Zerops to run the next build clean, including all prepare commands.
+
 Learn more about [build cache behavior](/features/build-cache).
+
 ## More resources
+
 For more details about the build and deploy pipeline, including how to cancel builds and manage application versions, see the [general pipeline documentation](/features/pipeline).
+
 ## Next steps
-- Understand the deployment process
-- Learn how to customize the runtime environment
-- Explore build and runtime logs
+
+- Understand the
+- Learn how to
+- Explore
 
 ----------------------------------------
 
@@ -716,35 +1044,60 @@ For more details about the build and deploy pipeline, including how to cancel bu
 
 # Alpine > How To > Create
 
+
 Zerops provides a Alpine runtime service with extensive build support. Alpine runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Alpine service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Alpine service:
+
+[Video: /vids/services/golang.webm](/vids/services/golang.webm)
+
 ### Choose Alpine version
+
 Following Alpine versions are currently supported:
+
 :::info
 You can [change](/alpine/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/alpine/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Alpine service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Alpine service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/alpine/how-to/create#create-a-project-description-file)
 3. [Create a project with a Alpine and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -765,13 +1118,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Alpine service with default [auto scaling](/alpine/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/alpine/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -816,98 +1174,143 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain an Alpine service and a [PostgreSQL](/postgresql/overview) service.
+
 Alpine service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Alpine service will run with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Alpine service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/alpine/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/alpine/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/alpine/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/alpine/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Alpine service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -928,65 +1331,90 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Alpine service version 1 with default [auto scaling](/alpine/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Alpine > How To > Customize Runtime
 
-System packages: Install any packages you need via apk, such as imagemagick, ffmpeg, or chromium',
-  'Specific language versions: Install versions of Go, Node.js, PHP, Python, or other runtimes that are not available as dedicated Zerops services (e.g., older or cutting-edge versions)',
-  'Custom binaries: Add compiled binaries or tools not available in the default repositories',
-  'Development tools: Include debugging tools, profilers, or other utilities',
-  'Specific libraries: Install dependencies required by your application'
-]} />
+
 ## Build Custom Runtime Images
+
 Zerops allows you to build custom runtime images (CRI) when the default base runtime images don't meet your application's requirements. This is an optional phase in the [build and deploy pipeline](/features/pipeline#runtime-prepare-phase-optional).
+
 Alpine is a versatile base for running anything not explicitly offered as a dedicated Zerops runtime. You can install any packages and tools you need, treating it as a clean OS to customize however you want.
+
 It is also a great option when you need a specific version of a technology (like Go, Node.js, or PHP) that Zerops doesn't support by default—whether it's an older version for legacy projects or a newer release not yet available.
+
 ## Configuration
+
 ### Default  Runtime Environment
+
 The default  runtime environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - [zCLI](/references/cli)
-- 
+-
+
 ### When You Need a Custom Runtime Image
+
 Since Alpine serves as a general-purpose base, you'll likely want to customize it for your specific use case. Common scenarios include:
+
 :::important
 You should not include your application code in the custom runtime image, as your built/packaged code is deployed automatically into fresh containers.
 :::
+
 Here are examples of configuring custom runtime images in your `zerops.yml`:
+
 ### Basic  Setup
+
 ### Using Build Files in Runtime Preparation
+
 For complete configuration details, see the [runtime prepare phase configuration guide](/features/pipeline#configuration).
+
 ## Process and Caching
+
 ### How Runtime Prepare Works
 The runtime prepare process follows the same steps for all runtimes. See [how runtime prepare works](/features/pipeline#how-it-works) for the complete process details.
+
 ### Caching Behavior
 Zerops caches custom runtime images to optimize deployment times. Learn about [custom runtime image caching](/features/pipeline#custom-runtime-image-caching) including when images are cached and reused.
+
 ### Build Management
 For information about managing builds and deployments, see [managing builds and deployments](/features/pipeline#manage-builds-and-deployments).
+
 :::warning
 Shared storage mounts are not available during the runtime prepare phase.
 :::
+
 ## Troubleshooting
-If your `prepareCommands` fail, check the prepare runtime log for specific error messages.
+
+If your `prepareCommands` fail, check the  for specific error messages.
 
 ----------------------------------------
 
@@ -1040,26 +1468,54 @@ If your `prepareCommands` fail, check the prepare runtime log for specific error
 
 # Alpine > Overview
 
+
 [Alpine Linux ↗](https://alpinelinux.org/) is a lightweight, security-oriented Linux distribution based on musl libc and busybox, known for its small footprint and efficiency.
+
 Alpine services in Zerops provide a minimal base environment for running applications built with technologies that aren't officially supported by Zerops, or for custom setups requiring full control over the runtime environment while keeping resource usage low.
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## Feature Highlights
+
+- [Create Alpine service](/alpine/how-to/create) — Start with creating an Alpine service using GUI or zCLI.
+- [zerops.yaml](/alpine/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to configure your own app.
+- [Scaling configuration](/alpine/how-to/scaling) — Set up scaling of your Alpine service so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/alpine/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/alpine/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you built something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/alpine/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Bun > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Bun application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -1068,51 +1524,65 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: bun@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - bun i
         - bun run build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: bun@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customise the runtime Bun environment by installing additional
       # dependencies to the base Bun runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Bun application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Bun application start command
       start: bun start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -1123,6 +1593,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -1132,11 +1603,23 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Bun builds:
+
+- `bun@1.3.9`, `bun@1.3`, `bun@latest`
+- `bun@1.2.2`, `bun@1.2`
+- `bun@nightly`
+- `bun@canary`
+- `bun@1.1.34`, `bun@1.1(Ubuntu only)`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1147,14 +1630,20 @@ zerops:
       base: bun@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
   major version of Bun,
-  Zerops command line tool, `npm`,
+  [Zerops command line tool](/references/cli), `npm`,
   `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1168,34 +1657,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](build-pipeline#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Bun defined in the [base](build-pipeline#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1204,6 +1711,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: bun@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -1211,20 +1719,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1233,42 +1752,59 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: bun@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - bun i
         - bun run build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](build-pipeline#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](build-pipeline#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     bun i
     bun run build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - bun i
   - bun run build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - bun i --verbose
   - bun run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -1277,56 +1813,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -1338,22 +1899,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -1362,6 +1934,7 @@ zerops:
     build:
       base: bun@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -1370,12 +1943,24 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Bun version for your runtime.
+
 Following options are available for Bun runtimes:
+
+- `bun@1.3.9`, `bun@1.3`, `bun@latest`
+- `bun@1.2.2`, `bun@1.2`
+- `bun@nightly`
+- `bun@canary`
+- `bun@1.1.34`, `bun@1.1(Ubuntu only)`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1385,18 +1970,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: bun@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: bun@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Bun, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1406,6 +1998,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: bun@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -1415,36 +2008,58 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Bun service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Bun service](/features/access).
+
 Each port has following attributes:
+
 | parameter   | description                                                                                                                                                                                                                                                                                                            |
 | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | port        | Defines the port number. You can set any port number between _10_ and _65435_. Ports outside this interval are reserved for internal Zerops systems.                                                                                                                                                                   |
 | protocol    | **Optional.** Defines the protocol. Allowed values are `TCP` or `UDP`. Default value is `TCP`.                                                                                                                                                                                                                         |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Bun runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Bun environment contains {data.alpine.default} the selected
-  major version of Bun, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Bun, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1452,6 +2067,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -1461,27 +2077,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](build-pipeline#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the custom runtime cache go to `yyy`
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
-  The prepare runtime container contains {data.alpine.default}, the selected major version of Bun, Zerops command line tool and `npm`,
+
+<p>
+  The prepare runtime container contains {data.alpine.default}, the selected major version of Bun, [Zerops command line tool](/references/cli) and `npm`,
   `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1490,6 +2124,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -1499,15 +2134,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -1516,22 +2156,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Bun application is started via the [start command](build-pipeline#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the [horizontal scaling](scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](build-pipeline#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -1546,57 +2199,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Bun application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Bun application start command
       start: bun start
 ```
+
 We recommend starting your Bun application using `bun start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Bun application start command
       start: bun start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -1604,25 +2284,32 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](create#set-secret-environment-variables) as your Bun application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Bun application start command
       start: bun start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -1631,13 +2318,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -1646,14 +2338,23 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
+
 <table className="w-full my-1.5">
   <thead>
     <tr>
@@ -1683,13 +2384,16 @@ If your application requires a https request, set <code>scheme: https</code></td
     </tr>
   </tbody>
 </table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -1698,25 +2402,33 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](create#set-secret-environment-variables) as your Bun application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -1728,8 +2440,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Bun > How To > Build Process
@@ -1746,34 +2460,58 @@ Read more about how the [readiness check works](deploy-process#readiness-checks)
 
 # Bun > How To > Create
 
+
 Zerops provides a powerful Bun runtime service with extensive build support. The Bun runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Bun environment up and running in no time.
+
 ## Create a Bun service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Bun service:
+
+[Video: /vids/services/bun.webm](/vids/services/bun.webm)
+
 ### Choose a Bun version
+
 Zerops supports the following Bun versions:
+
 :::info
 You can easily [upgrade](upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](env-variables#service-env-variables) in Zerops.
+
 ## Create a Bun service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Bun service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](create#create-a-project-description-file)
 3. [Create a project with a Bun and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -1795,13 +2533,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Bun service with default [auto scaling](scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -1846,102 +2589,170 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Bun service and a [PostgreSQL](/postgresql/overview) service.
+
 Bun service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](build-pipeline#ports). Bun service will run with custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
+
 | Parameter       | Description                                                                                                                     | Limitations             |
 | --------------- | ------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
 | **name**        | The name of the new project. Duplicates are allowed.                                                                            |                         |
 | **description** | **Optional.** Description of the new project.                                                                                   | Maximum 255 characters. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Bun and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Bun service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines  custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/bun/how-to/scaling#configure-scaling).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/bun/how-to/scaling#configure-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for  horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/bun/how-to/scaling#configure-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Bun service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -1962,33 +2773,37 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Bun service with default [auto scaling](scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
 ----------------------------------------
 
 # Bun > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'Global Bun tools: When you need CLI tools or utilities available system-wide',
-  'Native dependencies: When your Bun packages require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -2042,78 +2857,140 @@ System packages for processing: When your app processes images, videos, or files
 
 # Bun > Overview
 
+
 [Bun ↗](https:/bun.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-bun), a **_recipe_**, containing the most simple Bun web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Bun app running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Bun app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "bun" recipe on Zerops](https://app.zerops.io/recipe/?lf=bun)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-bun/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-bun
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: bun@1.1
     enableSubdomainAccess: true
     buildFromGit: https://github.com/zeropsio/recipe-bun
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://api-806-3000.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 {"message":"This is a simple, basic Bun application running in Zerops.io,\n          each request adds an entry to the PostgreSQL database and returns a count.\n          See the source repository (https://github.com/zeropsio/recipe-bun) for more information.","newEntry":"dfd1e873-bfc8-4f36-af07-e32561820b93","count":"1"}
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/bun/how-to/create) — Dive in all Zerops has to offer for your Bun application.
+- [Bun recipes](https://github.com/zeropsio?q=Bun&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Bun service](/bun/how-to/create) — Start with creating a Bun service using GUI or zCLI.
+- [Zerops.yaml](/bun/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/bun/how-to/scaling) — Set up scaling of your Bun application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/bun/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/bun/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Clickhouse > Overview
 
+
 Zerops provides a fully managed [ClickHouse](https://clickhouse.com/) columnar database optimized for blazing-fast analytical queries on massive datasets, making it ideal for data warehousing and real-time analytics applications.
+
 ## Supported Versions
+
 Currently supported ClickHouse version:
+
 Import configuration version:
+
+- `clickhouse@25.3`
+
 ## Service Configuration
+
 Our ClickHouse implementation features optimized default settings designed for analytical workloads and data warehousing use cases.
+
 ### Resource Allocation
+
 Zerops automatically allocates resources to your ClickHouse service based on demand within the limits defined in your [automatic scaling configuration](/features/scaling).
+
 ## High Availability and Deployment Modes
+
 :::important
 Deployment mode is selected during service creation and cannot be changed later.
 :::
+
 ### High-Availability (HA) Setup
+
 The recommended solution for production workloads and mission-critical analytics:
+
 * **3 data nodes** with automatic monitoring, repairs, and replication factor of 3
 * **Default cluster name:** `zerops` (currently 1 shard with 3 replicas)
+
 #### Replication Configuration
+
 The `Replicated` database engine handles replication automatically, but there are specific requirements you need to follow:
+
 **For Database Operations**
 Use this configuration when creating/managing databases:
+
 ```sql
 CREATE DATABASE uk ON CLUSTER '{cluster}'
 ENGINE = Replicated('/clickhouse/databases/{uuid}', '{shard}', '{replica}');
 ```
+
 **For Table Operations**
 Use `ENGINE = ReplicatedMergeTree` when creating tables (without the `ON CLUSTER '{cluster}'` clause):
+
 ```sql
 CREATE TABLE uk.uk_price_paid
 (
@@ -2133,11 +3010,14 @@ CREATE TABLE uk.uk_price_paid
     county    LowCardinality(String)
 ) ENGINE = ReplicatedMergeTree ORDER BY (postcode1, postcode2, addr1, addr2);
 ```
+
 For more details see:
 - https://clickhouse.com/docs/engines/database-engines/replicated
 - https://clickhouse.com/docs/engines/table-engines/mergetree-family/replication
 - https://clickhouse.com/docs/sql-reference/distributed-ddl
+
 You can use other `Replicated*` engines from the MergeTree family. Replication is only supported for tables in the MergeTree family:
+
 * `ReplicatedMergeTree`
 * `ReplicatedSummingMergeTree`
 * `ReplicatedReplacingMergeTree`
@@ -2145,102 +3025,153 @@ You can use other `Replicated*` engines from the MergeTree family. Replication i
 * `ReplicatedCollapsingMergeTree`
 * `ReplicatedVersionedCollapsingMergeTree`
 * `ReplicatedGraphiteMergeTree`
+
 User management (users, grants, etc.) is replicated by Keeper by default. The `ON CLUSTER '{cluster}'` clause is not needed when creating/deleting users or changing grants.
-The default `` database follows these practices. If you don't follow these recommendations, it is possible you will face issues in case of fail and repair scenario.
+
+The default `<service-hostname>` database follows these practices. If you don't follow these recommendations, it is possible you will face issues in case of fail and repair scenario.
+
 ### Single Container Installation
+
 Suitable for development and testing environments:
+
 * Consists of 1 ClickHouse node
 * Lower resource requirements
 * No automatic replication
+
 :::warning
 Use for development purposes or non-critical data only. **Make sure to have backups enabled** if using in production, as you can lose your data due to container volatility.
 :::
+
 ## Network Access & Protocols
+
 Zerops automatically configures secure authentication for your ClickHouse service.
+
 ### Default Database
-Zerops creates a default database with the same name as your service hostname (``) during service creation.
+Zerops creates a default database with the same name as your service hostname (`<service-hostname>`) during service creation.
+
 ### Default Users
+
 #### `zerops` User
 * Created automatically upon service creation
 * Has privileges for the default database
 * Password available as environment variable `password`
+
 #### `super` User
 * Administrative user for cluster management
 * Can create new databases, users, and manage permissions
 * Password available as environment variable `superUserPassword`
+
 ### Access Methods
+
 Services within the same project can access ClickHouse directly using:
 ```
-:
+<service-hostname>:<port>
 ```
+
 For HA cluster setups, you can also access specific data nodes:
 ```
-node-stable-.db..zerops:
+node-stable-<1..3>.db.<service-hostname>.zerops:<port>
 ```
+
 For external access, use `zcli` VPN to connect using the same connection strings.
+
 ClickHouse offers multiple interfaces for different use cases:
+
 #### Native TCP Protocol
 **Port:** `9000` (Environment variable: `port` or `portNative`)
+
 Optimal for high-performance applications and ClickHouse-native clients.
+
 More about it in [official ClickHouse docs](https://clickhouse.com/docs/interfaces/tcp).
+
 #### HTTP/HTTPS Interface
 **Port:** `8123` (Environment variable: `portHttp`)
+
 Ideal for web applications and REST API integrations.
+
 It is also possible to setup HTTPS domain access or enable subdomain for access from outside the project. Then you can access the database using following URL:
 - `https://clickhouse.my-awesome-domain.tld`
 - JDBC connection string example (use `ssl=true&sslmode=NONE` options):
 `jdbc:clickhouse:https://clickhouse.my-awesome-domain.tld:443/?ssl=true&sslmode=NONE`
+
 More about it in [official ClickHouse docs](https://clickhouse.com/docs/interfaces/http).
+
 #### MySQL Protocol
 **Port:** `9004` (Environment variable: `portMysql`)
+
 Enables connectivity from MySQL-compatible tools and applications.
+
 More about it in [official ClickHouse docs](https://clickhouse.com/docs/interfaces/mysql).
+
 #### PostgreSQL Protocol
 **Port:** `9005` (Environment variable: `portPostgresql`)
+
 Allows integration with PostgreSQL-compatible clients and ORMs.
+
 More about it in [official ClickHouse docs](https://clickhouse.com/docs/interfaces/postgresql).
+
 ## Backup and Recovery
+
 Zerops provides comprehensive backup functionality using ClickHouse's native backup capabilities.
+
 ### Backup Process
+
 * Backups are performed using ClickHouse SQL command `BACKUP ALL ...` with `super` user permissions
 * All databases are backed up (excluding system databases)
 * Backup files are stored as `tar.gz` archives
 * Contains the complete folder structure produced by the SQL backup command
+
 ### Restore Options
+
 #### Option 1: Custom S3 Bucket Restore
+
 1. Download backup from Zerops GUI or via API
 2. Extract the tar.gz archive and upload to your S3 bucket
 3. Restore using ClickHouse SQL commands:
+
 ```sql
 -- Restore specific table
 RESTORE TABLE mydb.mytable AS mydb.mytable2
 FROM S3('https://storage-prg1.zerops.io/mybucket/path/to/dir/with/untarred/backup',
         'my-access-key-id', 'my-secret-key');
+
 -- Restore all data
 RESTORE ALL FROM S3('https://storage-prg1.zerops.io/mybucket/path/to/backup',
                    'my-access-key-id', 'my-secret-key');
+
 -- see https://clickhouse.com/docs/operations/backup#configuring-backuprestore-to-use-an-s3-endpoint
 ```
+
 #### Option 2: Support-Assisted Restore
+
 Contact Zerops support on Discord, and we'll place the backup on the container's filesystem for restoration using the `File` driver (see [ClickHouse documentation](https://clickhouse.com/docs/operations/backup) for further info).
+
 :::note
 A simple GUI/API action for backup restoration is on our roadmap for future releases.
 :::
+
 ## Troubleshooting
+
 ### Common Issues
+
 #### Connection Problems
 * Verify you're using the correct port for your chosen protocol
 * Check that your service is running and healthy in the Zerops dashboard
 * For HA clusters, try connecting to specific nodes if the main endpoint fails
 * Ensure authentication credentials are correct
+
 #### Replication Issues
 * Verify you're using `ON CLUSTER '{cluster}'` for database operations
 * Confirm tables use `ReplicatedMergeTree` engines
+
 ## Learn More
+
 - [Official ClickHouse Documentation](https://clickhouse.com/docs) - Comprehensive guide to ClickHouse features and SQL syntax
 - [ClickHouse Replication Guide](https://clickhouse.com/docs/engines/table-engines/mergetree-family/replication) - Detailed replication concepts
 - [Distributed DDL Reference](https://clickhouse.com/docs/sql-reference/distributed-ddl) - Cluster operations documentation
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zerops)
 - Contact support via [email](mailto:support@zerops.io)
@@ -2249,21 +3180,33 @@ For advanced configurations or custom requirements:
 
 # Company > About
 
+
 ## Our Story
+
 Zerops, originally founded in 2018, began as an internal project at [vshosting.eu](https://vshosting.eu), one of the largest providers of managed hosting solutions in Central Europe. In June 2024, after a period when the project had been shut down following corporate restructuring, Zerops was re-launched as an independent startup. Now headed by the original development team and backed by strong partners, Zerops continues its mission with renewed focus and independence.
+
 ## Technology & Infrastructure
+
 Zerops runs on bare metal, with the platform built from the ground up using Golang and [Incus](https://linuxcontainers.org/incus/) containerization. Our servers are currently located in Prague, Czech Republic, leveraging vshosting's state-of-the-art datacenter facilities.
+
 ## Financial Backing & Partners
+
 Zerops is financially backed by established venture capital firms:
 - [Presto Ventures](https://www.prestoventures.com/) - A leading Central European venture capital firm
 - [Gi21 Capital](https://gi21capital.com/) - A technology-focused investment firm
+
 Our primary infrastructure partner is [vshosting.eu](https://vshosting.eu), which itself is part of [Contabo](https://contabo.com/en/), owned by global investment firm [KKR](https://www.kkr.com/). This strategic partnership provides Zerops with enterprise-grade infrastructure stability.
+
 ## Looking Ahead
+
 We're committed to continually improving the Zerops platform with a focus on:
+
 - **Multiregional Deployment**: Beginning with built-in CDN capabilities, followed by the ability to run entire projects in different regions
 - **Enhanced Performance**: Ongoing optimization of our container orchestration and resource management
 - **Developer Experience**: Continuous improvement of our UI, CLI, and API interfaces
+
 ## Connect With Us
+
 - [Discord](https://discord.com/invite/WDvCZ54)
 - [X.com](https://x.com/zeropsio)
 - [LinkedIn](https://www.linkedin.com/company/zerops)
@@ -2273,76 +3216,117 @@ We're committed to continually improving the Zerops platform with a focus on:
 
 # Company > Branding
 
+
 # Zerops Brand Assets
+
 Here you can find and download our official logos and badges in various formats. Please follow our brand guidelines when using these assets.
+
 ## Download Assets
+
 Below you'll find our official assets available in various formats. Click the download buttons to get the assets in your preferred format.
+
 ## Brand Guidelines
+
 When using Zerops brand assets, please:
+
 - Don't modify the logos or badges in any way
 - Maintain adequate spacing around the assets
 - Use the provided color versions (light/dark) as appropriate
 - Don't use the Zerops logo or badges in a way that suggests partnership or endorsement without permission
 - Don't use the assets as your own branding or as part of your logo
 
+
 ----------------------------------------
 
 # Company > Payment
 
+
 Zerops provides a transparent credit-based payment system that makes managing your account finances straightforward. You can easily add funds to your account through manual or automatic top-ups, track all your transactions, and download invoices for your records.
+
 This page explains how to manage your account balance, set up payment preferences, and access your complete billing history to help you maintain uninterrupted service while keeping your finances organized.
+
 ## Manual Top-up
+
 Manual top-ups give you direct control over your account funding. To add credits to your account immediately:
+
 1. Navigate to **Credit & Spend Overview** in the Organization section of the main menu
 2. Click on **Top up credit** and fill in the [billing information](#billing-information)
 3. Enter your desired top-up amount (minimum $10 VAT excl.)
 3. Complete payment using your saved or new payment method
+
 ## Automatic Top-ups
+
 :::caution Beta version
 Available only for customers who have previously made a manual top-up, have a saved payment method, and have provided billing information.
 :::
+
 Automatic top-up ensures your projects continue running without interruption by replenishing your credits when they run low.
+
 ### How Automatic Top-ups Work
+
 When enabled, Zerops monitors your credit balance and consumption rate to determine when and how much to top up, always respecting your configured limits.
 Zerops initiates an automatic payment when:
+
 - Your remaining credits are sufficient for **less than 10 days** of operation at your **current consumption rate**
 - You have automatic top-ups enabled
 - Your [settings](#billing-information) allow for the payment amount
+
 :::note Important notes
 - The charge amount is estimated based on your actual usage patterns, not maximum possible amounts
 - Negative balances are included in the next auto top-up (within your maximum charge limit)
 - The system checks your balance immediately after enabling auto top-ups, potentially triggering an immediate payment
 - Auto top-up limits don't affect manual payments — add any amount manually regardless of automatic settings
 :::
+
 ### Configuration Options
+
 #### Period
 The timeframe for which the maximum configured auto-charge amount is checked. Can be set to either:
+
 - **Weekly**: Maximum charge amount applies to a 7-day rolling window
 - **Monthly**: Maximum charge amount applies to a 30-day rolling window
+
 #### Maximum Charge Amount
 The maximum amount that can be auto-charged in the given period. This serves as a safeguard against unexpected costs due to traffic spikes or other unforeseen circumstances.
+
 - Minimum setting: $10 (matches the minimum manual payment)
+
+#### Real-World Example
+
 **Scenario:** Application with $20 weekly operating costs and initial manual top-up of $100
+
 **Your Settings:**
 - Period = Weekly
 - Maximum charge amount = $150
+
 **Expected behavior:**
 - System adds approximately $20-30 when less than 10 days of credits remain (around day 35)
 - Payments continue in small increments aligned with your usage patterns
 - During traffic spikes, payments adjust to match higher consumption (up to $150 weekly limit)
 - Payment amounts return to normal when usage decreases
+
 ## Billing Information
+
 You are required to enter billing details for all transactions (manual and automatic top-ups), with one exception:
+
 - EU-based users who are not VAT payers with transactions under $350
+
 You can save your billing details by navigating to **Invoices & Billing Settings** in the Organization section of the main menu.
+
 ## Invoices
+
 Zerops provides easy access to all invoices generated for manual and automatic top-ups within your organization.
+
 To view and manage your invoices navigate to **Invoices & Billing Settings** in the Organization section of the main menu.
+
 ## Export Credit Consumption Records
+
 Zerops allows you to download monthly reports of your credit consumption history for analysis and record-keeping.
+
 1. Navigate to **Credit & Spend Overview** in the Organization section
 2. Find the **Export Credit Consumption Records** section
 3. Click on any month button to download that period's report
+
 Reports are available for the past 12 months in TXT format and include:
 - Client information and reporting period
 - Starting and ending balances
@@ -2354,99 +3338,154 @@ Reports are available for the past 12 months in TXT format and include:
 
 # Company > Pricing
 
+
 Zerops provides a straightforward pricing structure based on your project type and resource usage.
+
 The total cost of deploying an application includes your project's **core package cost** + the **cost of the resources** of the services inside a project. Additional charges may apply for optional features such as dedicated IPv4, extra egress, object storage, extra backup space and extra build time.
+
 :::note Fair Billing Model
 Resources are allocated per service and billed by the minute, though credit is deducted hourly based on actual usage. You're only charged for what you use, calculated down to the minute.
 :::
+
 Need to add credits to your account? Visit our [Top-up & Billing page](/company/payment) for instructions.
+
 ## Project Core Plans
+
 Zerops offers two core types to match different needs and budgets. For detailed information on both core types, visit our [Project & Services Structure](/features/infrastructure) page.
+
 ### Lightweight Core - Free
 Best for development, testing, and smaller workloads with limited redundancy.
+
 **Included resources:**
 - **Build Time**: 15 hours per month
 - **Backup Storage**: 5 GB
 - **Egress Traffic**: 100 GB per month
+
 ### Serious Core - $10 / 30 days
 Optimized for production workloads with high availability and comprehensive failover protection.
+
 **Included resources:**
 - **Build Time**: 150 hours per month
 - **Backup Storage**: 25 GB
 - **Egress Traffic**: 3 TB per month
+
 :::note Storage Limits
 All projects have a technical maximum backup storage limit of **1 TiB**. Usage beyond the free tier allocation (5GB or 25GB) is billed according to the [overage costs](#overage-costs) below.
 :::
+
 ## Resource Pricing
+
 Services in Zerops require computing resources that are billed separately from your project core. These resources are allocated per service and billed by the minute based on actual usage, with credits deducted hourly.
-  
-      Resource
-      Price
-      Description
-    
-      Shared CPU
-      $0.60 per CPU / 30 days
-      Economical option for most workloads with good performance
-    
-      Dedicated CPU
-      $6.00 per CPU / 30 days
-      Reserved CPU cores for predictable performance
-    
-      RAM
-      $0.75 per 0.25 GB / 30 days
-      Memory allocated to your services
-    
-      Disk Space
-      $0.05 per 0.5 GB / 30 days
-      Storage space for your applications and data
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap"><strong>Resource</strong></th>
+      <th className="w-fit whitespace-nowrap"><strong>Price</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>Shared CPU</strong></td>
+      <td className="w-fit whitespace-nowrap"><strong>$0.60</strong> per CPU / 30 days</td>
+      <td className="w-fit">Economical option for most workloads with good performance</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>Dedicated CPU</strong></td>
+      <td className="w-fit whitespace-nowrap"><strong>$6.00</strong> per CPU / 30 days</td>
+      <td className="w-fit">Reserved CPU cores for predictable performance</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>RAM</strong></td>
+      <td className="w-fit whitespace-nowrap"><strong>$0.75</strong> per 0.25 GB / 30 days</td>
+      <td className="w-fit">Memory allocated to your services</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>Disk Space</strong></td>
+      <td className="w-fit whitespace-nowrap"><strong>$0.05</strong> per 0.5 GB / 30 days</td>
+      <td className="w-fit">Storage space for your applications and data</td>
+    </tr>
+  </tbody>
+</table>
+
 :::note Daily Spending Control
 You can set daily spending limits in GUI for your project to control costs and avoid unexpected charges. This provides an alternative to configuring automatic resource scaling ranges while keeping your services running optimally.
 :::
+
 ## Additional Services
+
 Enhance your deployment with these optional services to meet specific requirements for networking, storage, and data transfer.
-  
-      Service
-      Price
-      Description
-    
-      Dedicated IPv4
-      $3.00 per 30 days
-      Exclusive IPv4 address for your project (instead of shared)
-    
-      Object Storage
-      $0.01 per GB / 30 days
-      Scalable storage for files, backups, and static assets
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap"><strong>Service</strong></th>
+      <th className="w-fit whitespace-nowrap"><strong>Price</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>Dedicated IPv4</strong></td>
+      <td className="w-fit whitespace-nowrap"><strong>$3.00</strong> per 30 days</td>
+      <td className="w-fit">Exclusive IPv4 address for your project (instead of shared)</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>Object Storage</strong></td>
+      <td className="w-fit whitespace-nowrap"><strong>$0.01</strong> per GB / 30 days</td>
+      <td className="w-fit">Scalable storage for files, backups, and static assets</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Overage Costs
+
 When you exceed the resources included in your project core plan, the following charges apply:
-  
-      Item
-      Price
-      Description
-    
-        Extra Egress
-        $0.02 per GB
-        Data transfer out of your project beyond plan limits
-      
-      Extra Backup Space
-      $0.50 per 5 GB
-      Additional storage for automatic, encrypted backups
-    
-      Extra Build Time
-      $0.50 per 15 hours
-      Additional time for building and deploying applications
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap"><strong>Item</strong></th>
+      <th className="w-fit whitespace-nowrap"><strong>Price</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+      <tr>
+        <td className="w-fit whitespace-nowrap"><strong>Extra Egress</strong></td>
+        <td className="w-fit whitespace-nowrap"><strong>$0.02</strong> per GB</td>
+        <td className="w-fit">Data transfer out of your project beyond plan limits</td>
+      </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>Extra Backup Space</strong></td>
+      <td className="w-fit whitespace-nowrap"><strong>$0.50</strong> per 5 GB</td>
+      <td className="w-fit">Additional storage for automatic, encrypted backups</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>Extra Build Time</strong></td>
+      <td className="w-fit whitespace-nowrap"><strong>$0.50</strong> per 15 hours</td>
+      <td className="w-fit">Additional time for building and deploying applications</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Pricing Calculator
+
 Use our pricing calculator to estimate your monthly costs based on your specific needs:
 
+
 ----------------------------------------
 
 # Deno > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Deno application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -2455,49 +3494,63 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: deno@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - deno task build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - deno.jsonc
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: directory
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: deno@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customise the runtime Deno environment by installing additional
       # dependencies to the base Deno runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Deno application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Deno application start command
       start: deno task start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -2508,6 +3561,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -2517,11 +3571,20 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Deno builds:
+
+- `deno@2.0.0`, `deno@2`, `deno@latest`
+- `deno@1.45.5`, `deno@1`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2532,12 +3595,18 @@ zerops:
       base: deno@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Deno, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+  major version of Deno, [Zerops command line tool](/references/cli), `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2551,34 +3620,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Deno defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2587,6 +3674,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: deno@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -2594,20 +3682,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/deno/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2616,40 +3715,57 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: deno@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - deno task build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     deno test
     deno task build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - deno task build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/deno/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - npm i --verbose
   - npm run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -2658,56 +3774,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -2719,22 +3860,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -2743,6 +3895,7 @@ zerops:
     build:
       base: deno@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -2751,12 +3904,21 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/deno/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Deno version for your runtime.
+
 Following options are available for Deno builds:
+
+- `2.0`
+- `1.45`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2766,18 +3928,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: deno@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: deno@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Deno, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2787,6 +3956,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: deno@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -2796,36 +3966,58 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Deno service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Deno service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
+
 | parameter   | description                                                                                                                                                                                                                                                                                                            |
 | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | port        | Defines the port number. You can set any port number between _10_ and _65435_. Ports outside this interval are reserved for internal Zerops systems.                                                                                                                                                                   |
 | protocol    | **Optional.** Defines the protocol. Allowed values are `TCP` or `UDP`. Default value is `TCP`.                                                                                                                                                                                                                         |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Deno runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Deno environment contains {data.alpine.default} the selected
-  major version of Deno, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Deno, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2833,6 +4025,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -2842,27 +4035,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/deno/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the custom runtime cache go to `yyy`
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Deno, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Deno, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2871,6 +4082,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -2880,15 +4092,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -2897,22 +4114,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Deno application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/deno/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/deno/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -2927,57 +4157,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/deno/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Deno application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Deno application start command
       start: deno task start
 ```
+
 We recommend starting your Deno application using `deno task start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
-**Example:**
-```yaml
-zerops:
-  # hostname of your service
-  - setup: app
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
+**Example:**
+
+```yaml
+zerops:
+  # hostname of your service
+  - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Deno application start command
       start: deno task start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -2985,25 +4242,32 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/deno/how-to/create#set-secret-environment-variables) as your Deno application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Deno application start command
       start: deno task start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -3012,13 +4276,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -3027,14 +4296,23 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/deno/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
+
 <table className="w-full my-1.5">
   <thead>
     <tr>
@@ -3064,13 +4342,16 @@ If your application requires a https request, set <code>scheme: https</code></td
     </tr>
   </tbody>
 </table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -3079,25 +4360,33 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/deno/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/deno/how-to/create#set-secret-environment-variables) as your Deno application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -3109,88 +4398,136 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/deno/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Deno > How To > Build Process
 
-  
+
 ## Build process overview
+
 Zerops starts a temporary build container and performs the following actions:
+
 1. **Installs the build environment** - Sets up base system and Deno runtime
 2. **Downloads your application source code** - From [GitHub ↗](https://www.github.com), [GitLab ↗](https://www.gitlab.com) or via [Zerops CLI](/references/cli)
 3. **Optionally customizes the build environment** - Runs prepare commands if configured
 4. **Runs the build commands** - Executes your build process
 5. **Uploads the application artifact** - Stores build output to internal Zerops storage
 6. **Caches selected files** - Preserves specified files for faster future builds
+
 The build container is automatically deleted after the build has finished or failed.
+
 ## Build configuration
+
 Configure your Deno build process in your `zerops.yaml` file according to the [full build & deploy Deno pipeline guide](/deno/how-to/build-pipeline).
+
 ## Build environment
+
 ### Default Deno build environment
+
 The default Deno build environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - Selected version of Deno defined in `zerops.yaml` [build.base](/deno/how-to/build-pipeline#base) parameter
 - [zCLI](/references/cli), Zerops command line tool
 - Deno and Git
+
 ### Customize build environment
+
 To install additional packages or tools, add one or more [build.prepareCommands](/deno/how-to/build-pipeline#preparecommands) to your `zerops.yaml`.
+
 :::info
 The application code is available in the `/build/source` folder in your build container before the prepare commands are triggered. This allows you to use any file from your application code in your prepare commands (e.g. a configuration file).
 :::
+
 ### Build hardware resources
+
 All runtime services use the same hardware resources for build containers:
-  
-      HW resource
-      Minimum
-      Maximum
-    
-      CPU cores
-      1
-      5
-    
-      RAM
-      8 GB
-      8 GB
-    
-      Disk
-      1 GB
-      100 GB
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>HW resource</strong></th>
+      <th className="w-fit"><strong>Minimum</strong></th>
+      <th className="w-fit"><strong>Maximum</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">CPU cores</td>
+      <td className="w-fit">1</td>
+      <td className="w-fit">5</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">RAM</td>
+      <td className="w-fit">8 GB</td>
+      <td className="w-fit">8 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Disk</td>
+      <td className="w-fit">1 GB</td>
+      <td className="w-fit">100 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 Build containers start with minimum resources and scale vertically up to maximum capacity as needed.
+
 :::info
 Build container resources are not charged separately. Limited build time is included in your [project core plan](/company/pricing#project-core-plans), with additional build time available if needed.
 :::
+
 ### Build time limit
+
 The time limit for the whole build pipeline is **1 hour**. After 1 hour, Zerops will terminate the build pipeline and delete the build container.
+
 ## Troubleshooting Deno builds
+
 ### Build command failures
+
 If any [build command](/deno/how-to/build-pipeline#buildcommands) fails (returns non-zero exit code), the build is canceled. Check the [build log](/deno/how-to/logs#build-log) to troubleshoot the error.
+
 For Deno, if the error log doesn't contain specific error messages, try running your build with verbose output:
+
 ```yaml
 buildCommands:
   - deno cache main.ts
   - deno compile --allow-net --allow-read main.ts
 ```
+
 ### Prepare command failures
+
 If any [prepare command](/deno/how-to/build-pipeline#preparecommands) fails, check the [build log](/deno/how-to/logs#build-log) for specific error messages. Common issues include:
+
 - Missing permissions in Deno commands (add --allow-net, --allow-read, etc.)
 - Ubuntu package installation failures (use sudo apt-get update first)
 - Deno cache directory permissions
+
 ### Build cache issues
+
 If you encounter unexpected build behavior or dependency issues, the problem might be related to [cached build data](/features/build-cache). While Zerops maintains the build cache to speed up deployments, sometimes you may need to start fresh.
+
 To invalidate the build cache:
+
 1. Go to your service detail in Zerops GUI
 2. Choose **Pipelines & CI/CD Settings** from the left menu
 3. Click on the **Invalidate build cache** button
+
 This will force Zerops to run the next build clean, including all prepare commands. Learn more about [build cache behavior](/features/build-cache).
+
 :::tip Advanced troubleshooting
 For complex build issues that require investigation, you can enable [debug mode](/features/debug-mode) to pause the build process at specific points and inspect the build container state interactively.
 :::
+
 ## More resources
+
 For more details about the build and deploy pipeline, including how to cancel builds and manage application versions, see the [general pipeline documentation](/features/pipeline).
+
 ## Next steps
+
 - Understand the [deployment process](/deno/how-to/deploy-process)
 - Learn how to [customize the runtime environment](/deno/how-to/customize-runtime)
 - Explore [build and runtime logs](/deno/how-to/logs)
@@ -3205,34 +4542,58 @@ For more details about the build and deploy pipeline, including how to cancel bu
 
 # Deno > How To > Create
 
+
 Zerops provides a powerful Deno runtime service with extensive build support. The Deno runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Deno environment up and running in no time.
+
 ## Create a Deno service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Deno service:
+
+[Video: /vids/services/deno.webm](/vids/services/deno.webm)
+
 ### Choose a Deno version
+
 Zerops supports the following Deno versions:
+
 :::info
 You can easily [upgrade](/deno/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](/deno/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create a Deno service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Deno service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/deno/how-to/create#create-a-project-description-file)
 3. [Create a project with a Deno and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -3254,13 +4615,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Deno version 20 service with default [auto scaling](/deno/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/deno/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -3305,103 +4671,171 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Deno service and a [PostgreSQL](/postgresql/overview) service.
+
 Deno service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/deno/how-to/build-pipeline#ports). Deno service will run on version 20 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
+
 | Parameter       | Description                                                                                                                     | Limitations             |
 | --------------- | ------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
 | **name**        | The name of the new project. Duplicates are allowed.                                                                            |                         |
 | **description** | **Optional.** Description of the new project.                                                                                   | Maximum 255 characters. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Deno and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Deno service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/deno/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/deno/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/deno/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/deno/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Deno service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -3422,49 +4856,71 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Deno service version 20 with default [auto scaling](/deno/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Deno > How To > Customize Runtime
 
+
 ## Build Custom Runtime Images
+
 Zerops allows you to build custom runtime images (CRI) when the default base runtime images don't meet your Deno application's requirements. This is an optional phase in the [build and deploy pipeline](/features/pipeline#runtime-prepare-phase-optional).
+
 :::important
 You should not include your application code in the custom runtime image, as your built/packaged code is deployed automatically into fresh containers.
 :::
+
 ## Configuration
+
 ### Default Deno Runtime Environment
+
 The default Deno runtime environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - Selected version of Deno when the runtime service was created
 - [zCLI](/references/cli)
 - Deno and Git
+
 ### When You Need a Custom Runtime Image
+
 If your Deno application needs more than what's included in the default environment, you'll need to build a custom runtime image. Common scenarios include:
+
 - **System packages for processing**: When your app processes images, videos, or files (requiring packages like `sudo apt-get install -y imagemagick`)
 - **Global Deno tools**: When you need CLI tools or utilities available system-wide
 - **Native dependencies**: When your Deno modules require system libraries that aren't in the default environment
+
 Here are Deno-specific examples of configuring custom runtime images in your `zerops.yml`:
+
 ### Basic Deno Setup
-    
+
 ### Using Build Files in Runtime Preparation
+
 ```yaml
 build:
   addToRunPrepare:
@@ -3476,18 +4932,26 @@ run:
     - sudo apt-get install -y imagemagick
     - deno cache deps.ts
 ```
+
 For complete configuration details, see the [runtime prepare phase configuration guide](/features/pipeline#configuration).
+
 ## Process and Caching
+
 ### How Runtime Prepare Works
 The runtime prepare process follows the same steps for all runtimes. See [how runtime prepare works](/features/pipeline#how-it-works) for the complete process details.
+
 ### Caching Behavior
 Zerops caches custom runtime images to optimize deployment times. Learn about [custom runtime image caching](/features/pipeline#custom-runtime-image-caching) including when images are cached and reused.
+
 ### Build Management
 For information about managing builds and deployments, see [managing builds and deployments](/features/pipeline#manage-builds-and-deployments).
+
 :::warning
 Shared storage mounts are not available during the runtime prepare phase.
 :::
+
 ## Troubleshooting
+
 If your `prepareCommands` fail, check the [prepare runtime log](/deno/how-to/logs#prepare-runtime-log) for specific error messages.
 
 ----------------------------------------
@@ -3542,62 +5006,112 @@ If your `prepareCommands` fail, check the [prepare runtime log](/deno/how-to/log
 
 # Deno > Overview
 
+
 [Deno ↗](https://deno.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 :::tip
 Have you got any additional question? Join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-deno), a **_recipe_**, containing the most simple Deno web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Deno app running in Zerops — as few libraries as possible,
+
+### 🚀 No Fuss, Just Deploy with Speed!
+
+This is the most bare-bones example of Deno app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "deno" recipe on Zerops](https://app.zerops.io/recipe/?lf=deno)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-deno/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-deno
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: deno@1
     buildFromGit: https://github.com/zeropsio/recipe-deno
     enableSubdomainAccess: true
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://api-7f6-8000.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 {"message":"This is a simple, basic Deno / Oak application running in Zerops.io,\n      each request adds an entry to the PostgreSQL database and returns a count.\n      See the source repository (https://github.com/zeropsio/recipe-deno) for more information.","newEntry":"274b0cc1-5b6d-4351-b8ec-53cf82bd9d0f","count":1}
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/deno/how-to/create) — Dive in all Zerops has to offer for your Deno application.
+- [Deno recipes](https://github.com/zeropsio?q=deno&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Deno service](/deno/how-to/create) — Start with creating a Deno service using GUI or zCLI.
+- [Zerops.yaml](/deno/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/deno/how-to/scaling) — Set up scaling of your Deno application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/deno/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/deno/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Docker > Overview
 
+
 Zerops provides Docker support through dedicated Virtual Machine (VM) environments, ensuring maximum compatibility and isolation while maintaining integration with the broader Zerops ecosystem. This guide explains how to effectively use Docker services in Zerops, including best practices and important considerations.
+
 ## Why VMs
+
 While Zerops primarily uses native Linux containers for optimal performance, this VM-based approach allows you to run virtually any Docker container while maintaining Zerops' robust infrastructure management.
+
 You can learn more about [differences](/features/container-vs-vm) between Containers and Virtual Machines in Zerops.
+
 Before using Docker services, consider these important aspects:
+
 ### Virtual Machine Environment
+
 Docker services in Zerops operate in a full VM environment, which has several implications:
+
 - **Slower Boot Times**: VMs require more time to initialize due to full kernel boot
 - **Higher Resource Usage**: VMs include additional system overhead compared to native containers
 - **Scaling Limitations**:
@@ -3606,42 +5120,59 @@ Docker services in Zerops operate in a full VM environment, which has several im
     - Zerops automatically restarts the VM when resource values are changed in UI
 - **Storage Management**: Disk space can only be increased, not decreased without recreation
 - **Build Phase Limitations**: Build phase runs in containers, not in the VM environment
+
 ### Advantages
+
 Despite these limitations, Docker services offer some benefits:
+
 - **Broad Compatibility**: Run almost any Docker container with minimal modification
 - **Familiar Environment**: Standard Docker runtime environment
+
 ## Configuration Guide
+
 ### Supported Version
+
 Currently supported Docker versions:
-Import configuration version:
+
 ### Basic Structure
+
 Docker services in Zerops are configured through the `zerops.yaml` file. Here's a typical configuration pattern:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     run:
       base: docker@latest
       prepareCommands:
-        - docker image pull :  # Always use specific version tags
-      start: docker run --network=host :
+        - docker image pull <your-image>:<version>  # Always use specific version tags
+      start: docker run --network=host <your-image>:<version>
       ports:
-        - port: 
+        - port: <port-number>
           httpSupport: true
 ```
+
 :::important
 Always use specific version tags (like `1.0.0`) instead of `:latest`. Zerops caches the `prepareCommands` output, which means a new `:latest` image won't be automatically pulled on subsequent deployments unless the cache is manually cleared or the commands change.
 :::
+
 Refer to the [Docker recipe repository](https://github.com/zeropsio/recipe-docker) for an example configuration.
+
 :::note
 We are actively working on improving the speed of image caching after `run.prepareCommands` and reducing the startup time of runtime VMs. These improvements will be released in future updates.
 :::
+
 ### Network Configuration
+
 Docker services require the `--network=host` flag for proper integration with Zerops:
+
 - **Direct Port Management**: Ports are managed through `zerops.yaml`
 - **Simplified Configuration**: Avoids double port exposure in Docker and Zerops
 - **Native Performance**: Direct access to host networking
+
 ### Docker Compose Support
+
 For projects using Docker Compose, additional configuration is required:
+
 1. **File Deployment**:
    ```yaml title="zerops.yaml"
    build:
@@ -3649,6 +5180,7 @@ For projects using Docker Compose, additional configuration is required:
      deployFiles: ./docker-compose.yaml
      addToRunPrepare: ./docker-compose.yaml
    ```
+
 2. **Network Mode**:
    ```yaml title="docker-compose.yaml"
    services:
@@ -3656,15 +5188,21 @@ For projects using Docker Compose, additional configuration is required:
        image: your-image:1.0.0
        network_mode: host
    ```
+
 3. **Start Command**:
    ```yaml title="zerops.yaml"
    run:
      start: docker compose up --force-recreate
    ```
+
 ### Environment Variables
+
 When using Docker services, there's an additional layer to consider since environment variables defined in Zerops must be explicitly passed to your Docker containers.
+
 #### 1. Defining Variables in Zerops
+
 Define your environment variables in the `run.envVariables` section of your `zerops.yaml` (example uses [referenced](/features/env-variables#referencing-variables) variables):
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -3674,8 +5212,11 @@ zerops:
         DB_HOST: ${db_hostname}
         DB_PORT: ${db_port}
 ```
+
 #### 2. Passing Variables to Docker Containers
+
 For single containers, pass variables using the `-e` flag:
+
 ```yaml title="zerops.yaml"
 run:
   base: docker@latest
@@ -3683,10 +5224,13 @@ run:
     - docker image pull my-application:1.0.0  # Use specific version tags, not :latest
   start: docker run -e DB_HOST -e DB_PORT --network=host my-application:1.0.0
 ```
+
 :::important
 Always use specific version tags (like `1.0.0`) instead of `:latest`. Zerops caches the `prepareCommands` output, which means a new `:latest` image won't be automatically pulled on subsequent deployments unless the cache is manually cleared or the commands change.
 :::
+
 For Docker Compose setups, pass environment variables in your `docker-compose.yaml`:
+
 ```yaml title="docker-compose.yaml"
 services:
   api:
@@ -3696,8 +5240,11 @@ services:
       - DB_HOST
       - DB_PORT
 ```
+
 ## Implementation Examples
+
 ### Single Container
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -3710,10 +5257,13 @@ zerops:
         - port: 8000
           httpSupport: true
 ```
+
 :::important
 Always use specific version tags (like `1.0.0`) instead of `:latest`. Zerops caches the `prepareCommands` output, which means a new `:latest` image won't be automatically pulled on subsequent deployments unless the cache is manually cleared or the commands change.
 :::
+
 ### Single Service with Docker Compose
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: api
@@ -3730,6 +5280,7 @@ zerops:
         - port: 8000
           httpSupport: true
 ```
+
 ```yaml title="docker-compose.yaml (excerpt)"
 services:
   api:
@@ -3737,7 +5288,9 @@ services:
     network_mode: host
     # other configuration...
 ```
+
 ### Multiple Services with Docker Compose
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: apps
@@ -3754,36 +5307,49 @@ zerops:
         - port: 8000
           httpSupport: true
 ```
+
 ```yaml title="docker-compose.yaml (excerpt)"
 services:
   web:
     image: web-image:1.0.0
     network_mode: host
     # other configuration...
+
   api:
     image: api-image:1.0.0
     network_mode: host
     # other configuration...
 ```
+
 ## Best Practices
+
 #### Image Management
 - **Always use specific version tags** instead of `:latest` - This prevents caching issues as Zerops caches `prepareCommands` output
+
 #### Resource Planning
 - Account for VM overhead in resource allocation
 - Plan for longer initialization times
 - Consider the impact on scaling operations
+
 #### Migration Consideration
 - Evaluate if your workload could run on native containers
 - Consider gradual migration for complex applications
 - Balance development effort against operational benefits
+
 ## Limitations and Workarounds
+
 ### Build Phase
+
 Since the build phase runs in containers rather than VMs:
+
 - Use `run.prepareCommands` for Docker-specific build steps
 - Consider external CI/CD for complex Docker builds
 - Leverage pre-built images when possible
+
 ### Scaling Operations
+
 Docker services in Zerops have specific scaling characteristics that differ from native containers:
+
 #### Vertical Scaling
 - Resources must be defined with **fixed** values instead of min-max ranges
 - CPU, RAM, and disk are specified as single values:
@@ -3795,6 +5361,7 @@ Docker services in Zerops have specific scaling characteristics that differ from
   ```
 - Any change to these values through the UI triggers an automatic VM restart
 - Plan your resource allocation carefully to minimize scaling operations
+
 #### Horizontal Scaling
 - Still supports multiple containers through `minContainers` and `maxContainers`
 - Consider breaking large services into smaller components
@@ -3805,9 +5372,13 @@ Docker services in Zerops have specific scaling characteristics that differ from
 
 # Dotnet > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your .NET application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -3816,51 +5387,65 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: dotnet@6
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: dotnet@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 5000
+
       # OPTIONAL. Customize the runtime .NET environment by installing additional
       # dependencies to the base .NET runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your .NET application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your .NET application start command
       start: npm start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -3871,6 +5456,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -3880,11 +5466,23 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for .NET builds:
+
+- `dotnet@10`, `dotnet@latest`
+- `dotnet@9`
+- `dotnet@8`
+- `dotnet@7`
+- `dotnet@6`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3895,12 +5493,18 @@ zerops:
       base: dotnet@6
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of .NET, Zerops command line tool, `ASP .NET` and `git`.
+  major version of .NET, [Zerops command line tool](/references/cli), `ASP .NET` and `git`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3914,34 +5518,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of .NET defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `ASP .NET` and `git`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3950,6 +5572,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: dotnet@6
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -3957,20 +5580,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/dotnet/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3979,96 +5613,138 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: dotnet@6
+
       # OPTIONAL. Build your application
       buildCommands:
         - dotnet build -o app
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     sudo apt-get -y install dotnet-runtime-6.0 aspnetcore-runtime-6.0 dotnet-sdk-6.0 # already installed for .NET service
     dotnet build -o app
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - sudo apt-get -y install dotnet-runtime-6.0 aspnetcore-runtime-6.0 dotnet-sdk-6.0 # already installed for .NET service
   - dotnet build -o app
 ```
+
 #### Command exit code
-If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/dotnet/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the `--verbosity ` option.
+
+If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/dotnet/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the `--verbosity <LEVEL>` option.
+
 ```yaml
 buildCommands:
   - dotnet build --verbosity detailed
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -4080,22 +5756,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -4104,6 +5791,7 @@ zerops:
     build:
       base: dotnet@6
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         DOTNET_ENV: production
@@ -4112,12 +5800,24 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/dotnet/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current .NET version for your runtime.
+
 Following options are available for .NET builds:
+
+- `dotnet@10`, `dotnet@latest`
+- `dotnet@9`
+- `dotnet@8`
+- `dotnet@7`
+- `dotnet@6`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4127,18 +5827,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: dotnet@6
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: dotnet@6
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
-  selected major version of .NET, Zerops command line tool and `ASP .NET` and `git`.
+  selected major version of .NET, [Zerops command line tool](/references/cli) and `ASP .NET` and `git`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4148,6 +5855,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: dotnet@6
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -4157,43 +5865,74 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a .NET service with hostname = "app" and port = 5000 from another service of the same project, simply use `app:5000`. Read more about [how to access a .NET service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the .NET runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base .NET environment contains {data.alpine.default}, the selected
-  major version of .NET, Zerops command line tool and `ASP .NET` and `git`. To install additional packages
+  major version of .NET, [Zerops command line tool](/references/cli) and `ASP .NET` and `git`. To install additional packages
   or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4201,6 +5940,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -4210,29 +5950,47 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/dotnet/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
   selected major version of .NET,
-  Zerops command line tool and
+  [Zerops command line tool](/references/cli) and
   `ASP .NET` and `git`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4241,6 +5999,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -4250,15 +6009,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -4267,22 +6031,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your .NET application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/dotnet/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/dotnet/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -4297,56 +6074,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/dotnet/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your .NET application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your .NET application start command
       start: cd app && dotnet dnet.dll
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your .NET application start command
       start: cd app && dotnet dnet.dll
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -4354,30 +6157,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your .NET application.
+
+        The command has access to the same [environment variables](/dotnet/how-to/create#set-secret-environment-variables) as your .NET application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your .NET application start command
       start: cd app && dotnet dnet.dll
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -4386,13 +6206,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -4401,40 +6226,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/dotnet/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -4443,30 +6290,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/dotnet/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your .NET application.
+
+        The command has access to the same [environment variables](/dotnet/how-to/create#set-secret-environment-variables) as your .NET application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -4478,8 +6343,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/dotnet/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Dotnet > How To > Build Process
@@ -4496,35 +6363,60 @@ Read more about how the [readiness check works](/dotnet/how-to/deploy-process#re
 
 # Dotnet > How To > Create
 
+
 Zerops provides a .NET runtime service with extensive build support. .NET runtime is highly scalable and customisable to suit both development and production.
+
 ## Create .NET service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new .NET service:
+
+[Video: /vids/services/dotnet.webm](/vids/services/dotnet.webm)
+
 ### Choose .NET version
+
 Following .NET versions are currently supported:
+
 :::info
 You can [change](/dotnet/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/dotnet/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create .NET service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new .NET service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/dotnet/how-to/create#create-a-project-description-file)
 3. [Create a project with a .NET and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -4545,13 +6437,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one .NET version 6 service with default [auto scaling](/dotnet/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/dotnet/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -4596,113 +6493,172 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a .NET service and a [PostgreSQL](/postgresql/overview) service.
+
 .NET service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/dotnet/how-to/build-pipeline#ports). .NET service will run on version 6 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains .NET and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
+
         See what [.NET service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/dotnet/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/dotnet/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/dotnet/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/dotnet/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add .NET service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -4723,33 +6679,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one .NET service version 6 with default [auto scaling](/dotnet/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Dotnet > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'Native libraries: When your .NET packages require system libraries that aren\'t in the default environment',
-  'Development tools: When you need additional debugging or profiling tools',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -4803,13 +6764,21 @@ System packages for processing: When your app processes images, videos, or files
 
 # Dotnet > Overview
 
+
 [.NET ↗](https://dotnet.microsoft.com/en-us/) is the free, open-source, cross-platform framework for building modern apps and powerful cloud services..
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-dotnet-hello-world), a **_recipe_**, containing the most simple .NET web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of .NET running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of .NET running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "dotnet" recipe on Zerops](https://app.zerops.io/recipe/?lf=dotnet)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-dotnet-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -4821,86 +6790,145 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-dotnet-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/dotnet/how-to/create) — Dive in all Zerops has to offer for your .NET application.
+
 ## Feature Highlights
+
+- [Create .NET service](/dotnet/how-to/create) — Start with creating a .NET service using GUI or zCLI.
+- [zerops.yaml](/dotnet/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/dotnet/how-to/scaling) — Set up scaling of your .NET application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/dotnet/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/dotnet/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/dotnet/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Elasticsearch > Overview
 
+
 Deploy [Elasticsearch](https://www.elastic.co/elasticsearch/) instances in Zerops with flexible scaling options, from standalone nodes to highly available clusters.
+
 ## Supported Versions
+
 Currently supported Elasticsearch versions:
+
 Import configuration version:
+
+- `elasticsearch@9.2`
+- `elasticsearch@8.16`
+
 ## Connection Details
+
 - **Port**: 9200
 - **Protocol**: HTTP only
 - **Internal Access**: `http://{hostname}:9200`
 - **Basic auth security**
     - **User**: `elastic`
     - **Password**: randomly generated during service creation, find under **Access Details** in service detail
+
 #### Example
 ```sh
 curl -u elastic:generatedpassword http://elasticsearch:9200
 ```
+
 ## Configuration Options
+
 ### Plugin Management
+
 You can configure Elasticsearch plugins using a comma-separated list in your environment secrets:
+
 ```yaml
 envSecrets:
   PLUGINS: "analysis-icu,ingest-attachment"
 ```
+
 **Plugin Configuration Details:**
 - Defines plugins to install at service startup
 - **Format**: `plugin1,plugin2,...`
 - Service automatically installs specified plugins during initialization
 - Removing a plugin from this list triggers uninstallation on service restart
+
 ### JVM Heap Allocation
+
 Control the JVM heap size as a percentage of container memory:
+
 ```yaml
 envSecrets:
   HEAP_PERCENT: "75"
 ```
+
 **Heap Configuration Details:**
 - Value represents the percentage of container memory allocated to JVM heap
 - **Default**: 50% of available container memory
 - **Valid range**: 1-100
 - To increase available memory, adjust the service's RAM allocation in scaling configuration
+
 :::note Requires Restart
 Changes to HEAP_PERCENT require a service restart to take effect.
 :::
+
 ## Backup
+
 Elasticsearch backups are created using `elasticdump`:
+
 - **Format**: `.gz` (per index/component dump)
 - **Tooling**: `elasticdump`
 - **Compression**: Gzip compressed JSON data
+
 For backup configuration, scheduling, retention policies, and management options, see the [Zerops Backups](/features/backup) documentation.
+
 ### Restoring Backups
+
 To restore an Elasticsearch backup:
+
 1. **Download** the backup file (`.gz`) from the Zerops UI
 2. **Extract** the compressed files to access the JSON data
 3. **Prepare** your target environment (clean existing indices or use a new instance)
 4. **Restore** using either:
    - **elasticdump tool**: Use the same tool that created the backup for restoration via Zerops VPN or during deployment
    - **Elasticsearch API**: Import the data through REST API [calls](https://www.elastic.co/docs/deploy-manage/tools/snapshot-and-restore/restore-snapshot)
+
 For assistance with the restoration process, contact Zerops support.
+
 ## Example Configuration
+
 ```yaml
 services:
   - hostname: elasticsearch
@@ -4910,7 +6938,9 @@ services:
       PLUGINS: "analysis-icu,ingest-attachment"
       HEAP_PERCENT: "75"
 ```
+
 ## Related Resources
+
 - [Elasticsearch Official Documentation](https://www.elastic.co/guide/index.html)
 - [Available Elasticsearch Plugins](https://www.elastic.co/guide/en/elasticsearch/plugins/current/index.html)
 
@@ -4918,9 +6948,13 @@ services:
 
 # Elixir > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Elixir application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -4929,49 +6963,63 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: elixir@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - mix deps.get --only prod
         - mix compile
         - mix release
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: _build/prod/rel/app/
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: elixir@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customise the runtime Elixir environment by installing additional
       # dependencies to the base Elixir runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Elixir application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Elixir application start command
       start: npm start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -4982,6 +7030,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -4991,11 +7040,19 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Elixir builds:
+
+- `1.16`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5006,12 +7063,18 @@ zerops:
       base: elixir@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Elixir, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+  major version of Elixir, [Zerops command line tool](/references/cli), `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5025,34 +7088,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Elixir defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5061,6 +7142,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: elixir@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -5068,20 +7150,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/elixir/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5090,42 +7183,59 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: elixir@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     npm i
     npm run build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - npm i
   - npm run build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/elixir/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - npm i --verbose
   - npm run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -5134,56 +7244,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -5195,22 +7330,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -5219,6 +7365,7 @@ zerops:
     build:
       base: elixir@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -5227,12 +7374,20 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/elixir/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Elixir version for your runtime.
+
 Following options are available for Elixir builds:
+
+- `1.16`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5242,18 +7397,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: elixir@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: elixir@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Elixir, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5263,6 +7425,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: elixir@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -5272,36 +7435,58 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Elixir service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Elixir service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
+
 | parameter   | description                                                                                                                                                                                                                                                                                                            |
 | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | port        | Defines the port number. You can set any port number between _10_ and _65435_. Ports outside this interval are reserved for internal Zerops systems.                                                                                                                                                                   |
 | protocol    | **Optional.** Defines the protocol. Allowed values are `TCP` or `UDP`. Default value is `TCP`.                                                                                                                                                                                                                         |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Elixir runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Elixir environment contains {data.alpine.default} the selected
-  major version of Elixir, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Elixir, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5309,6 +7494,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -5318,27 +7504,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/elixir/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the custom runtime cache go to `yyy`
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Elixir, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Elixir, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5347,6 +7551,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -5356,15 +7561,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -5373,22 +7583,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Elixir application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/elixir/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/elixir/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -5403,57 +7626,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/elixir/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Elixir application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Elixir application start command
       start: npm start
 ```
+
 We recommend starting your Elixir application using `npm start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Elixir application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -5461,25 +7711,32 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/elixir/how-to/create#set-secret-environment-variables) as your Elixir application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Elixir application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -5488,13 +7745,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -5503,14 +7765,23 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/elixir/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
+
 <table className="w-full my-1.5">
   <thead>
     <tr>
@@ -5540,13 +7811,16 @@ If your application requires a https request, set <code>scheme: https</code></td
     </tr>
   </tbody>
 </table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -5555,25 +7829,33 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/elixir/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/elixir/how-to/create#set-secret-environment-variables) as your Elixir application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -5585,8 +7867,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/elixir/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Elixir > How To > Build Process
@@ -5603,34 +7887,58 @@ Read more about how the [readiness check works](/elixir/how-to/deploy-process#re
 
 # Elixir > How To > Create
 
+
 Zerops provides a powerful Elixir runtime service with extensive build support. The Elixir runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Elixir environment up and running in no time.
+
 ## Create a Elixir service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Elixir service:
+
+[Video: /vids/services/elixir.webm](/vids/services/elixir.webm)
+
 ### Choose a Elixir version
+
 Zerops supports the following Elixir versions:
+
 :::info
 You can easily [upgrade](/elixir/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](/elixir/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create a Elixir service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Elixir service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/elixir/how-to/create#create-a-project-description-file)
 3. [Create a project with a Elixir and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -5652,13 +7960,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Elixir version 20 service with default [auto scaling](/elixir/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/elixir/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -5703,103 +8016,171 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Elixir service and a [PostgreSQL](/postgresql/overview) service.
+
 Elixir service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/elixir/how-to/build-pipeline#ports). Elixir service will run on version 20 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
+
 | Parameter       | Description                                                                                                                     | Limitations             |
 | --------------- | ------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
 | **name**        | The name of the new project. Duplicates are allowed.                                                                            |                         |
 | **description** | **Optional.** Description of the new project.                                                                                   | Maximum 255 characters. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Elixir and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Elixir service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/elixir/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/elixir/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/elixir/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/elixir/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Elixir service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -5820,33 +8201,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Elixir service version 20 with default [auto scaling](/elixir/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Elixir > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'Erlang libraries: When you need additional Erlang libraries not included by default',
-  'Native dependencies: When your Mix dependencies require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -5900,124 +8286,196 @@ System packages for processing: When your app processes images, videos, or files
 
 # Elixir > Overview
 
+
 [Elixir ↗](https://elixir.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-elixir), a **_recipe_**, containing the most simple Elixir web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Elixir app running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Elixir app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "elixir" recipe on Zerops](https://app.zerops.io/recipe/?lf=elixir)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-elixir/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-elixir
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: elixir@1.16
     enableSubdomainAccess: true
     buildFromGit: https://github.com/zeropsio/recipe-elixir
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://api-808-4000.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 {"message":"This is a simple Elixir application running in Zerops.io, each request adds an entry to the PostgreSQL database and returns a count. See the source repository (https://github.com/zeropsio/recipe-elixir) for more information.","newEntry":"e64be640-d6c2-4be8-93ac-d1e40e56fa06","count":1}
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/elixir/how-to/create) — Dive in all Zerops has to offer for your Elixir application.
+- [Elixir recipes](https://github.com/zeropsio?q=elixir&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Elixir service](/elixir/how-to/create) — Start with creating a Elixir service using GUI or zCLI.
+- [Zerops.yaml](/elixir/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/elixir/how-to/scaling) — Set up scaling of your Elixir application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/elixir/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/elixir/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/elixir/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Features > Access
 
+
 Zerops provides multiple ways to access your services, whether you need internal communication between services, secure access from your development machine, or public access from the internet.
+
 :::note
 By default, your services are not publicly accessible until you configure external access. Internal communication between services within the same project works automatically.
 :::
+
 ## How Zerops Networking Works
+
 Every Zerops project includes a **shared networking infrastructure** that handles all access methods:
+
 **Private Project Network:**
 - All services within a project share a dedicated private network
 - Services communicate directly using hostnames and internal ports
 - Traffic stays isolated within your project
+
 **Public Access Infrastructure:**
 - **Core (L3) Balancer** manages IP addresses and direct port access
 - **L7 HTTP Balancer** handles domain routing and SSL termination
   - Can be extensively configured for advanced routing, performance optimization, and custom behaviors
   - See the [L7 Balancer Configuration Guide](/references/networking/l7-balancer-config) for detailed options
 - Both are shared across all services in your project
+
 **Secure External Access:**
 - **Built-in VPN** provides secure tunnel access to your project's private network
 - Useful for development, debugging, and administration
+
 ## Internal Access
+
 :::tip Complete Internal Access Setup
 See the [Internal access reference guide](/references/networking/internal-access).
 :::
+
 Services within the same project can communicate directly using hostnames and internal ports. No additional configuration required.
+
 **Example:** Connect to your `api` service on port 3000:
 ```
 http://api:3000
 ```
+
 **Key points:**
 - Use service hostname as the address
 - Use HTTP (not HTTPS) for internal communication
 - Access internal ports defined in your service configuration
 - Communication is automatically isolated from other projects
+
 ### Environment Variables
+
 Zerops automatically creates environment variables to help with internal connections between services.
+
 ## VPN Access
 :::tip Complete VPN Setup
 See the [VPN reference guide](/references/networking/vpn).
 :::
+
 Connect securely to your project's internal network from your local machine:
+
 ```bash
 # Connect to your project
-zcli vpn up 
+zcli vpn up <project-id>
+
 # Access services using internal hostnames
 curl http://api:3000/health
+
 # Disconnect when done
 zcli vpn down
 ```
+
 ## Public Access
+
 :::tip Complete Public Access Setup
 See the [Public access reference guide](/references/networking/public-access).
 :::
+
 Make your services accessible from the internet using one of three methods:
+
 ### Zerops Subdomain
 **Best for:** Development and testing
+
 - Quick setup with automatic `.zerops.app` subdomains
 - Each service gets its own unique subdomain
 - Automatic SSL certificate management
 - Shared infrastructure (has limitations for production use)
+
 ### Custom Domain
 **Best for:** Production deployments
+
 - Use your own domain names
 - Better performance with dedicated balancer
 - Full control over SSL and routing
 - Requires DNS configuration
+
 ### Direct Port Access
 **Best for:** Non-HTTP protocols and specialized use cases
+
 - Direct access to specific ports on your services
 - Supports any protocol (TCP/UDP)
 - Optional firewall configuration
 - Uses your project's IP addresses
+
 ## Next Steps
+
 - **Internal access setup:** [Internal Access Reference Guide](/references/networking/internal-access)
 - **Public access configuration:** [Public Access Reference Guide](/references/networking/public-access)
 - **VPN setup and troubleshooting:** [VPN Reference Guide](/references/networking/vpn)
@@ -6027,162 +8485,232 @@ Make your services accessible from the internet using one of three methods:
 
 # Features > Backup
 
+
 Zerops provides an automated, secure backup system for supported services. This guide covers how to configure, manage, and restore your backups.
+
 ## Supported Services
+
 Zerops provides automated backup functionality for the following services. For specific backup format details and restore instructions, visit each service's documentation: [MariaDB](/mariadb/how-to/backup), [PostgreSQL](/postgresql/how-to/backup), [Qdrant](/qdrant/overview), [Elasticsearch](/elasticsearch/overview), [NATS](/nats/overview), [Meilisearch](/meilisearch/overview), and [Shared Storage](/shared-storage/how-to/backup).
+
 ## Managing Backups in the UI
+
 By default, your data is backed up automatically **every day** between 00:00:00 UTC and 01:00:00 UTC, unless you update your settings.
+
 To manage backups, go to the service detail and choose **Backups List & Configuration** in the left menu.
+
 From this section, you can:
 - Create a one-time backup
 - Change the frequency/disable of automatic backups
 - Configure retention policies and limits
-  
+
 ### Backup Frequency Options
+
 Available schedules:
 - **No backups**: Disable automatic backups (not recommended)
 - **Once a day**: Daily backups at a specified time
 - **Once a week**: Weekly backups on a specific day and time
 - **Once a month**: Monthly backups on a specific day and time
 - **Custom CRON**: Define a custom schedule using CRON syntax
+
 For the Custom CRON option, you can use the following syntax:
-  
-      Field name
-      Allowed values
-    
-      Minute
-      0-59
-    
-      Hour
-      0-23
-    
-      Day
-      1-31
-    
-      Month
-      1-12
-    
-      Week Day
-      0–7; both 0 and 7 represent Sunday
-    
-Examples:
-- `0 2 * * *` - Every day at 2:00 AM
-- `0 4 * * 0` - Every Sunday at 4:00 AM
-- `0 0 1 * *` - First day of every month at midnight
-- `0 */6 * * *` - Every 6 hours
-### Backup Tagging
-Zerops uses tags to categorize and manage backups:
-**Time-Based Tags** (assigned automatically):
-- `daily`: Every automatic backup
+
+<table className="w-full">
+  <thead>
+    <tr>
+      <th className="whitespace-nowrap w-fit">Field name</th>
+      <th className="w-full">Allowed values</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr className="text-left">
+      <td className="w-fit">Minute</td>
+      <td className="w-fit">0-59</td>
+    </tr>
+    <tr className="text-left">
+      <td className="w-fit">Hour</td>
+      <td className="w-fit">0-23</td>
+    </tr>
+    <tr className="text-left">
+      <td className="w-fit">Day</td>
+      <td className="w-fit">1-31</td>
+    </tr>
+    <tr className="text-left">
+      <td className="w-fit">Month</td>
+      <td className="w-fit">1-12</td>
+    </tr>
+    <tr className="text-left">
+      <td className="w-fit">Week Day</td>
+      <td className="w-fit">0–7; both 0 and 7 represent Sunday</td>
+    </tr>
+  </tbody>
+</table>
+
+Examples:
+- `0 2 * * *` - Every day at 2:00 AM
+- `0 4 * * 0` - Every Sunday at 4:00 AM
+- `0 0 1 * *` - First day of every month at midnight
+- `0 */6 * * *` - Every 6 hours
+
+### Backup Tagging
+
+Zerops uses tags to categorize and manage backups:
+
+**Time-Based Tags** (assigned automatically):
+- `daily`: Every automatic backup
 - `weekly`: First backup of each week (Monday UTC)
 - `monthly`: First backup of each month (1st UTC)
+
 **User Tags** (custom labels you create):
 - Used for organization and identification (e.g., `v2.1-release`, `before-migration`, `monthly-snapshot`)
 - Add when creating manual backups - up to 24 characters (letters, numbers, `:-_`)
+
 **Protected Tags** (configured in retention policy):
 - Backups with these tag names are exempt from automatic deletion, regardless of storage limits
 - Define in the backup retention configuration section of the UI and add when creating manual backups
+
 :::important
 Manual backups don't get automatic time-based tags. Always add a protected tag to preserve critical manual backups.
 :::
+
 ### View and Manage Backup Files
+
 In this section, you can:
 - Create manual backups
 - View all backups with their timestamps and sizes
 - Download backups
 - Delete backups
-  
+
 :::note
 When creating manual backups via the UI, you'll see immediate feedback. If the backup takes longer than 10 seconds, the process continues in the background. You can verify completion by refreshing the backup list or checking service logs.
 :::
+
 ## Storage and Limits
+
 ### Project Storage Quotas
+
 Each Zerops project has a **technical maximum backup storage limit of 1 TiB**:
 - Only full backups are stored
 - If a backup would exceed the storage limit, it will not be stored
 - This quota is shared across all service backups within the project
+
 ### Billing
 - **Lightweight Project Core**: 5 GB backup storage and 100 GB egress included
 - **Serious Project Core**: 25 GB backup storage and 3 TB egress included
+
 When you exceed your plan's free limits, **additional charges apply** according to our [pricing](/company/pricing#overage-costs).
+
 ### Retention Policy and Configuration
+
 Zerops manages which backups are kept using a retention policy that you can customize through the UI:
+
 **Default Time-Based Retention** (minimums):
 - At least 7 daily backups
 - At least 4 weekly backups
 - At least 3 monthly backups
+
 **Default Resource Limits** (maximums):
 - Max 50 total backups per service
 - Storage limited to your project's 1 TiB technical maximum (with billing for usage beyond free tier)
+
 **Customization Options:**
 You can modify these defaults in the backup retention configuration interface:
 - **Set Protected Tags**: Define tag names that prevent automatic deletion of backups
 - **Configure Maximum Limits**: Adjust total number of backups and storage size limits per service
 - **Customize Minimum Retention**: Change how many daily, weekly, and monthly backups to keep
 - **Set Type-Specific Limits**: Control maximum backups for each type (0 means unlimited, subject to total limits)
+
 :::important
 Backups with [protected tags](#backup-tagging) and the minimum required time-based backups will always be kept, even if they exceed the limits above. This ensures your critical recovery points are preserved.
 :::
+
 If you need more storage space, contact our support team.
+
 ### When Deleting Services or Projects
+
 Deleted services/projects have their backups kept for a 7-day grace period before final removal.
+
 ## Command Line Interface
+
 You can also manage backups using the Zerops CLI (zCLI):
+
 ```bash
 # Create a backup
 zcli backup create myServiceName
+
 # Create a backup with tags (including protection)
 zcli backup create myServiceName --tags pre-deploy,protected
 ```
+
 Check `zcli backup --help` for current commands.
+
 :::note
 zCLI currently focuses on creation; listing/deletion/tag management is primarily via UI.
 :::
+
 ## Restoring Backups
+
 Restoration involves downloading backups and using service-specific methods. Zerops facilitates the backup creation and download; the restore action uses service-specific tools and APIs.
+
 1. **Download**: Find the backup in the UI (by date/tag) and download it
 2. **Prepare**: Set up your target environment (clean existing data or use a new instance)
 3. **Restore**: Use service-specific tools via Zerops VPN, run the restore during deployment, or use the service API if available. For service-specific restore instructions, see each service's documentation linked in the [Supported Services](#supported-services) section above.
+
 :::info Continuous Improvement
 We're working on enhancing the restore experience, potentially including more automated options in the future.
 :::
+
 For assistance with restoration, contact Zerops support.
+
 ## High Availability (HA)
+
 For multi-node HA services:
 - **Automatic Backups**: Run on a randomly selected healthy node
 - **Manual Backups**: Typically run on the primary/designated node (check logs)
 - **Cluster State**: Other nodes stay operational
+
 ## Security
+
 Backups are protected with end-to-end encryption:
+
 - **Unique Encryption**: Each project gets its own encryption key (X25519)
 - **Secure Process**: Data is encrypted immediately as backups are created
 - **Zero-Trust**: Even Zerops staff cannot access your raw backup data
 - **Isolated Storage**: Backups are stored separately from your regular data
 - **Secure Download**: Backups are only decrypted when you download them
+
 :::important
 When a project is deleted, the encryption key is permanently destroyed after 7 days, making the backup data unrecoverable.
 :::
+
 ## Best Practices
+
 1. **Create backups before major changes**:
    - Always create a manual backup with a protected tag before database migrations, deployments, or large data operations
    - Use descriptive tags like `pre-migration` or `pre-release-v2`
+
 2. **Manage storage efficiently**:
    - Regularly check usage in the Project Overview & Service Backup tabs to monitor free tier usage and stay within the 1 TiB technical limit
    - Remove unnecessary backups, especially those with [protected tags](#backup-tagging)
    - Adjust [retention policies](#retention-policy-and-configuration) based on your recovery needs
    - Regularly review and clean up old backups to optimize storage usage and minimize overage costs
+
 3. **Test your restore process** periodically in a non-production environment to ensure you can recover when needed
+
 ## Troubleshooting
+
 ### Storage Quota Issues
 **Cause**: High backup frequency, long retention periods, or many protected tags can lead to exceeding free tier limits or approaching technical maximums.
+
 **Solutions**:
 1. **Review & Prune**: Delete unnecessary manual backups or remove protected status from older backups
 2. **Adjust Retention Policy**: Reduce minimum retention counts if your recovery requirements allow
 3. **Optimize Schedule**: Reduce backup frequency if daily backups aren't essential
 4. **Monitor Costs**: Check usage against your free tier (5GB/25GB) to avoid unexpected overage charges
 5. **Contact Support**: If you need assistance managing storage
+
 ### Backup Failures
 **Cause**: Service health issues, resource exhaustion, or platform problems.
+
 **Solutions**:
 1. **Check Service Logs**: Look for error messages around the scheduled backup time
 2. **Verify Service Health**: Ensure the service is running properly with adequate resources
@@ -6193,35 +8721,52 @@ When a project is deleted, the encryption key is permanently destroyed after 7 d
 
 # Features > Build Cache
 
+
 > Zerops implements a sophisticated two-layer caching strategy that optimizes build times while maintaining complete control over the build environment. This documentation explores the architecture, configuration patterns, and practical implementation of the build cache system.
+
 ## Architecture Overview
+
 The build cache operates through two distinct layers:
+
 1. **Base Layer**: Comprises the OS, installed dependencies, and prepare commands
 2. **Build Layer**: Contains the state after executing build commands
+
 The layers work together to create an efficient and predictable build environment, though they are currently coupled in their cache invalidation behavior (invalidating one layer affects the other).
+
 ### Cache Implementation
+
 The caching mechanism is implemented through an efficient file movement strategy. This approach ensures near-instantaneous cache operations through simple directory relocation within the container, implementing the following characteristics:
+
 - Files are moved between `/build/source` and `/build/cache` using container-level rename operations
 - No packaging, compression, or network transfer is involved
 - Cache preservation is achieved through simple directory relocation within the container
 - Files maintain their original state and permissions throughout the process
+
 :::note
 See detailed [build process lifecycle](#build-process-lifecycle).
 :::
+
 ## Configuration Guide
+
 ### Essential zerops.yaml Fields
+
 The following fields in `zerops.yaml` affect build cache behavior:
+
 **Direct Cache Configuration**:
 - `build.cache`: Explicitly defines what should be cached through paths or patterns
+
 **Cache Invalidation Triggers**:
 These parameters trigger cache invalidation when modified:
 - `build.os`: Base operating system selection
 - `build.base`: Pre-installed software stacks and runtimes
 - `build.prepareCommands`: System preparation and dependency installation
 - `build.cache`: Changes to cache configuration
+
 **Build Artifact Generation**:
 - `build.buildCommands`: Generates the build artifact that will be deployed.
+
 ## Cache Configuration Patterns
+
 ### Pattern 1: System-Wide Cache Control
 ```yaml
 build:
@@ -6229,20 +8774,25 @@ build:
   # OR
   cache: false  # Intended to disable all caching
 ```
+
 The boolean values provide system-wide cache control:
+
 `cache: true`:
 - Preserves the entire build container state
 - Maintains system-level package installations
 - Ideal for globally installed packages (Python/PHP packages, Go modules)
+
 `cache: false`:
 - Intended to disable all caching
 - Currently, due to layer coupling, only files within `/build/source` are not cached
 - Everything outside `/build/source` remains cached (see [Common Pitfalls: Layer Coupling](#current-pitfalls))
+
 ### Pattern 2: Path-Specific Caching
 ```yaml
 # Single path
 build:
   cache: node_modules
+
 # Multiple paths
 build:
   cache:
@@ -6250,16 +8800,21 @@ build:
     - package-lock.json
     - .build
 ```
+
 Execution flow:
 1. Source code extraction to `/build/source`
 2. Build command execution
 3. Specified path preservation in `/build/cache`
 4. Cached content restoration (no-clobber mode - source files take precedence)
+
 :::tip
 Ideal for non-versioned dependencies in your working directory (e.g., `node_modules`, `vendor`, `.venv`).
 :::
+
 ## Path Pattern Reference
+
 Zerops supports [Go's filepath.Match](https://pkg.go.dev/path/filepath#Match) syntax. Consider this example structure:
+
 ```
 ├── node_modules/
 ├── package.json
@@ -6269,6 +8824,7 @@ Zerops supports [Go's filepath.Match](https://pkg.go.dev/path/filepath#Match) sy
     ├── file2.txt
     └── file3.md
 ```
+
 Pattern examples and matches:
 ```yaml
 build:
@@ -6277,33 +8833,44 @@ build:
     - "package*"          # Matches: package.json, package-lock.json
     - "node_modules"      # Matches: entire node_modules directory recursively
 ```
+
 :::note
 All patterns resolve relative to `/build/source`. Path variations like `./node_modules`, `node_modules`, and `node_modules/` are treated identically.
 :::
+
 ## Build Process Lifecycle
+
 1. **Initialization Phase**
    - Build container startup
    - Builder process launch
    - Source code loading into `/build/source`
+
 2. **Cache Restoration Phase**
    - Cached file movement to `/build/source` (no-clobber mode)
    - Source file precedence handling
    - Conflict logging (no build interruption)
    - Cache directory cleanup
+
 3. **Build Execution Phase**
    - Build command processing
    - Artifact packaging (`build.deployFiles`)
+
 4. **Cache Preservation Phase**
    - Specific cache files movement outside `/build/source`
    - `/build/source` directory cleanup
    - Container termination
+
 ## Cache Invalidation Reference
+
 The build cache invalidates under these conditions:
+
 1. **Manual Triggers**
    - API call: `DELETE /service-stack/{id}/build-cache`
    - GUI: Manual cache clear action
+
 2. **Version Management**
    - Backup app version activation via `PUT /app-version/{id}/deploy`
+
 3. **Configuration Changes**
    Any modifications to:
    ```yaml
@@ -6312,8 +8879,11 @@ The build cache invalidates under these conditions:
    build.prepareCommands
    build.cache
    ```
+
 ### Current Pitfalls
+
 The current implementation has some important characteristics:
+
 1. **Layer Coupling**
    ```yaml
    build:
@@ -6326,6 +8896,7 @@ The current implementation has some important characteristics:
      cache: false
    ```
    Even with `cache: false`, Go modules outside `/build/source` remain cached.
+
 2. **Cascade Invalidation**
    ```yaml
    build:
@@ -6340,7 +8911,9 @@ The current implementation has some important characteristics:
        - node_modules
    ```
    Modifying `prepareCommands` invalidates both layers, including cached `node_modules`.
+
 ## Real-World Implementation Examples
+
 ### Node.js Project with TypeScript
 ```yaml
 build:
@@ -6354,6 +8927,7 @@ build:
     - .turbo
     - package-lock.json
 ```
+
 ### Go Project with Multiple Dependencies
 ```yaml
 build:
@@ -6365,6 +8939,7 @@ build:
     - go build -o bin/app cmd/main.go
   cache: true  # Caches entire Go modules directory
 ```
+
 ### PHP/Laravel Project
 ```yaml
 build:
@@ -6376,147 +8951,227 @@ build:
     - vendor
     - composer.lock
 ```
+
 ## Debugging and Monitoring
+
 * **Build Logs**
    - Cache operations are detailed in build logs
    - File conflicts during restoration are logged
    - Cache preservation status is visible
+
 ## Implementation Best Practices
+
 ### Cache Strategy Optimization
+
 1. **Layer Management**
    - Maintain stable `prepareCommands` to prevent cache invalidation
    - Group related prepare commands logically
+
 2. **Performance Optimization**:
    - Cache package manager lock files alongside dependency directories
    - Use system-wide caching (`cache: true`) for languages with global package managers
+
 3. **Performance Tuning**
    - Leverage system-wide caching for complex builds
    - Monitor build logs for cache operations and potential conflicts
    - Use explicit patterns for precise control
    - Don't over-optimize – the system handles large caches efficiently
+
 ## Future Development
+
 Planned system enhancements include:
 - Layer independence implementation
 - Granular cache control mechanisms
 - Enhanced layer management capabilities
 - Improved cache invalidation patterns
 
+
 ----------------------------------------
 
 # Features > Cdn
 
+
 Zerops CDN is a global content delivery network that brings your static content closer to your users, resulting in faster load times and improved user experience. Built on Nginx and Cloudflare geo-steering technology, our CDN automatically routes users to the nearest server location based on their DNS request.
+
 ## Key Benefits
+
 - **Global Reach**: Serve content from strategic locations across the world
 - **Reduced Latency**: Content is delivered from the server closest to your users
 - **Simple Integration**: No complex configuration required
+
 ## Global CDN Infrastructure
+
 Zerops CDN operates across **6 strategic regions** to ensure your content is always delivered from a location close to your users:
-  
-      Region
-      Location
-      Coverage Area
-    
-      EU
-      CZ
-      Prague, Czech Republic
-      Primary European coverage + failover for all regions
-    
-      DE
-      Falkenstein, Germany
-    
-      UK
-      London, United Kingdom
-      UK and surrounding areas
-    
-      AU
-      Sydney, Australia
-      Australia and Oceania
-    
-      SG
-      Singapore, Singapore
-      Southeast Asia
-    
-      CA
-      Beauharnois, Canada
-      North America
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="w-fit" colspan="2">Region</th>
+      <th className="w-fit">Location</th>
+      <th className="w-fit">Coverage Area</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold" rowspan="2">EU</td>
+      <td className="w-fit font-semibold">CZ</td>
+      <td className="w-fit">Prague, Czech Republic</td>
+      <td className="w-full" rowspan="2">Primary European coverage + failover for all regions</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">DE</td>
+      <td className="w-fit">Falkenstein, Germany</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold" colspan="2">UK</td>
+      <td className="w-fit">London, United Kingdom</td>
+      <td className="w-full">UK and surrounding areas</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold" colspan="2">AU</td>
+      <td className="w-fit">Sydney, Australia</td>
+      <td className="w-full">Australia and Oceania</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold" colspan="2">SG</td>
+      <td className="w-fit">Singapore, Singapore</td>
+      <td className="w-full">Southeast Asia</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold" colspan="2">CA</td>
+      <td className="w-fit">Beauharnois, Canada</td>
+      <td className="w-full">North America</td>
+    </tr>
+   </tbody>
+</table>
+
 ### Geo-Steering Technology
 Zerops CDN's geo-steering technology automatically routes users to the server location closest to them. Here's how it works:
+
 * **Automatic routing**: Users are directed to the optimal CDN node based on their geographic location
 * **Quick failover**: The DNS TTL is set to just 30 seconds, allowing fast recovery if a node fails
 * **Redundancy**: If any node becomes unavailable, Cloudflare automatically redirects traffic to the next closest node
 * **Reliable backup**: The EU region serves as the ultimate fallback - if all other nodes go down, EU will always be served in DNS
+
 ## CDN Modes and Implementation
+
 Zerops CDN currently supports two distinct usage modes (with a third mode coming soon), each designed for specific content delivery needs.
+
 ### Object Storage Mode
+
 Perfect for efficiently delivering media files, documents, and other static assets stored in Zerops [Object Storage](/object-storage/overview) to users across different geographical regions.
+
 **Setup process:**
 1. Create an Object Storage service or select an existing one
 2. Enable the CDN option for this service
 3. Set appropriate public read access policies for objects you want to serve via CDN
+
 **Accessing content:**
 ```txt
 https://storage.cdn.zerops.app/your-bucket/path/to/file
 ```
+
 :::tip
 Access the storage CDN URL via the `storageCdnUrl` **project** environment variable `${storageCdnUrl}/your-bucket/path/to/file`.
 :::
+
 ### Static Mode
+
 Ideal for caching and delivering static website assets like HTML, CSS, JavaScript, and images served from your custom domains.
+
 **Setup process:**
 1. Configure domain access for your service through the L7 HTTP Balancer section
 2. Access domain settings via the **three dots menu** or **gear icon** next to your domain entry
 3. In the "Project Domain Access Modification" dialog, enable the **"Enable CDN for static files"** toggle
 4. Optionally enable "Automatically install SSL Certificates" if not already configured
+
 **Accessing content:**
 ```txt
 https://static.cdn.zerops.app/your-domain.com/path/to/file
 ```
+
 :::tip
 Access the static CDN URL via the `staticCdnUrl` **project** environment variable `${staticCdnUrl}/your-domain.com/path/to/file`.
 :::
+
 :::warning Wildcard Domains Not Supported
 Static CDN cannot be activated for wildcard domains (e.g., *.example.com). You must use specific domain names.
 :::
+
 ### API Mode *(Coming Soon)*
+
 Designed for caching API responses to reduce load on your backend services and deliver faster responses to clients.
+
 **Environment variable:** Once available, you'll be able to access the API CDN URL via the `apiCdnUrl` **project** environment variable.
+
 :::warning
 API Mode is currently under development and will be available in a future release.
 :::
+
 ### HTML Implementation Examples
+
 Here's how to integrate CDN URLs in your HTML code:
+
 ```html
+<!-- Compare: Direct Object Storage vs. CDN-accelerated Storage -->
+<!-- Direct from Object Storage -->
+
+<!-- Via CDN for faster global delivery -->
+
+<!-- Using environment variables in templates -->
+
+<!-- Compare: Direct Domain vs. CDN-accelerated Domain -->
+<!-- Direct from your domain -->
+<script src="/static/js/main.js"></script>
+
+<!-- Via CDN for faster global delivery -->
+<script src="https://static.cdn.zerops.app/your-domain.com/static/js/main.js"></script>
 ```
+
 ### Testing Specific CDN Nodes
+
 For testing or debugging purposes, you can bypass the automatic geo-steering and access a specific CDN node directly:
+
 ```
 https://{region}-{mode}.cdn.zerops.app/path/to/content
 ```
+
 Available region prefixes: `cz`, `de`, `au`, `sg`, `uk`, and `ca`
+
 **Examples:**
 - Test Australia node: `https://au-storage.cdn.zerops.app/my-bucket/test.jpg`
 - Test UK node: `https://uk-static.cdn.zerops.app/my-domain.com/index.html`
+
 ## Managing CDN Content
+
 ### Cache Lifecycle
+
 Content served through Zerops CDN follows this lifecycle:
+
 1. **First Request**: When a user requests content not yet in the CDN cache, the request goes to the origin server (your Zerops service), and the response is cached at the CDN node
 2. **Subsequent Requests**: Further requests for the same content are served directly from the CDN cache, reducing latency and origin server load
 3. **Cache Expiration**: By default, content remains cached for 30 days unless explicitly purged
 4. **Automatic Management**: When CDN storage reaches capacity, the least recently used content is automatically removed
+
 :::note Important Cache Behavior
 Zerops CDN implements a fixed 30-day TTL policy. Currently, HTTP caching headers such as `Cache-Control`, `Expires`, `Pragma`, etc. do not influence CDN caching behavior. To refresh content sooner than the 30-day period, use the [purge API](#api-reference).
+
 Your `Cache-Control` headers will still affect browser caching behavior.
 :::
+
 ### When to Purge Cache
+
 You should consider purging cached content when:
+
 - **Content Updates**: You've updated content but kept the same URL (e.g., updated images, CSS files)
 - **Deployment Rollouts**: You've deployed a new version of your application
 - **Emergency Removal**: You need to immediately remove content that was accidentally made public
 - **Testing Changes**: You want to ensure users see the latest version during testing
+
 ### Purging Cached Content
+
 Zerops provides multiple ways to manage and purge cached content before its normal expiration:
+
 - **Command Line**: Use the `zsc cdn purge` [command](/references/zsc#cdn) available in all Zerops containers:
   ```sh
   # Purge all content for a domain
@@ -6526,84 +9181,115 @@ Zerops provides multiple ways to manage and purge cached content before its norm
   # Purge specific file
   zsc cdn purge example.com "/path/to/my-file$"
   ```
+
   :::important
     - This command must be executed in any container within the project that has the CDN-enabled domain active
     - Currently only works for [Static Mode](#static-mode) CDN
   :::
+
 - **API Endpoints**: For programmatic control, use the [API endpoints](#api-reference). Here are ready-to-use curl examples for quickly purging content in your scripts:
+
   ```sh
   # Static mode: Purge all content for a domain
   curl --location --request PUT "https://api.app-prg1.zerops.io/api/rest/public/project/$PROJECT_ID/purge-cdn/static/$DOMAIN/*" \
   --header "Authorization: Bearer $USER_OR_ACCESS_TOKEN"
   ```
+
   ```sh
   # Storage mode: Purge all content for object storage
   curl --location --request PUT "https://api.app-prg1.zerops.io/api/rest/public/service-stack/$OBJECT_STORAGE_SERVICE_ID/purge-cdn/*" \
   --header "Authorization: Bearer $USER_OR_ACCESS_TOKEN"
   ```
+
 #### Purge Pattern Examples
-  
-      Pattern
-      Description
-      Example
-    
-      `/*`
-      Purges all content
-      Useful after major updates
-    
-      `/images/*`
-      Purges all content in a directory
-      Clear all cached images
-    
-      `/css/main.css$`
-      Purges a specific file
-      Update a single CSS file
-    
-      `/2023*`
-      Purges content starting with pattern
-      Clear content with date prefix
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="w-fit">Pattern</th>
+      <th className="w-fit">Description</th>
+      <th className="w-fit">Example</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">`/*`</td>
+      <td className="w-fit">Purges all content</td>
+      <td className="w-full">Useful after major updates</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">`/images/*`</td>
+      <td className="w-fit">Purges all content in a directory</td>
+      <td className="w-full">Clear all cached images</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">`/css/main.css$`</td>
+      <td className="w-fit">Purges a specific file</td>
+      <td className="w-full">Update a single CSS file</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">`/2023*`</td>
+      <td className="w-fit">Purges content starting with pattern</td>
+      <td className="w-full">Clear content with date prefix</td>
+    </tr>
+   </tbody>
+</table>
+
 :::warning Pattern Rules
 - Wildcards (`*`) must be at the end of the pattern
 - Specific files must include `$` at the end
 - Nested wildcards (e.g., `/dir/*.jpg`) are not supported
 :::
+
 ## API Reference
+
 Zerops provides a comprehensive set of API endpoints to manage your CDN configuration and content. For complete information about base URLs, authorization, and general API usage, please refer to our [API specification](/references/api).
+
 The endpoint links below will take you to the Swagger documentation with detailed request/response schemas and examples:
+
 ### CDN Management API
+
 - **[Enable CDN for Storage ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStack/EnableStorageCdn)** `PUT /api/rest/public/service-stack/{id}/cdn`
 - **[Disable CDN for Storage ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStack/DisableStorageCdn)** `DELETE /api/rest/public/service-stack/{id}/cdn`
 - **[Create Object Storage with CDN ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStackObjectStorage/CreateObjectStorageV1)** `POST /api/rest/public/service-stack/object_storage_v1`
 - **[Create Domain Routing with CDN ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicPublicHttpRouting/CreatePublicHttpRouting)** `POST /api/public/public-http-routing`
 - **[Update Domain Routing with CDN ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicPublicHttpRouting/UpdatePublicHttpRouting)** `PUT /api/public/public-http-routing/{id}`
+
 ### Cache Purge API
+
 - **[Purge Storage Mode Cache ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStack/PurgeStorageCdn)** `PUT /api/rest/public/service-stack/{id}/purge-cdn/{path}`
 - **[Purge Static Mode Cache ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicProject/PurgeStaticCdn)** `PUT /api/rest/public/project/{id}/purge-cdn/static/{domain}/{path}`
-- **Purge Api Mode Cache *(Coming soon)*** 
+- **Purge Api Mode Cache *(Coming soon)***
+
 ## Troubleshooting
+
 Having issues with your CDN? Here are solutions to the most common problems:
+
 #### Content Not Updated After Changes
 * **Issue:** You've updated content, but users still see the old version.
 * **Possible Cause:** The CDN cache is continuing to serve the previously cached version.
 * **Solution:**
     - Use the [purge API](#api-reference) with the specific content path
     - For immediate changes, use versioned file names (e.g., `style.v2.css` instead of just `style.css`)
+
 #### Content Not Being Cached
 * **Issue:** Your content isn't being cached by the CDN.
 * **Possible Cause:** Missing public read permissions on objects.
 * **Solution:**
     - For object storage: Check bucket and object access policies
     - Verify the object is accessible directly before attempting CDN access
+
 :::note
 Remember that only publicly accessible objects will be cached by the CDN. Private objects will always be fetched directly from the origin.
 :::
+
 #### Environment Variables Not Available
 * **Issue:** You can't access the new CDN-related project level environment variables in your containers.
 * **Possible Cause:** When new environment variables are created, existing services need to be restarted to access them. Services created before the CDN feature release require special handling.
 * **Solution:**
     - For services created after CDN release: Restart the service to apply the new environment variables
     - For services created before CDN release: Add and then remove a dummy environment variable in the project settings adn restart the service
+
 #### Unexpected 404 Errors
 * **Issue:** Users receive 404 errors when accessing content via CDN.
 * **Possible Cause:** Incorrect CDN URL formatting or missing content at origin.
@@ -6611,77 +9297,407 @@ Remember that only publicly accessible objects will be cached by the CDN. Privat
     - Double-check your [URL structure](#) (pay attention to domain names and paths)
     - Verify content exists at the origin before attempting CDN access
     - Test accessing the content directly from origin first
+
 **Correct URL patterns:**
 - Object Storage: `https://storage.cdn.zerops.app/your-bucket/path/to/file`
 - Static Mode: `https://static.cdn.zerops.app/your-domain.com/path/to/file`
+
 ---
+
 *Need help implementing CDN in your project? Join our [Discord community](https://discord.gg/zeropsio) where our team and other Zerops users can assist you!*
 
 ----------------------------------------
 
-# Features > Container Vs Vm
+# Features > Coding Agents
 
-Ever wondered why container technologies like Docker took over the development world so quickly? Let's break down the real differences between traditional VMs and containers - and why you might want to use one over the other.
-## Key Distinctions
-**Containers** are like lightweight packages that contain just your app and what it needs to run, sharing resources with your main system.
-**Virtual Machines** are like having a whole computer inside your computer. Complete with its own operating system, memory, and everything else.
-### Why Developers Love Containers
-#### They're Fast
-- Start up in seconds (not minutes)
-- Take up way less space
-- You can run many more of them on the same hardware
-#### They're Consistent
-- Works on your machine? Will work on everyone's machine
-- No more "but it works locally" problems
-- Same environment from development to production
-#### They're Simple
-- Easy to share with your team
-- Quick to update and modify
-- Less configuration headaches
-### When VMs Still Make Sense
-Sometimes you actually want a full computer-within-a-computer:
-- You need to run a completely different operating system
-- You're dealing with legacy applications that need specific system configurations
+
+Zerops was built on the idea of **environment parity** — giving developers the full development lifecycle, from remote development to highly available production, with the observability and developer tools for maximum flexibility, and sensible defaults so the configs stay reasonable. Turns out that's **exactly what coding agents need** to produce and iterate on production-ready applications.
+
+## What is it
+
+An **[MCP server](/zcp/overview)** for your agents — with an optional remote cloud development environment container to run them in — that makes use of the flexibility and processes Zerops provides. There's no "Zerops system prompt" hogging your context window. The MCP server is a thin layer that makes **your agent a Zerops platform power user** — when needed — so it understands:
+
+- how networking, scaling, debugging, build & deployment, environment variables, and service provisioning work on the platform
+- the development loop: start a dev server → implement → deploy to stage → verify
+
+The depth of the platform underneath is what gives the agent room to actually work. A single agent can scaffold and iterate on projects with multiple runtimes (`app`, `api`, `worker`) backed by multiple [managed services](/features/infrastructure) (object storage `storage`, Postgres `db`, Elasticsearch `search`, NATS `broker`, Valkey `cache`) — just as easily as it can work on a simple Next.js presentational website.
+
+A **[recipe ecosystem](https://app.zerops.io/recipes)** covering the most popular frameworks — pre-prepared for the whole lifecycle — gives the agent a baseline to start from, or a guide for setting up any stack on Zerops.
+
+```text
+  ┌─ ZCP MCP ────┐    ┌─ recipes for any stack ────────────────────────────────┐
+  │              │    │                                                        │
+  │  Claude Code │    │                                                        │
+  │     Codex    │    │   Bun, Deno, Node.js, Go, Java, Python, Rust, Gleam    │
+  │  Gemini CLI  ├───►│                                                        │
+  │   opencode   │    │ Ruby, PHP, .NET, Laravel, Next.js, Nuxt, Astro, Svelte │
+  │              │    │                                                        │
+  └───────┬──────┘    │   React, Vue, Angular, Solid, Qwik, Analog, Nest.js    │
+          │           │                                                        │
+          │           │                                                        │
+          │           └────────────────────────────────────────────────────────┘
+          │
+          │    zcp with agent has root ssh access to runtime services,
+          │      runs dev server on dev, deploys to stage, verifies
+          │
+          ├───────────────────────────────────────────────────────────────┐
+          │                                                               │
+┌─ complex project ────────────────────────────────────────┐    ┌─ simple project ───┐
+│         │                                                │    │         │          │
+│         ▼                                                │    │         ▼          │
+│  ┌────────────┐                                          │    │    ┌──────────┐    │
+│  │    zcp     │                                          │    │    │   zcp    │    │
+│  │   Ubuntu   │                                          │    │    │  Ubuntu  │    │
+│  └────────────┘                                          │    │    └──────────┘    │
+│                                                          │    │                    │
+│  ┌────────────┐      ┌────────────┐      ┌────────────┐  │    │    ┌──────────┐    │
+│  │   appdev   │      │   apidev   │      │ workerdev  │  │    │    │  appdev  │    │
+│  │    Bun     │      │   Golang   │      │   Python   │  │    │    │ Node.js  │    │
+│  └────────────┘      └────────────┘      └────────────┘  │    │    └──────────┘    │
+│                                                          │    │                    │
+│  ┌────────────┐      ┌────────────┐      ┌────────────┐  │    │    ┌──────────┐    │
+│  │  appstage  │      │  apistage  │      │workerstage │  │    │    │ appstage │    │
+│  │    Bun     │      │   Golang   │      │   Python   │  │    │    │ Node.js  │    │
+│  └────────────┘      └────────────┘      └────────────┘  │    │    └──────────┘    │
+│                                                          │    └────────────────────┘
+│  ┌────────┐ ┌────────┐ ┌────────┐ ┌────────┐ ┌────────┐  │
+│  │   db   │ │ search │ │ broker │ │ cache  │ │storage │  │
+│  │Postgres│ │Elastic │ │  NATS  │ │ Valkey │ │   S3   │  │
+│  └────────┘ └────────┘ └────────┘ └────────┘ └────────┘  │
+└──────────────────────────────────────────────────────────┘
+
+```
+
+:::tip[Platform-first, not agent-first]
+
+Most coding-agent platforms went agent-first, then bolted on infrastructure — where it runs, how it reaches the database, how its output becomes production-ready, which third-party services to wire up. **Zerops went platform-first.** The complete development lifecycle existed before coding agents did; we taught them to operate it — **not just how to call APIs, but how to ship software the way a senior developer would.**
+
+:::
+
+## Main features
+
+### Your agent, your subscription
+
+Bring whichever agent you already use. Claude Code today; Codex, Gemini CLI, opencode, and any MCP-capable client next. The container is a regular Ubuntu — install your own CLI tools, drop in your `.claude` / `.cursor` configs, attach your IDE over SSH. **Zerops doesn't resell tokens or proxy your model calls** — sign in with your own Anthropic / OpenAI / Google subscription and the agent talks to its provider directly.
+
+### An ordinary Zerops project underneath
+
+The agent operates inside a normal Zerops project — same shape as production. Managed databases (PostgreSQL, MariaDB, ClickHouse), key-value stores (KeyDB, Valkey), search (Elasticsearch, Meilisearch, Typesense), vector store (Qdrant), message queues (NATS, Kafka), object and shared storage, managed Nginx — all on a private network, addressable by hostname. The same pipeline that deploys here can deploy to a separate HA production project with no `zcp` service attached. Not a sandbox the work outgrows.
+
+### Human ↔ agent handover
+
+The agent and the human share the same workspace — same filesystem, same SSH key, same Cloud IDE in the browser, same remote-dev attach from your local IDE. Take over mid-session, set something up before the agent runs, debug in the same container the agent just left. Nothing reaches production until you merge the PR — the agent opens it, you gate it.
+
+### Recipes for any stack
+
+Runtimes for Bun, Deno, Node.js, Go, Python, Rust, Java, .NET, PHP, Elixir, Gleam — with curated recipes for the framework on top: Next.js, Nuxt, Astro, Svelte, React, Vue, Angular, Solid, Qwik, Analog, NestJS, Laravel, and more. Pick a recipe, select the **AI Agent** environment, and the project comes up with a working dev runtime, a stage runtime, the right managed services wired in, and a coding agent briefed on the Zerops surface.
+
+## How it works in practice
+
+The agent reaches your project's private network one of two ways:
+
+- **Remote** — a `zcp` service deployed into the project runs the agent. You attach to it with Claude Code's IDE extension, with any IDE that supports remote development (Cursor, Windsurf, VS Code Remote), or by running [`zcli vpn up`](/references/networking/vpn) and ssh-ing into `zcp` to drive the rest of the project from a shell.
+- **Local** — install the `zcp` MCP on your machine and run `zcli vpn up` to join the network. From there your IDE, agent, and shell can ssh directly into any container.
+
+Either way, the agent reaches [managed services by hostname](/references/networking/internal-access) (`db:5432`, `cache:6379`), deploys through the [Zerops pipeline](/features/pipeline), and reads logs and events the same way you would.
+
+**Remote (zcp service)**
+
+```text
+                      https://my-app.com
+                               │
+                               ▼
+┌────────────────────────────────────────────────────────────┐
+│        Zerops development project (private network)        │
+│ ┌─────────────────┐  ┌──────────┐  ┌──────────┐            │
+│ │ project ctrl    │  │  stats   │  │  logger  │            │
+│ │ + L3 balancer   │  │          │  │          │            │
+│ │ + firewall      │  │          │  │          │            │
+│ └────────┬────────┘  └──────────┘  └──────────┘            │
+│          │                                                 │
+│ ┌────────┴────────┐                                        │
+│ │   L7 balancer   │                                        │
+│ │     (Nginx)     │                    control plane       │
+│ └────────┬────────┘               ssh into other services  │
+│          │                        dev runtime fs mounted   │
+│          ├─────────────────┬─────────────────┐             │
+│   ┌──────┴──────┐  ┌───────┴───────┐  ┌──────┴──────┐      │
+│   │ appdev:3000 │  │ appstage:3000 │  │ zcp service │      │
+│   │ dev runtime │  │ stage runtime │  │ agent + MCP │      │
+│   └──────┬──────┘  └───────┬───────┘  └──────┬──────┘      │
+│          │                 │                 │             │
+│          └─────────────────┼─────────────────┘             │
+│                            │                               │
+│             ┌──────────────┴────────────┐                  │
+│             │                           │                  │
+│      ┌──────┴──────┐             ┌──────┴──────┐           │
+│      │ db:5432     │             │ cache:6379  │           │
+│      │ Postgres    │             │ Valkey      │           │
+│      └─────────────┘             └─────────────┘           │
+│                                                            │
+└────────────────────────────────────────────────────────────┘
+```
+
+**Local (zcli vpn up)**
+
+```text
+                      https://my-app.com
+                               │
+                               ▼
+┌────────────────────────────────────────────────────────────┐
+│        Zerops development project (private network)        │
+│ ┌─────────────────┐  ┌──────────┐  ┌──────────┐            │
+│ │ project ctrl    │  │  stats   │  │  logger  │            │
+│ │ + L3 balancer   │  │          │  │          │            │
+│ │ + firewall      │  │          │  │          │            │
+│ └────────┬────────┘  └──────────┘  └──────────┘            │
+│          │                                                 │
+│ ┌────────┴────────┐                                        │
+│ │   L7 balancer   │                                        │
+│ │     (Nginx)     │                                        │
+│ └────────┬────────┘                                        │
+│          │                                                 │
+│          ├─────────────────┐                               │
+│   ┌──────┴──────┐  ┌───────┴───────┐                       │
+│   │ appdev:3000 │  │ appstage:3000 │                       │
+│   │ dev runtime │  │ stage runtime │                       │
+│   └──────┬──────┘  └───────┬───────┘                       │
+│          │                 │                               │
+│          └────────┬────────┘                               │
+│                   │                                        │
+│             ┌─────┴─────────────────────┐                  │
+│             │                           │                  │
+│      ┌──────┴──────┐             ┌──────┴──────┐           │
+│      │ db:5432     │             │ cache:6379  │           │
+│      │ Postgres    │             │ Valkey      │           │
+│      └─────────────┘             └─────────────┘           │
+│                                                            │
+└──────────────────────────────▲─────────────────────────────┘
+                               │
+                               │ VPN tunnel
+                               │
+              ┌────────────────┴────────────────┐
+              │ IDE / terminal                  │
+              │ + agent                         │
+              │ + zcp MCP                       │
+              │                                 │
+              │ $ curl zerops.io/zcp/install.sh │
+              │ $ zcp init                      │
+              │ $ zcli vpn up                   │
+              └─────────────────────────────────┘
+```
+
+The agent runs through two workflows. **Bootstrap** settles which services and runtime targets the app needs. **Develop** is the short work loop — edit code on `appdev`, deploy to `appstage`, check it's reachable, verify behavior against `db:5432` and `cache:6379`, fix from evidence. A session ends with a URL you can open, or a specific blocker — failure category, attempts, what's still needed. Same hostnames, same managed services, same pipeline as production — just at smaller scale. See [Workflows in depth](/zcp/reference/agent-workflow) for both.
+
+```text
+    zcp (local or remote)
+             │
+             ▼
+    edit code on appdev   ◀────────────────────────┐
+       └ dev server, hot reload                    │
+             │                                     │
+             ▼                                     │
+    deploy to appstage                             │
+             │                                     │
+             ▼                                     │
+    check reachability                             │
+             │                                     │
+             ▼                                     │
+    verify behavior   ─── fail ─────┐              │
+             │                      │              │
+             │ pass                 ▼              │
+             ▼               read logs / events    │
+    URL (proof)             fix from evidence ─────┘
+```
+
+Once the loop produces verified work, the agent doesn't push to production. It hands off — through whichever path your team uses: a tag push, a protected-branch merge, a manual `zcli` release, a pull request, or a CI job. **A human gates the release**, and the production deploy runs into a [separate production project](/zcp/security/production-policy) that has no `zcp` service at all.
+
+```text
+      Dev project                 GitHub                  Prod project
+
+┌─────────────────────┐       ┌──────────────┐       ┌─────────────────────┐
+│  appdev             │       │              │       │   app    (HA)       │
+│  appstage           │       │  Pull        │       │                     │
+│                     │ push  │  Request     │ CI/CD │   db     (HA)       │
+│  db, cache          │ ────▶ │              │ ────▶ │                     │
+│                     │       │  + human     │       │   cache  (HA)       │
+│  zcp service        │       │    review    │       │                     │
+│                     │       │              │       │   (no zcp service)  │
+└─────────────────────┘       └──────────────┘       └─────────────────────┘
+```
+
+## Where does this fit in the agent landscape
+
+With the model clear, here's where ZCP sits among adjacent tools. People say "agent infrastructure," "infra for Claude agents," "agent hosting," or "agent sandboxes" to mean different things — usually one of the categories below.
+
+#### PaaS MCPs
+
+_AWS MCP servers · Railway MCP · Fly.io MCP · Render MCP_
+
+Most major PaaS providers have shipped an MCP — provision services, deploy code, list resources, read operational state. Great for "let my agent ship to my Railway account." These are *deploy and operate* surfaces, driven from outside the platform — and they reflect what's underneath: platforms optimized for day-one deploy that tuck the infrastructure behind a wall. Once an agent needs to actually *develop* against that infrastructure — debug a failed health check, follow real logs, hit Postgres from inside the network, inspect what a build is doing, run the dev loop before it ships anything — the wall stops it. That's by design on those platforms, not a missing feature.
+
+#### Cloud VPS MCPs
+
+_Hetzner Cloud MCP · DigitalOcean MCP · Linode MCP · raw SSH/server MCPs_
+
+"Let your agent manage your Hetzner VPS." An MCP gives the agent access to a Linux box — provision it, SSH in, install Docker and Postgres and nginx, set up systemd units, point a domain at it. Maximum control, lowest cost, full Linux to play with. The same reason senior developers reach for managed platforms applies here: even if you *can* harden SSH, write nginx configs, tune `pg_hba.conf`, rotate TLS, set firewall rules, run fail2ban, and stay on top of CVEs across kernel, OpenSSL, Docker, Postgres, and nginx — you usually don't want to. Each layer is its own domain with its own gotchas, each is a security surface that drifts the moment you stop tending it, and every project becomes a snowflake. Hand that work to an agent and you also hand it the blast radius: misconfigured firewall, debug endpoint left open, port 5432 exposed to the internet, keys never rotated. ZCP is the inverse trade-off — the **guardrails** of a managed platform. Private networking, TLS, isolated services, safe defaults, managed backups, no exposed ports unless you opt in — all built in. The agent operates through [project-scoped MCP tools](/zcp/reference/mcp-operations) instead of `sudo` on a fresh Ubuntu box, so the mistakes that matter on a VPS aren't reachable from where it sits.
+
+#### Cloud dev environments with AI
+
+_GitHub Codespaces + Copilot Workspace · Gitpod · Coder_
+
+A managed Linux container in the cloud with your editor and an AI assistant attached. Solves "where the agent runs" so state survives between sessions and machine setup stops being a question. The `zcp` service is the closest thing in this category — managed Linux container, Cloud IDE, your agent of choice — except it lives *inside* a Zerops project, addressing the project's runtimes, database, and cache by hostname, with deploys and logs as primitives the agent can call.
+
+#### Bundled agent platforms
+
+_Replit Agent · Lovable · Bolt.new · v0 · Devin · OpenHands_
+
+The agent, the workspace, the stack, and (often) the hosting target are fused into one closed product. Fast for prototypes. Decisions are made for you. Switching agents usually means switching platforms, and production-grade primitives — a real dev/stage/prod release flow, private networking, observability — tend to be limited or absent. **ZCP doesn't bundle**: the agent and model stay yours on your own subscription, and the platform underneath is normal Zerops with the full stack of managed services, networking, deploys, and observability.
+
+#### Local coding agents
+
+_Cursor · Windsurf · Zed · Claude Code · Codex CLI · Aider · Cline_
+
+The agent runs on your machine, edits your local checkout, runs local commands. Excellent at code changes. Anything beyond your machine — databases, networking, deploy targets, runtime logs — is yours to wire in. Install the ZCP MCP locally and run `zcli vpn up`, and any of these agents can now reach a real Zerops project alongside your local code: services addressed by hostname, deploys, logs, events.
+
+#### Code-execution sandboxes
+
+_E2B · Modal · Daytona · CodeSandbox SDK_
+
+Ephemeral Linux environments that AI *applications* spin up — often per request — to execute generated code safely. The right primitive when you're building a product that needs a model to run untrusted code and hand back the output. They're a building block for AI applications, not somewhere a coding agent settles in to iterate on your project. Different shape from ZCP; they show up here because the names cluster nearby.
+
+#### Agent SDKs and frameworks
+
+_Cloudflare Agents · Vercel AI SDK · Mastra · Anthropic Agent SDK_
+
+Libraries for building and shipping agents to *your* users — tool calling, memory, orchestration, model providers, sometimes hosting. They're how somebody would build a product like ZCP, not where a coding agent runs against a project. Same disambiguation — adjacent on the shelf, different shape.
+
+## Where to start
+
+- [Quickstart](/zcp/quickstart) — AI Agent recipe, Claude Code, and a real product change in about five minutes.
+- [ZCP MCP overview](/zcp/overview) — What the `zcp` MCP gives the agent, where it runs, and how a run ends in proof or a blocker.
+- [Remote or local setup](/zcp/setup/choose-workspace) — Choose where the `zcp` MCP runs — inside Zerops with bundled tools, or beside your local editor.
+- [Build and ship](/zcp/workflows/build-with-zcp) — Runtime layout, development, delivery, packaging, and production release.
+
+
+----------------------------------------
+
+# Features > Container Vs Vm
+
+
+Ever wondered why container technologies like Docker took over the development world so quickly? Let's break down the real differences between traditional VMs and containers - and why you might want to use one over the other.
+
+## Key Distinctions
+
+**Containers** are like lightweight packages that contain just your app and what it needs to run, sharing resources with your main system.
+
+**Virtual Machines** are like having a whole computer inside your computer. Complete with its own operating system, memory, and everything else.
+
+### Why Developers Love Containers
+
+#### They're Fast
+- Start up in seconds (not minutes)
+- Take up way less space
+- You can run many more of them on the same hardware
+
+#### They're Consistent
+- Works on your machine? Will work on everyone's machine
+- No more "but it works locally" problems
+- Same environment from development to production
+
+#### They're Simple
+- Easy to share with your team
+- Quick to update and modify
+- Less configuration headaches
+
+### When VMs Still Make Sense
+
+Sometimes you actually want a full computer-within-a-computer:
+
+- You need to run a completely different operating system
+- You're dealing with legacy applications that need specific system configurations
 - You require maximum isolation for security reasons
+
 ### Real-World Comparison
+
 Think of it like this:
 - **Containers** are like apartments in a well-managed building (shared infrastructure, efficient, but with some limitations)
 - **VMs** are like having your own house (complete control, but with more overhead)
+
 ## Containers and VMs in Zerops
+
 ### Why Zerops Uses Both
+
 At Zerops, we use **containers** as our primary runtime environment - they're fast, efficient, and perfect for most modern development workflows. We've optimized our container infrastructure to handle nearly every type of application you might need to run.
+
 However, we also provide **VMs** when you need them, particularly for Docker-based workloads where the additional isolation is essential. Docker containers are a special case - in Zerops, they actually need to run inside VMs for proper security and isolation. While it's technically possible to run Docker in containers using privileged mode, this creates security vulnerabilities.
+
 ### When to Use What
-  
+
+<div className="grid grid-cols-1 md:grid-cols-2 gap-1 mt-1">
+  <div className="flex-1">
+  <h4 className="flex items-center gap-1 mb-0">
     Go with Containers when:
-  
-        Building modern web applications
-      
-        Working with microservices
-      
-        Need quick deployment and vertical scaling
-      
-        Want efficient resource usage
-      
+  </h4>
+  <ul className="list-none p-0 m-0 flex flex-col gap-0.5">
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Building modern web applications</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Working with microservices</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Need quick deployment and vertical scaling</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Want efficient resource usage</span>
+      </li>
+  </ul>
+  </div>
+  <div className="flex-1">
+  <h4 className="flex items-center gap-1 mb-0">
     Consider VMs when:
-  
-        Running legacy applications
-      
-        Need complete OS isolation
-      
-        Require specific hardware access
-      
-        Need to run Docker containers
-      
+  </h4>
+  <ul className="list-none p-0 m-0 flex flex-col gap-0.5">
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Running legacy applications</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Need complete OS isolation</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Require specific hardware access</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Need to run Docker containers</span>
+      </li>
+  </ul>
+  </div>
+</div>
+
 ### Resource Allocation
+
 Both containers and VMs in Zerops can have guaranteed resources:
 - Specific CPU cores
 - Dedicated memory
 - Controlled disk space
+
 The difference isn't in resource guarantee capabilities, but rather in how these resources are managed and isolated.
+
 ## The Bottom Line
+
 For most modern development work, containers are the way to go. They're faster, more efficient, and easier to work with. VMs still have their place, but unless you have a specific reason to use them, containers will usually make your life easier.
+
 *Remember: The goal is to spend less time managing infrastructure and more time building great applications. Choose the tool that lets you do that most effectively.*
+
 :::tip Pro Tip
 Not sure which to choose? Start with containers. You can always switch to VMs if you discover you need them for specific use cases.
 :::
@@ -6690,127 +9706,198 @@ Not sure which to choose? Start with containers. You can always switch to VMs if
 
 # Features > Debug Mode
 
+
 This document describes the debug mode configuration capabilities for service stacks in Zerops, allowing developers to pause execution at specific points during build and runtime processes for debugging purposes.
+
 ## Overview
+
 Debug mode introduces control over two distinct phases of deployment:
+
 - **Build phase** - When the `buildCommands` are executed
 - **Runtime prepare phase** - When the `prepareCommands` are executed
+
 For each phase, you can choose when to pause the execution:
 - **Disable** - No pausing, execution proceeds normally
 - **Before first command** - Execution stops before running any commands
 - **After last command** - Execution stops after all commands complete
 - **On command fail** - Execution stops when a command fails
+
 Each phase can be configured with its own debug settings without affecting the other phase.
+
 :::warning Important
 The entire build process, including any time spent in debug mode, has a maximum duration of 60 minutes. After this time limit is reached, the build process is automatically cancelled.
 :::
+
 ## Configuration
+
 The debug mode configuration can be found in your service detail under the **Pipelines & CI/CD settings**.
-  
+
 ## Debug Control
+
 When execution is paused in debug mode, you have several commands available to control the debugging process. Each command serves a specific purpose and affects the deployment process differently.
+
 ### Debug Pause Points
+
 There are three key points where execution can pause during deployment:
 - ➠ **Disable** - Do not pause
 - ↪ **Before First Command** - Paused before any commands run
 - ✖ **On Command Failure** - Paused when a command fails
 - ✔ **After Last Command** - Paused after all commands complete
+
 ### Available Commands
+
 #### Continuing Execution
 To proceed with the normal deployment process, use:
 ```bash
 zsc debug continue
 ```
-  
-      Pause Point
-      Behavior
-    
-      ↪ Before First Command
-      Begins running commands for the current phase until next possible pause point
-    
-      ✖ On Command Failure
-      Skips the failed command and continues deployment
-    
-      ✔ After Last Command
-      Moves to the next phase (from build to runtime prepare) or completes deployment
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Pause Point</th>
+      <th className="w-full">Behavior</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">↪ <i>Before First Command</i></td>
+      <td className="w-fit">Begins running commands for the current phase until next possible pause point</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✖ <i>On Command Failure</i></td>
+      <td className="w-fit">Skips the failed command and continues deployment</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✔ <i>After Last Command</i></td>
+      <td className="w-fit">Moves to the next phase (from build to runtime prepare) or completes deployment</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Marking Success
 To force a successful deployment status, use:
 ```bash
 zsc debug success
 ```
-  
-      Pause Point
-      Behavior
-    
-      ↪ Before First Command
-      Ends current phase without running any commands
-    
-      ✖ On Command Failure
-      Ignores the failure and ends current phase with success
-    
-      ✔ After Last Command
-      Concludes current phase with a successful status
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Pause Point</th>
+      <th className="w-full">Behavior</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">↪ <i>Before First Command</i></td>
+      <td className="w-fit">Ends current phase without running any commands</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✖ <i>On Command Failure</i></td>
+      <td className="w-fit">Ignores the failure and ends current phase with success</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✔ <i>After Last Command</i></td>
+      <td className="w-fit">Concludes current phase with a successful status</td>
+    </tr>
+  </tbody>
+</table>
+
 :::note
 Requires valid `deployFiles` to work properly (fails otherwise).
 :::
+
 #### Forcing Failure
 To terminate the deployment with a failure status, use:
 ```bash
 zsc debug fail
 ```
-  
-      Pause Point
-      Behavior
-    
-      ↪ Before First Command
-      Marks current phase as failed without running commands
-    
-      ✖ On Command Failure
-      Ends deployment with original error
-    
-      ✔ After Last Command
-      Overwrites successful execution with failed status and ends deployment
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Pause Point</th>
+      <th className="w-full">Behavior</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">↪ <i>Before First Command</i></td>
+      <td className="w-fit">Marks current phase as failed without running commands</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✖ <i>On Command Failure</i></td>
+      <td className="w-fit">Ends deployment with original error</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✔ <i>After Last Command</i></td>
+      <td className="w-fit">Overwrites successful execution with failed status and ends deployment</td>
+    </tr>
+  </tbody>
+</table>
+
 Each phase can be configured independently to pause at any of the points described above, giving you precise control over your debugging workflow. The 60-minute timeout ensures deployments don't remain blocked indefinitely.
+
 ## Usage Examples
+
 ### Example 1: Debugging Build Failures
-  
-      Build phase
-      ✖ On Command Failure
-    
-      Prepare runtime phase
-      ➠ Disable
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <tbody>
+    <tr>
+      <td className="w-fit"><b>Build phase</b></td>
+      <td className="w-fit">✖ <i>On Command Failure</i></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><b>Prepare runtime phase</b></td>
+      <td className="w-fit">➠ <i>Disable</i></td>
+    </tr>
+  </tbody>
+</table>
+
 This configuration allows you to:
 1. Inspect the container state after a failure
 2. Make necessary adjustments
 3. Use `zsc debug continue` to resume or `zsc debug fail` to abort
+
 ### Example 2: Validating Runtime Setup
-  
-      Build phase
-      ➠ Disable
-    
-      Prepare runtime phase
-      ✔ After Last Command
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <tbody>
+    <tr>
+      <td className="w-fit"><b>Build phase</b></td>
+      <td className="w-fit">➠ <i>Disable</i></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><b>Prepare runtime phase</b></td>
+      <td className="w-fit">✔ <i>After Last Command</i></td>
+    </tr>
+  </tbody>
+</table>
+
 ## Best Practices
+
 #### Targeted Debugging
 - Enable debug mode only for the specific phase you need to investigate
 - This minimizes disruption to the deployment process
 - Helps maintain clear debugging sessions
+
 #### Clean Up
 - Always remember to disable debug mode after completing your debugging session
 - Set both phases to **Disable**
 - Prevents unexpected pauses in future deployments
+
 #### Production Consideration
 - Be cautious when using debug mode in production environments
 - Paused executions can block deployments
 - Consider using separate development services for extended debugging sessions
+
 #### Timeout Awareness
 - Be mindful of the 60-minute maximum debug pause time (plan debugging sessions accordingly)
+
 ## Technical Considerations
+
 - Debug mode settings persist until explicitly changed
 - Build phase and runtime prepare phase operate independently
 - Debug commands are only available when execution is paused
@@ -6820,14 +9907,23 @@ This configuration allows you to:
 
 # Features > Env Variables
 
+
 Zerops manages environment variables at two scopes: service level and project level. These variables are handled automatically without requiring `.env` files.
+
 **On this page:** [Service Variables](#service-variables) · [Project Variables](#project-variables) · [Referencing Variables](#referencing-variables) · [Variable Isolation](#environment-variable-isolation) · [Restrictions](#variable-restrictions) · [Examples](#environment-variable-examples)
+
 ## Service Variables
+
 Variables that are specific to individual [services](/features/infrastructure#services).
+
 ### User-Defined Variables
+
 You can define service-level variables in two ways:
+
 #### 1. Build & Runtime Variables
+
 These variables are defined with `envVariables` attribute in the [build](/zerops-yaml/specification#envvariables-) or [run](/zerops-yaml/specification#envvariables--1) section of your `zerops.yaml` file and are accessible within their respective containers.
+
 ```yaml title="zerops.yaml"
 ...
   build:
@@ -6844,21 +9940,30 @@ These variables are defined with `envVariables` attribute in the [build](/zerops
       DB_USER: db
       DB_PASS: password
 ```
+
 See how to [reference variables](#referencing-variables) between services and between build and runtime environments. All variables must follow the [naming restrictions](#variable-restrictions).
+
 :::note
 Your application must be redeployed when updating environmental variables in `zerops.yaml`.
 :::
+
 #### 2. Secret Variables
+
 For storing sensitive data you don't want in your source repository. They can be updated without redeployment (though services need to be reloaded).
+
 Secret variables can be managed through:
+
 ##### GUI Interface
+
 Navigate to service details and find **Environment variables** in the menu. You can:
 - Add individual variables using the "Add secret variable" button
 - Edit individual variables through the menu that appears on hover
 - Use the bulk editor for managing multiple variables in .env format
-    
+
 ##### Import Configuration
+
 Create secret variables for a service with `envSecrets` attribute. See the complete [import.yaml structure](/references/import).
+
 ```yaml title="import.yaml"
 services:
   ...
@@ -6866,25 +9971,40 @@ services:
     S3_ACCESS_KEY_ID: 'your-secret-s3-key'
     S3_ACCESS_SECRET: 'your-s3-access-secret'
 ```
+
 ### System-Generated Variables
+
 Zerops automatically generates variables based on service type.
+
 These variables cannot be deleted and are always listed at the bottom of the environment variables page. Some are read-only (like `hostname`), while others can be edited (like `PATH`).
+
 These variables can also be [referenced](#referencing-variables).
+
 ## Project Variables
+
 Variables that apply across all services within a [project](/features/infrastructure#projects). These provide a way to share common configuration across services.
+
 They work similarly to service secret variables but at project scope - they're managed through the GUI and can be updated without redeployment (though services need to be reloaded).
+
 :::important
 Project variables are **automatically inherited** by all services in the project — both in build and runtime environments. You do not need to [reference](#referencing-variables) them in your `zerops.yaml`.
 :::
+
 ### User-Defined Variables
+
 You can set project-wide variables through:
+
 #### GUI Interface
+
 Access **Project environment variables** in your project detail to:
 - Add individual variables one by one
 - Edit individual variables
 - Use the bulk editor with .env format
+
 #### Import Configuration
+
 Create project variables with `envVariables` attribute. See the complete [import.yaml structure](/references/import).
+
 ```yaml title="import.yaml"
 project:
   ...
@@ -6892,55 +10012,89 @@ project:
     LOG_LEVEL: info
     API_VERSION: v1
 ```
+
 These variables will be automatically available in all services without any additional configuration.
+
 ### System-Generated Variables
+
 Zerops automatically generates project-level variables that are also automatically available in all services.
+
 ### Overriding Project Variables
+
 If you need a different value for a specific service, you can override a project variable by defining a service-level variable with the same key. See [Variable Precedence](#variable-precedence) for details on how conflicts are resolved.
+
 ```yaml title="zerops.yaml"
 run:
   envVariables:
     LOG_LEVEL: debug  # Overrides the project-level LOG_LEVEL for this service only
 ```
+
 ## Environment Variable Isolation
+
 A security feature that controls the **visibility** of environment variables across services within a project. This affects how [referencing variables](#referencing-variables) across services works.
+
 By default, Zerops isolates environment variables between services to enhance security and prevent unintended access to sensitive information. This isolation can be configured at both project and service levels.
+
 ### Isolation Modes
+
 Zerops supports two isolation modes:
-  
-      Mode
-      Description
-    
-      service
-      Default mode. Variables are isolated to their respective services. Services can only access their own variables and must explicitly reference variables from other services.
-    
-      none
-      Legacy mode. All variables from all services are automatically shared and accessible via prefixing.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Mode</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><code>service</code></td>
+      <td className="w-full"><strong>Default mode.</strong> Variables are isolated to their respective services. Services can only access their own variables and must explicitly reference variables from other services.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><code>none</code></td>
+      <td className="w-full"><i>Legacy mode.</i> All variables from all services are automatically shared and accessible via prefixing.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### Configuring Isolation
+
 #### Project-Level Isolation
+
 Zerops automatically creates the `envIsolation` project variable with the default value `service`. You only need to modify this if you want to disable isolation:
+
 ```yaml title="import.yaml"
 project:
   envIsolation: none  # Disables isolation, sharing all variables
 ```
+
 This can also be set through the Project Environment Variables section in the GUI.
+
 #### Service-Level Override
+
 Individual services can override the project-level isolation setting:
+
 ```yaml title="import.yaml"
 services:
   - hostname: db
     envIsolation: none  # This service's variables will be visible to all services
 ```
+
 :::tip
 You might set a database service to `envIsolation: none` to expose its connection details to other services, without having to manually reference them, while keeping the rest of your services isolated.
 :::
+
 :::note
 In import YAML, `envIsolation` can also be nested under `envVariables`/`envSecrets`. (If both are present, the nested version takes precedence).
 :::
+
 ### Accessing Variables Across Services
+
 #### With Isolation Enabled (`service` mode)
+
 When isolation is enabled, you must explicitly create reference variables to access variables from other services:
+
 ```yaml title="zerops.yaml"
 # In the 'app' service:
 run:
@@ -6948,48 +10102,70 @@ run:
     # Create a local reference to the 'password' variable from the 'db' service
     DB_PASSWORD: ${db_password}
 ```
+
 This approach gives you complete control over which variables are shared between services.
+
 #### With Isolation Disabled (`none` mode)
+
 When isolation is disabled, variables are automatically available across all services with the service name prefix:
+
 ```yaml
 # In any service, you can directly access:
 ${db_password}  # Accesses the 'password' variable from the 'db' service
 ```
+
 ### Best Practices for Variable Isolation
+
 1. **Use Default Isolation**: Keep the default `service` isolation for enhanced security.
 2. **Explicit References**: Create explicit references only for variables that need to be shared.
 3. **Naming Conventions**: Use clear naming patterns for reference variables (e.g. `DB_PASSWORD` for a reference to `db_password`).
 4. **Service-Level Exceptions**: Use service-level isolation overrides sparingly and only for services that need to expose their variables widely.
+
 ## Referencing Variables
+
 You can reference other variables using the `${variable_name}` syntax. This is used to reference **service-level variables**, not project variables (which are already automatically inherited).
+
 ### Within Same Service
+
 ```yaml
 envVariables:
   id: 42069
   hostname: app
   name: ${id}-${hostname}  # Results in: 42069-app
 ```
+
 ### Across Services
+
 How this works depends on your [environment variable isolation](#environment-variable-isolation) setting:
+
 **With Isolation Enabled** (`service` mode - default)
+
 Create an explicit reference in the destination service:
+
 ```yaml
 # In the 'app' service
 envVariables:
   # Creating a reference to the 'connectionString' from 'dbtest' service
   dbConnection: ${dbtest_connectionString}
 ```
+
 **With Isolation Disabled** (`none` mode)
+
 Variables from other services are automatically injected into the container and available using the service prefix format `servicename_variablename`:
+
 ```yaml
 # In any container, you can directly access variables from other services:
 # ${dbtest_connectionString}
 ```
+
 ### Between Build and Runtime Environments
+
 Build and runtime are two distinct environments in Zerops. Each environment can have its own set of variables, and you can use the same variable names in both environments since they are separate. Due to this separation, variables defined in one are not automatically accessible in the other.
+
 To share variables between environments, you need to use specific prefixes:
 - Use `RUNTIME_` prefix to access runtime variables during build
 - Use `BUILD_` prefix to access build variables during runtime
+
 ```yaml title="zerops.yaml"
 build:
   envVariables:
@@ -6998,35 +10174,52 @@ run:
   envVariables:
     API_KEY: "12345-abcde"       # Referenced in build with RUNTIME_ prefix
 ```
+
 ### Project Variables — No Reference Needed
+
 [Project variables](#project-variables) are **automatically available** in all services. Do not use the `${...}` syntax to reference them:
+
 ```yaml
 # ❌ Wrong - this shadows the project variable
 envVariables:
   PROJECT_NAME: ${PROJECT_NAME}
+
 # ✅ Correct - just use the project variable directly in your app
 # It's already available without any configuration
 ```
+
 If a project variable is named `LOG_LEVEL`, your application can read it directly — you don't need to add anything to your `zerops.yaml`.
+
 ## Variable Restrictions
+
 All environment variables must follow these restrictions:
+
 ### Key
 - Alphanumeric characters only (use `_` to separate words)
 - Must be unique within their scope
 - Case-sensitive
+
 ### Value
 - ASCII characters only
 - No EOL characters
+
 ## Variable Management
+
 ### Variable Precedence
+
 When the same environment variable key exists in multiple places, Zerops follows these precedence rules:
+
 1. Service-level variables take precedence over project variables
 2. Within service-level:
    - Build/runtime variables override secret variables
    - Build and runtime containers are separate environments
+
 ## Environment Variable Examples
+
 ### Variable Isolation Example
+
 Consider a project with three services: `api`, `db`, and `cache`:
+
 ```yaml title="Project structure"
 project:
   name: my-project
@@ -7046,114 +10239,313 @@ services:
       password: cacheServerPass
       port: 6379
 ```
+
 With this setup:
 - The `api` service can only access the specific `db` and `cache` variables it explicitly references
 - The `db` service cannot see any variables from `api` or `cache`
 - The `cache` service cannot see any variables from `api` or `db`
+
 If we changed the project's `envIsolation` to `none`, all services would be able to see all variables from all other services (prefixed with the service name).
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
 
 # Features > Infrastructure
 
+
 Zerops organizes your infrastructure into three hierarchical levels: **projects**, **services**, and **containers**. This structure provides secure networking, resource isolation, and scalable application deployment.
+
 ## Projects
+
 A project is the top-level entity in Zerops, functioning as a private network where services can communicate internally and share environment variables. Each project provides essential infrastructure including load balancing, routing, and container orchestration.
+
 ### Key Project Features
+
 - **Private Networking**: All services within a project share a secure network
 - **Environment Variables**: Services can access shared environment variables
 - **IPv6/IPv4 Addressing**: Each project receives an IPv6 address, with optional IPv4 addressing
 - **Integrated Security**: Built-in firewall and SSL certificate management
+
 :::tip Project Organization
 Consider your project strategy carefully. Create separate projects for different environments (dev/staging/prod) or consolidate related applications in a single project to optimize resources and simplify networking.
 :::
+
 ### Project Core Options
+
 When you create a project, it requires a functioning **core** that includes logger and statistics services, HTTP routing with automatic SSL certificate management, and IP routing with integrated firewall.
+
 Zerops offers two core types to match different needs and budgets:
+
 #### Lightweight Core
+
 Single-container solution perfect for development projects and smaller production workloads. Includes project controller, L3 balancer, firewall, logger, statistics, and HTTP handling in one efficient package.
+
 :::tip Ideal For
 Development environments, low-traffic applications, personal projects, budget-conscious teams.
 :::
+
 #### Serious Core
+
 Enterprise-grade infrastructure with separated core services across multiple containers for true redundancy and high availability.
+
 :::tip Ideal For
 Production applications, high-traffic websites, mission-critical business applications, teams requiring maximum uptime.
 :::
+
 #### Features Comparison
-  
-      Lightweight Core
-      Serious Core
-    
-      Infrastructure
-      Single container (limited redundancy)
-      Multi-container (highly available)
-    
-      SSL Termination
-      
-      Automatic Certificate Generation
-      
-      Proxy / Load Balancer
-      
-      IPv6 Address
-      
-      Build Time
-      15 hours
-      150 hours
-    
-      Backup Space
-      5 GB
-      25 GB
-    
-      Egress
-      100 GB
-      3 TB
-    
-      Failover Protection
-      Limited
-      Comprehensive
-    
+
+<table className="w-full">
+  <thead>
+    <tr>
+      <th className="w-fit"></th>
+      <th className="w-fit"><strong>Lightweight Core</strong></th>
+      <th className="w-fit"><strong>Serious Core</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Infrastructure</td>
+      <td className="w-fit">Single container (limited redundancy)</td>
+      <td className="w-fit">Multi-container (highly available)</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">SSL Termination</td>
+      <td className="w-fit"></td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Automatic Certificate Generation</td>
+      <td className="w-fit"></td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Proxy / Load Balancer</td>
+      <td className="w-fit"></td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">IPv6 Address</td>
+      <td className="w-fit"></td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Build Time</td>
+      <td className="w-fit">15 hours</td>
+      <td className="w-fit">150 hours</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Backup Space</td>
+      <td className="w-fit">5 GB</td>
+      <td className="w-fit">25 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Egress</td>
+      <td className="w-fit">100 GB</td>
+      <td className="w-fit">3 TB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Failover Protection</td>
+      <td className="w-fit">Limited</td>
+      <td className="w-fit">Comprehensive</td>
+    </tr>
+  </tbody>
+</table>
+
 For detailed pricing information on both core types, visit our [pricing page](/company/pricing#project-core-plans).
+
 #### Project Core Upgrade
+
 You can upgrade from Lightweight Core to Serious Core for enhanced reliability and increased resources.
+
 :::warning Important
 The core upgrade is a **partially destructive process** that will temporarily disrupt your project's operations. Plan upgrades during maintenance windows.
 :::
+
 **What happens during upgrade:**
 - All project logs and statistics will be lost (forwarded logs/statistics are not affected)
 - Services will be network-unavailable during the process (avg. 35 seconds but can take longer)
 - $10 project core fee will be charged upon upgrade
 - Free project resources will reset to Serious Core limits
 - Project IP addresses remain unchanged
+
 :::important
 If you encounter issues, **contact support immediately** and try running the process again.
 :::
+
 ## Services
+
 Services encapsulate your containers and provide specific functionality within a project. A project can contain unlimited services, each with its own purpose.
+
 **Service types include:**
 - Runtimes, Linux Containers & Docker
 - Databases, Search Engines & Messages Brokers
 - Storages
 - *System services (needed for fully functioning project core)*
+
 **Management options:**
 - **Fully managed**: Zerops handles scaling, routing, and repairs automatically (Databases and Storages)
 - **Partially managed**: You maintain control over certain management aspects (Runtimes)
+
 Services within a project communicate via internal hostnames and can share environment variables for seamless integration.
+
 ## Containers
+
 Containers are the most granular level of the Zerops architecture. Each service consists of one or more containers that work together to deliver functionality.
+
 **Container deployment:**
 - Single containers for simple applications
 - Multiple containers for High Availability (HA) mode (e.g. fully managed MariaDB service in HA mode uses 3 containers for the database cluster and 2 for proxies)
+
 **Container capabilities:**
 - Use predefined images or custom configurations
 - Can be exposed publicly via Zerops subdomains, custom domains, or public ports
 - Operate within service resource constraints with automatic scaling
 
+----------------------------------------
+
+# Features > Local Remote Development
+
+
+Zerops development is network-first. Keep your editor on your laptop, work fully inside Zerops, or use a native editor over SSH — in each case you join the same project-private network with the same hostnames, credentials, managed services, and deploy pipeline that staging and production use. What changes between environments is policy: credentials, resources, access rules, data, and release authority — not the platform underneath.
+
+## How development on Zerops works
+
+Every project ships with a private network. Services reach each other by hostname (`db:5432`, `api:3000`, `redis:6379`), with credentials injected as environment variables.
+
+The development question is how you get onto that network. Three paths give you the same project-private reach, with different filesystem, tooling, and credential boundaries.
+
+- **Local + VPN.** Your laptop joins the private network via WireGuard. Editor, toolchain, and processes stay where they are. A hosted workspace is not required.
+- **Cloud IDE.** A Linux workspace in the project, accessed through VS Code Server in the dashboard. Zero local setup.
+- **Native IDE over SSH.** SSH from your local VS Code, JetBrains Gateway, Cursor, or plain `ssh` into a workspace or directly into a runtime service container.
+
+Switch paths without reprovisioning the project. A teammate on Local + VPN and another in the Cloud IDE are hitting the same `db:5432`.
+
+```text
+   Laptop + editor          Browser tab          Laptop + native IDE
+          │                      │                        │
+     zcli vpn up          VS Code Server             zcli vpn up
+     (WireGuard)          on the project             + ssh apidev
+          │                      │                        │
+          └──────────────────────┴────────────────────────┘
+                                 │
+                                 ▼
+         ┌─────────── project private network ───────────┐
+         │                                               │
+         │     api:3000      db:5432      cache:6379     │
+         │                                               │
+         └───────────────────────────────────────────────┘
+```
+
+## Local + VPN
+
+**Best for:** keeping your existing editor, dotfiles, and toolchain — and offloading just the dependencies that are painful to run locally.
+
+```bash
+zcli vpn up <project-id>
+
+psql "postgresql://app:secret@db:5432/myapp"
+redis-cli -h cache -p 6379
+ssh apidev
+```
+
+Your laptop can reach project services by hostname: Postgres, Valkey, S3-compatible storage, runtime containers, and any other service in the project. You can keep your normal dev loop and point it at `db:5432` instead of a local mock or Docker Compose dependency.
+
+You do not need a hosted workspace, `zcli push`, or a new editor for this path.
+
+**Source control.** Use git on your laptop the way you always have. Commits, pushes, SSH agent against GitHub, your existing credentials — nothing about Zerops sits between you and the remote.
+
+:::info Complete VPN setup
+See the [VPN reference guide](/references/networking/vpn).
+:::
+
+## Cloud IDE in Zerops
+
+**Best for:** zero local setup, working from a machine that isn't yours, or wanting a pristine environment that doesn't touch your laptop.
+
+A hosted workspace is a normal Zerops service in the project. It gives you a project-contained Linux environment with private-network access, optional Browser VS Code, `zcli`, git tooling, database CLIs, and shell utilities.
+
+The workspace can also mount runtime service files, so you can inspect or edit code that runs in another container without moving it to your laptop:
+
+```bash
+ls /var/www/apidev
+ls /var/www/frontenddev
+vim /var/www/apidev/src/server.ts
+```
+
+The dev server in the runtime container hot-reloads, the database is the same `db:5432`, and staging deploys still go through the Zerops deploy pipeline.
+
+The Cloud IDE itself is configurable. Two access methods:
+
+- **VPN Only.** The IDE is reachable through `zcli vpn up`, no public exposure. Most secure.
+- **Public Access.** The IDE is reachable on a `.zerops.app` subdomain, gated by an auto-generated password.
+
+**Source control.** The hosted workspace isn't on your laptop, so your local SSH keys don't follow it. Two patterns work:
+
+- **GitHub via `gh`.** The GitHub CLI is preinstalled. Run `gh auth login` once and `gh` handles HTTPS auth, PR creation, and review flows from the container.
+- **Token in env vars.** Save a fine-grained personal access token to the workspace service's secret environment variables; `git` reads it through a credential helper.
+
+Either pattern keeps your token in the workspace service, not in your project's source.
+
+## Native IDE over SSH
+
+**Best for:** native editor UX without carrying the toolchain or databases on your laptop.
+
+Once `zcli vpn up` is connected, every container on the project's private network is reachable from your laptop over SSH. Any editor that speaks Remote SSH can use it: VS Code Remote SSH, JetBrains Gateway, Cursor, Zed, or plain `vim`.
+
+```bash
+ssh apidev               # any runtime service in the project
+ssh frontenddev
+```
+
+In this path, a hosted workspace is convenient but not required. You can connect straight to `apidev`, edit the source there, and run the dev server in the same container. A hosted workspace is only a convenience layer when you want shared tools, runtime file mounts, or Cloud IDE.
+
+**Source control.** SSH agent forwarding works the same way it does to any other machine. Add your local SSH key to your agent (`ssh-add`), and `git push` from inside `apidev` or the workspace service uses your laptop's GitHub key over the forwarded agent socket — no token storage required.
+
+```ssh-config
+# Local ~/.ssh/config
+Host apidev.zerops
+    HostName apidev
+    ForwardAgent yes
+```
+
+:::info SSH access details
+See the [SSH reference guide](/references/networking/ssh).
+:::
+
+## Picking a path
+
+|                       | Local + VPN        | Cloud IDE                  | Native IDE over SSH               |
+| --------------------- | ------------------ | -------------------------- | --------------------------------- |
+| Editor runs           | Local              | Browser                    | Local                             |
+| Toolchain             | Local              | Hosted workspace           | Hosted workspace or service container |
+| Network entry         | WireGuard VPN      | Browser into the project   | WireGuard VPN, then SSH           |
+| Hosted workspace required | No              | Yes                        | No (convenience)                  |
+| Git auth              | Local credentials  | `gh` or token in env       | SSH agent forwarding              |
+| Best for              | Keeping your setup | Disposable environments    | Native UX, lighter laptop         |
+| Best for              | Keeping your setup | Disposable environments    | Native UX, lighter laptop         |
+
+## Why this is not just a cloud IDE
+
+If you've used GitHub Codespaces or Gitpod, Cloud IDE looks similar: a Linux container in the cloud, accessed from a browser or local IDE. Two structural differences matter.
+
+**You don't have to be in the editor.** Codespaces and Gitpod are editor-first. Zerops is network-first. Cloud IDE is one way to reach the project's private network; `zcli vpn up` lets you skip the editor environment entirely and consume the project's managed services from your existing local setup. The hosted workspace itself is just another Zerops service — SSH in, install packages, run processes, configure it however you want.
+
+**Your dev environment runs the same platform as production.** On a CDE, your dev container is one platform and the deployment target is another — making "works on my machine" a fact of life. On Zerops, dev Postgres, queue, cache, or object storage is the same managed service type the app meets later in stage and prod, on the same private network, with the same `zerops.yaml`. Policy differs across environments; the platform underneath doesn't.
+
+## Where to start
+
+- [VPN reference](/references/networking/vpn) — Connect your laptop to a Zerops project-private network.
+- [SSH reference](/references/networking/ssh) — Use a native editor or shell over SSH.
+- [Build & deploy pipeline](/features/pipeline) — Build and deploy from the same project model.
+- [Infrastructure for Coding Agents](/features/coding-agents) — The sibling feature: agents working on Zerops projects through the same access model.
+
+
 ----------------------------------------
 
 # Features > Pipeline
 
+
 export const languages = [
     { name: "Node.js", link: "/nodejs/how-to/build-pipeline" },
     { name: "PHP", link: "/php/how-to/build-pipeline" },
@@ -7168,6 +10560,7 @@ export const languages = [
     { name: "Gleam", link: "/gleam/how-to/build-pipeline" },
     { name: "Nginx", link: "/nginx/how-to/build-pipeline" }
 ]
+
 export const customizeBuild = [
     { name: "Node.js", link: "/nodejs/how-to/build-process#build-environment" },
     { name: "PHP", link: "/php/how-to/build-process#build-environment" },
@@ -7182,6 +10575,7 @@ export const customizeBuild = [
     { name: "Gleam", link: "/gleam/how-to/build-process#build-environment" },
     { name: "Nginx", link: "/nginx/how-to/build-process#build-environment" }
 ]
+
 export const customizeRuntime = [
     { name: "Node.js", link: "/nodejs/how-to/customize-runtime" },
     { name: "PHP", link: "/php/how-to/customize-runtime" },
@@ -7196,9 +10590,13 @@ export const customizeRuntime = [
     { name: "Gleam", link: "/gleam/how-to/customize-runtime" },
     { name: "Nginx", link: "/nginx/how-to/customize-runtime" }
 ]
+
 ## Configure the pipeline
+
 Zerops provides a customizable build and runtime environment for your application. Start by adding a [zerops.yaml](/zerops-yaml/specification) file to the **root of your repository** and modify it to fit your application.
+
 Here is a basic example for a Node.js application:
+
 ```yaml
 zerops:
   - setup: api
@@ -7213,104 +10611,158 @@ zerops:
       base: nodejs@20
       start: npm start
 ```
+
 The zerops.yaml in your repository tells Zerops how to build and deploy your application. When the build & deploy pipeline triggers for the Node.js service named `api`, Zerops will:
+
 1. Create a build environment with Node.js v.20 preinstalled
 2. Run build commands: `npm i`, `npm run build`
 3. Create a runtime environment with Node.js v.20 preinstalled
 4. Deploy the built artifact from the `./dist` folder to runtime containers
 5. Cache the `./node_modules` folder for faster subsequent builds
 6. Start your application using `npm start`
+
 Learn more about `zerops.yaml` parameters for your runtime:
+
 ## Trigger the pipeline
-  
+
 ### Continuous deployment
+
 Set up automatic builds triggered by Git events. You can establish continuous deployment in two ways:
+
 * **New Service:** Create a new runtime service and connect it to your GitHub or GitLab repository during the service creation process.
 * **Existing Services:** Go to the service detail and choose **Pipelines & CI/CD settings** from the left menu. Click **Connect with a GitHub repository** or **Connect with a GitLab repository** to link your repository.
+
 Once connected, Zerops will automatically build and deploy your application with each push to the selected branch or when you create a new tag.
-  
+
 ### On-demand deployment
+
 Trigger builds and deployments manually when needed using either the CLI or GUI.
+
 #### Using Zerops CLI
+
 - **Build and deploy:** `zcli service push` - Uploads code and triggers the full pipeline
 - **Deploy only:** `zcli service deploy` - Skips build, deploys pre-built artifacts
+
 See [CLI commands documentation](/references/zcli/commands#service-operations) for all parameters.
+
 #### Using Zerops GUI
+
 In **Pipelines & CI/CD settings** section of your service detail:
+
 - **Re-deploy last pipeline** - With optional secret env variable updates
 - **Trigger new pipeline** - From git repo or with custom configuration
+
 #### Using import YAML
-Add `buildFromGit: ` to your service configuration for one-time build during import. See [import documentation](/references/import#service-basic-configuration).
+
+Add `buildFromGit: <repo-url>` to your service configuration for one-time build during import. See [import documentation](/references/import#service-basic-configuration).
+
 ## Build phase
-  
+
 Zerops starts a temporary build container and executes these steps:
+
 1. **Install build environment** - Sets up the runtime and tools
 2. **Download source code** - From [GitHub ↗](https://www.github.com), [GitLab ↗](https://www.gitlab.com) or via [Zerops CLI](/references/cli)
 3. **Customize environment** - Runs optional preparation commands
 4. **Execute build commands** - Compiles and packages your application
 5. **Upload artifacts** - Stores build output in internal Zerops storage
 6. **Cache files** - Optionally [caches](/features/build-cache) selected files for faster future builds
+
 Zerops automatically deletes the build container after the build finishes or fails.
+
 ### Build hardware resources
+
 All runtime services use the same hardware resources for build containers:
-  
-      HW resource
-      Minimum
-      Maximum
-    
-      CPU cores
-      1
-      5
-    
-      RAM
-      8 GB
-      8 GB
-    
-      Disk
-      1 GB
-      100 GB
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>HW resource</strong></th>
+      <th className="w-fit"><strong>Minimum</strong></th>
+      <th className="w-fit"><strong>Maximum</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">CPU cores</td>
+      <td className="w-fit">1</td>
+      <td className="w-fit">5</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">RAM</td>
+      <td className="w-fit">8 GB</td>
+      <td className="w-fit">8 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Disk</td>
+      <td className="w-fit">1 GB</td>
+      <td className="w-fit">100 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 Build containers start with minimum resources and scale vertically up to maximum capacity as needed.
+
 :::info
 Build container resources are not charged. Build costs are covered by the standard Zerops [project fee](https://zerops.io/#pricing).
 :::
+
 ### Build time limit
+
 The entire build pipeline has a **1 hour** time limit. After 1 hour, Zerops terminates the build pipeline and deletes the build container.
+
 ### Customize the build environment
+
 All runtime services start with a default build environment based on the [build.base](/zerops-yaml/specification#base-) attribute in `zerops.yaml`. Install additional packages or tools by adding [build.prepareCommands](/zerops-yaml/specification#preparecommands-) to your configuration.
+
 Learn more about customizing build environments:
+
 ## Runtime prepare phase (optional)
-  
+
 When your application requires additional system packages, libraries, or tools in the runtime environment, Zerops allows you to build a custom runtime image. This optional phase occurs after the build phase and before deployment.
+
 ### When to use custom runtime images
+
 Build custom runtime images when you need:
 - System packages or libraries for runtime operations (e.g., `sudo apk add imagemagick` for image processing)
 - Library dependencies for interpreted languages or dynamically linked binaries
 - System-level tools or utilities your application requires
 - Customized base operating system or additional software layers
+
 ### Configuration
+
 Configure custom runtime images in your `zerops.yml` file using these fields:
+
 #### `run.os` + `run.base`
+
 Specify the operating system and base packages for your custom runtime image:
+
 ```yaml
 run:
   os: alpine # or ubuntu
   base: nodejs@20 # specify your runtime and version
 ```
+
 #### `run.prepareCommands`
+
 Define commands that customize your runtime image. These commands run inside a fresh base container:
+
 ```yaml
 run:
   prepareCommands:
     - sudo apk add --no-cache imagemagick
     - sudo apt-get update && apt-get install -y some-package  # for Ubuntu
 ```
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 Zerops creates the custom runtime image from this container after all commands complete successfully.
+
 #### `build.addToRunPrepare`
+
 Copy specific files from the build phase to the runtime prepare phase. This is useful when you need source files during runtime preparation:
+
 ```yaml
 build:
   addToRunPrepare:
@@ -7318,16 +10770,23 @@ build:
     - requirements.txt
     - config/runtime-setup.sh
 ```
+
 These files are packed immediately after `build.buildCommands` finish and become available during the runtime prepare phase.
+
 ### How it works
+
 When you trigger the first deploy with defined [run.prepareCommands](/zerops-yaml/specification#preparecommands--1), Zerops:
+
 1. **Creates prepare container** - Based on `run.os` and `run.base`
 2. **Copies build files** - Files specified in [build.addToRunPrepare](/zerops-yaml/specification#addtorunprepare-) (if any)
 3. **Runs prepare commands** - Executes [run.prepareCommands](/zerops-yaml/specification#preparecommands--1) in order
 4. **Creates runtime image** - Builds custom runtime image from the prepared container
 5. **Uses for deployment** - Deploys your application using this custom runtime image
+
 ### Custom runtime image caching
+
 Zerops caches custom runtime images to optimize deployment times. The runtime prepare phase is skipped and cached images are reused when:
+
 - It is not the first deployment of your service
 - None of these `zerops.yaml` fields changed since the last deployment:
   - `run.os` or `run.base`
@@ -7335,61 +10794,94 @@ Zerops caches custom runtime images to optimize deployment times. The runtime pr
   - `build.addToRunPrepare`
 - File contents specified in `build.addToRunPrepare` remain unchanged
 - The custom runtime image cache hasn't been manually invalidated
+
 #### Manual cache invalidation
+
 To invalidate the custom runtime image cache, go to your service detail in the Zerops GUI, choose **Pipelines & CI/CD settings** section from the left menu, and click on the button under **Pipeline #**. Then click on the **Clear runtime prepare image** button.
+
 Learn more about building custom runtime images:
+
 :::warning
 Do not include your application code in the custom runtime image, as your built application code is deployed automatically into fresh containers.
+
 Shared storage mounts are also not available during the runtime prepare phase.
 :::
+
 ## Deploy phase
-  
+
 ### Application artifacts
+
 After the [build phase](#build-phase) completes, Zerops stores the application artifact in internal storage and deletes the build container.
+
 For [manual deployments](#manual-deploy-using-zerops-cli) using Zerops CLI, the application artifact is also uploaded to internal storage.
+
 Zerops uses the stored artifact to deploy identical versions of your application whenever a new container starts:
+
 - During new application version deployments
 - When applications [scale horizontally](/features/scaling#horizontal-scaling-runtime-services-linux-containers-and-docker)
 - When runtime containers fail and new containers start automatically
+
 ### First deploy
+
 For initial deployments, Zerops starts one or more runtime containers based on your service [auto scaling settings](/features/scaling).
+
 Zerops executes these steps for each new container:
+
 1. **Install runtime environment** - Sets up the runtime (or uses a custom runtime image if configured)
 2. **Download application artifact** - Retrieves build output from internal storage
 3. **Run initialization** - Executes optional [init commands](/zerops-yaml/specification#initcommands-)
 4. **Start application** - Launches your app using the [start command](/zerops-yaml/specification#startcommands-)
 5. **Check readiness** - Waits for [readiness check](/zerops-yaml/specification#readinesscheck-) to succeed (if configured)
 6. **Activate container** - Container becomes active and receives incoming requests
+
 Services with multiple containers deploy in parallel.
+
 :::info
 If your application needs initialization in each runtime container, add [init commands](/zerops-yaml/specification#initcommands-) to `zerops.yaml`.
 :::
+
 :::caution
 Do not use `initCommands` for runtime environment customization. See [how to build custom runtime images](#runtime-prepare-phase-optional).
 :::
+
 ### Subsequent deploys
+
 For applications with existing running versions, Zerops starts new containers matching the count of existing containers.
+
 Zerops executes the same steps as the first deployment for each new container. Your service briefly contains both new and old versions during this process.
+
 Old containers are then removed from the project balancer to stop receiving new requests. The processes inside old containers terminate and Zerops gradually deletes all old containers.
+
 ### Readiness checks
+
 If your application is not ready to handle requests immediately after starting via the [start command](/zerops-yaml/specification#startcommands-), configure a [readiness check](/zerops-yaml/specification#readinesscheck-) in your `zerops.yaml`.
+
 When readiness checks are defined, Zerops:
+
 1. **Starts your application**
 2. **Performs readiness check**
 3. **Waits and retries** - If check fails, waits 5 seconds and repeats step 2
 4. **Activates container** - If check succeeds, marks container as active
+
 Runtime containers with pending readiness checks do not receive incoming requests - only active containers handle traffic.
+
 If readiness checks fail for 5 minutes, Zerops marks the container as failed, deletes it, creates a new container, and repeats the deployment process.
+
 **Readiness check types:**
+
 - `httpGet` - Succeeds when URL returns HTTP `2xx` status (5-second timeout, follows `3xx` redirects)
 - `exec.command` - Succeeds when command returns status code 0 (5-second timeout)
+
 Read the [runtime log](/nodejs/how-to/logs#runtime-log) to troubleshoot failed readiness checks.
+
 ## Manual deploy using Zerops CLI
-  
-Start deploy-only pipelines using the [Zerops CLI](/references/cli). The `zcli service deploy` command uploads and deploys your application in Zerops. Use this when you have your own build process. For building applications in Zerops, use [continuous](#continuous-deployment) or [on-demand](#on-demand-deployment) deployment instead.
-```sh
+
+Start deploy-only pipelines using the [Zerops CLI](/references/cli). The [`zcli service deploy`](/references/zcli/commands#deploy) command uploads and deploys your application in Zerops. Use this when you have your own build process. For building applications in Zerops, use [continuous](#continuous-deployment) or [on-demand](#on-demand-deployment) deployment instead.
+
+```sh
 Usage:
   zcli service deploy pathToFileOrDir [flags]
+
 Flags:
       --archive-file-path string   If set, zCLI creates a tar.gz archive with the application code in the required path relative
                                  to the working directory. By default, no archive is created.
@@ -7405,109 +10897,159 @@ Flags:
       --zerops-yaml-path string    Sets a custom path to the zerops.yaml file relative to the working directory. By default zCLI
                                  looks for zerops.yaml in the working directory.
 ```
+
 `pathToFileOrDir` defines paths to directories and/or files relative to the working directory. The working directory defaults to the current directory and can be changed using the `--working-dir` flag.
+
 Place `zerops.yaml` in the working directory.
+
 :::info
 You can modify the deploy pipeline anytime by updating the `zerops.yaml` in your working directory.
 :::
+
 ## Manage builds and deployments
+
 ### Cancel running build
+
 When you need to cancel an incorrect running build, use the Zerops GUI. Go to the service detail, open the running processes list, and click **Open pipeline detail**. Then click **Cancel build**.
-  
+
 :::caution
 Build cancellation is only available before the build pipeline finishes. Once the build completes, deployment cannot be cancelled.
 :::
+
 ### Application versions
+
 Zerops keeps the 10 most recent versions of your application in internal storage.
+
 Access the application versions list in Zerops GUI by going to service detail and choosing the **Pipelines & CI/CD settings** section from the left menu. The active version is highlighted - click the button below to show all archived versions.
-  
+
 Access pipeline details from the additional menu. Pipeline details contain:
+
 - Pipeline configuration (`zerops.yaml`) used for the selected version
 - Build log (if available)
 - Prepare runtime log (if available)
+
 You can download the build artifact for selected versions or manually delete inactive versions.
+
 ### Restore an archived version
+
 Restore archived versions by choosing **Activate** from the additional menu. Zerops will deploy the selected version and archive the currently active version.
+
 Environment variables restore to their state from the last moment when the selected version was active.
 
 ----------------------------------------
 
 # Features > Rbac
 
+
 Zerops provides granular access control through a role-based permission system, allowing you to precisely manage who can access and modify your organization's resources. This system operates at two levels: **organization-wide roles** and **per-project role overrides**.
+
 ## Core Concepts
+
 When a user performs an action on a project or its resources, Zerops first checks for a project-specific role override. If none exists, the organization role applies:
+
 #### Organization Role
 The primary role assigned to a user, determining their **default permissions** across the entire organization and all its projects.
+
 #### Project Role Override
 An optional per-project permission that **supersedes the organization role** for that specific project and its resources (services, containers, environment variables, routing, etc.).
+
 ## User Roles
+
 Zerops supports four user roles, listed from highest to lowest permission level:
-    
-        Role
-        Organization Access
-        Default Project Access
-        Can Create Projects
-        Can Manage Team
-    
-        Owner
-        Full (incl. billing)
-        Full
-        ✓
-        All roles
-    
-        Admin
-        Full (excl. billing)
-        Full
-        ✓
-        Developer, Guest
-    
-        Developer
-        None
-        None (per-project only)
-        ✓
-        ✗
-    
-        Guest
-        None
-        None (per-project only)
-        ✗
-        ✗
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit font-semibold">Role</th>
+        <th className="w-fit font-semibold">Organization Access</th>
+        <th className="w-fit font-semibold">Default Project Access</th>
+        <th className="w-fit font-semibold">Can Create Projects</th>
+        <th className="w-fit font-semibold">Can Manage Team</th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit"><strong>Owner</strong></td>
+        <td className="w-fit">Full (incl. billing)</td>
+        <td className="w-fit">Full</td>
+        <td className="w-fit">✓</td>
+        <td className="w-fit">All roles</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Admin</strong></td>
+        <td className="w-fit">Full (excl. billing)</td>
+        <td className="w-fit">Full</td>
+        <td className="w-fit">✓</td>
+        <td className="w-fit">Developer, Guest</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Developer</strong></td>
+        <td className="w-fit">None</td>
+        <td className="w-fit">None (per-project only)</td>
+        <td className="w-fit">✓</td>
+        <td className="w-fit">✗</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Guest</strong></td>
+        <td className="w-fit">None</td>
+        <td className="w-fit">None (per-project only)</td>
+        <td className="w-fit">✗</td>
+        <td className="w-fit">✗</td>
+    </tr>
+    </tbody>
+</table>
+
 ### Owner
+
 :::note
 Every organization must have at least one Owner at all times.
 :::
+
 The **Owner** role has unrestricted access to all organization resources:
+
 - Full access to billing, invoices, and payment management
 - Can invite, edit, and remove users of any role
 - Automatic *Full access* to all projects
 - Can create unlimited projects
 - Minimum access level on any project is *Read only*
+
 ### Admin
+
 The **Admin** role provides comprehensive access without billing permissions:
+
 - Cannot view or manage billing information
 - Can invite, edit, and remove users with Developer or Guest roles only
 - Cannot manage other Admins or Owners
 - Automatic *Full access* to all projects
 - Can create unlimited projects
 - Minimum access level on any project is *Read only*
+
 ### Developer
+
 The **Developer** role is designed for team members who need to work on specific projects:
+
 - No access to organization-level settings
 - No default access to any projects — access must be granted per-project
 - Can create new projects (automatically receives full access to projects they create)
 - Cannot invite or manage other team members
+
 ### Guest
+
 The **Guest** role provides the most restricted access:
+
 - No access to organization-level settings
 - No default access to any projects — access must be granted per-project
 - Cannot create new projects
 - Cannot invite or manage other team members
+
 ## Project Access Levels
+
 When granting project access (either as a default for Owners/Admins or as an override for any role), two permission levels are available:
+
 ### Full Access
+
 Users with full access to a project can:
+
 - Start, stop, and restart services
 - Deploy applications
 - Create, edit, and delete services
@@ -7518,208 +11060,315 @@ Users with full access to a project can:
 - Download backups and deployed code
 - Manage project settings and routing
 - Delete the project
+
 ### Read Only
+
 Users with read-only access to a project can:
+
 - View project structure and service status
 - View logs and metrics
 - View deployment history
 - View non-sensitive environment variables
 - View backup existence and metadata
 - View VPN public keys (but not create new key pairs)
+
 Users with read-only access **cannot**:
+
 - Make any changes to project configuration
 - Start, stop, or deploy services
 - Access SSH web terminal or file browser
 - Download backups or deployed code
 - View sensitive environment variables (displayed as `REDACTED`)
 - Create VPN key pairs
+
 :::info Coming Soon
 **Sensitive Environment Variables**: You will soon be able to mark specific environment variables as sensitive. These variables will be stored encrypted and hidden from users with read-only access, providing additional security for credentials and secrets.
 :::
+
 ## Managing Team Members
+
 Access team management at **Organization → Team**.
+
 ### Inviting New Members
+
 1. Navigate to the Team section
 2. Click **Invite Member**
 3. Enter the user's email address
 4. Select their organization role (Owner, Admin, Developer, or Guest)
 5. Send the invitation
+
 If the email belongs to an existing Zerops account, they'll receive an invitation to join your organization. If not, they'll be invited to create an account and will set up their password upon accepting.
+
 ### Editing Member Permissions
+
 You can modify a team member's permissions in two ways:
+
 **From the Team section**:
 - Edit the user's organization role
 - Configure their access to all projects at once
+
 **From Project Settings**:
 - Manage access for all users to that specific project
 - Useful when onboarding a team to a new project
+
 ### Role Change Restrictions
+
 - Users cannot modify their own role
 - Admins can only modify users with Developer or Guest roles
 - A user cannot be demoted if they have integration tokens with higher permissions — those tokens must be modified or deleted first
 - At least one Owner must exist in the organization at all times
+
 ## Project Role Overrides
+
 Project role overrides allow you to customize access for specific projects without changing a user's organization-wide role.
+
 ### Common Use Cases
+
 **Restricting Admin access to production**:
 An Admin who should have full access to development projects but only read-only access to production can have a Read only override set on the production project.
+
 **Granting Developer access to specific projects**:
 A Developer (who has no default project access) can be granted Full access to the projects they work on, while remaining unable to see other projects.
+
 **Temporary project access for Guests**:
 A Guest user (perhaps an external contractor) can be granted Read only or Full access to specific projects for the duration of their engagement.
+
 ### How Overrides Work
+
 :::note
 Owners and Admins cannot be set to "No access" on any project — the minimum override available for these roles is Read only.
 :::
-    
-        Organization Role
-        Without Override
-        With Full Access Override
-        With Read Only Override
-    
-        Owner
-        Full access
-        Full access
-        Read only
-    
-        Admin
-        Full access
-        Full access
-        Read only
-    
-        Developer
-        No access
-        Full access
-        Read only
-    
-        Guest
-        No access
-        Full access
-        Read only
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Organization Role</strong></th>
+        <th className="w-fit"><strong>Without Override</strong></th>
+        <th className="w-fit"><strong>With Full Access Override</strong></th>
+        <th className="w-fit"><strong>With Read Only Override</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit">Owner</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Read only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Admin</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Read only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Developer</td>
+        <td className="w-fit">No access</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Read only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Guest</td>
+        <td className="w-fit">No access</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Read only</td>
+    </tr>
+    </tbody>
+</table>
+
 ## Integration Tokens
+
 Integration tokens provide programmatic access to the Zerops API, ideal for CI/CD pipelines, automation scripts, and third-party integrations.
+
 ### Token Access Levels
-    
-        Token Type
-        Description
-    
-        Full access to all projects
-        Can perform all operations on all current and future projects
-    
-        Read access to all projects
-        Can view all projects and their resources, but cannot make changes
-    
-        Custom access per project
-        No default access; each project must be explicitly added with Full or Read only permission
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Token Type</strong></th>
+        <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit"><strong>Full access to all projects</strong></td>
+        <td className="w-fit">Can perform all operations on all current and future projects</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Read access to all projects</strong></td>
+        <td className="w-fit">Can view all projects and their resources, but cannot make changes</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Custom access per project</strong></td>
+        <td className="w-fit">No default access; each project must be explicitly added with Full or Read only permission</td>
+    </tr>
+    </tbody>
+</table>
+
 ### Creating Tokens
+
 Access token management at **Settings → Access Tokens Management**.
+
 1. Click **Create Token**
 2. Enter a descriptive name for the token
 3. Select the access level
 4. If using custom per-project access, add each project and set its permission level
 5. Create the token
+
 :::warning
 The token value is displayed only once upon creation. Store it securely — you cannot retrieve it later.
 :::
+
 ### Token Permission Constraints
+
 Tokens cannot have higher permissions than the user who creates them:
-    
-        Your Role
-        Available Token Types
-    
-        Owner
-        Full access, Read access, Custom per project
-    
-        Admin
-        Full access, Read access, Custom per project
-    
-        Developer
-        Custom per project only
-    
-        Guest
-        Custom per project only
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Your Role</strong></th>
+        <th className="w-fit"><strong>Available Token Types</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit">Owner</td>
+        <td className="w-fit">Full access, Read access, Custom per project</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Admin</td>
+        <td className="w-fit">Full access, Read access, Custom per project</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Developer</td>
+        <td className="w-fit">Custom per project only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Guest</td>
+        <td className="w-fit">Custom per project only</td>
+    </tr>
+    </tbody>
+</table>
+
 ### Managing Tokens
+
 :::note
 Admins can manage tokens created by Developers and Guests, but cannot manage tokens created by other Admins or Owners.
 :::
+
 - **View**: Owners and Admins can see all tokens; Developers and Guests can only see their own tokens
 - **Edit**: A token's name, access level, or per-project permissions can be modified at any time
 - **Regenerate**: Creates a new token value while preserving all settings (the old token immediately stops working)
 - **Delete**: Permanently removes the token
+
 ---
+
 ## API Access & Advanced Configuration
+
 The Zerops API provides additional flexibility beyond what's available in the dashboard. This section covers capabilities accessible only through the API.
+
 :::info
 For complete API documentation, see the [Zerops OpenAPI Specification](/references/api).
 :::
+
 ### Backend Role System
+
 The API uses a more granular role system than the dashboard interface:
-    
-        Dashboard Role
-        API Role Code
-        Notes
-    
-        Owner
-        OWNER
-        Includes canViewFinances, canEditFinances, and canCreateProjects flags (always enabled)
-    
-        Admin
-        ADMIN
-        Includes canCreateProjects flag (always enabled)
-    
-        Developer
-        NO_ACCESS
-        With canCreateProjects: true
-    
-        Guest
-        NO_ACCESS
-        With canCreateProjects: false
-    
-        —
-        BASIC_USER
-        Available via API only
-    
-        —
-        READ_ONLY
-        Available via API only
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Dashboard Role</strong></th>
+        <th className="w-fit"><strong>API Role Code</strong></th>
+        <th className="w-fit"><strong>Notes</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit">Owner</td>
+        <td className="w-fit"><code>OWNER</code></td>
+        <td className="w-fit">Includes <code>canViewFinances</code>, <code>canEditFinances</code>, and <code>canCreateProjects</code> flags (always enabled)</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Admin</td>
+        <td className="w-fit"><code>ADMIN</code></td>
+        <td className="w-fit">Includes <code>canCreateProjects</code> flag (always enabled)</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Developer</td>
+        <td className="w-fit"><code>NO_ACCESS</code></td>
+        <td className="w-fit">With <code>canCreateProjects: true</code></td>
+    </tr>
+    <tr>
+        <td className="w-fit">Guest</td>
+        <td className="w-fit"><code>NO_ACCESS</code></td>
+        <td className="w-fit">With <code>canCreateProjects: false</code></td>
+    </tr>
+    <tr>
+        <td className="w-fit">—</td>
+        <td className="w-fit"><code>BASIC_USER</code></td>
+        <td className="w-fit">Available via API only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">—</td>
+        <td className="w-fit"><code>READ_ONLY</code></td>
+        <td className="w-fit">Available via API only</td>
+    </tr>
+    </tbody>
+</table>
+
 ### Additional Roles (API Only)
+
 **BASIC_USER**
 - Can view all projects (unless overridden to `NO_ACCESS`)
 - Can perform all project operations (start/stop services, deploy, view logs, etc.)
 - Cannot delete projects
 - Cannot create projects without the `canCreateProjects` flag
 - Cannot manage team members
+
 **READ_ONLY**
 - Can view all projects (unless overridden to `NO_ACCESS`)
 - Cannot make any changes
 - Cannot access SSH terminal, file browser, or VPN key creation
 - Cannot download backups or deployed code
 - Sensitive environment variables displayed as `REDACTED`
+
 ### Permission Flags
+
 The API supports additional permission flags that can be set on any user regardless of role:
-    
-        Flag
-        Description
-    
-        canViewFinances
-        Allows viewing billing information, invoices, and payment sources
-    
-        canEditFinances
-        Allows modifying billing information and processing payments (automatically enables canViewFinances)
-    
-        canCreateProjects
-        Allows creating new projects (user receives OWNER role on projects they create)
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Flag</strong></th>
+        <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit"><code>canViewFinances</code></td>
+        <td className="w-fit">Allows viewing billing information, invoices, and payment sources</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><code>canEditFinances</code></td>
+        <td className="w-fit">Allows modifying billing information and processing payments (automatically enables <code>canViewFinances</code>)</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><code>canCreateProjects</code></td>
+        <td className="w-fit">Allows creating new projects (user receives <code>OWNER</code> role on projects they create)</td>
+    </tr>
+    </tbody>
+</table>
+
 These flags enable scenarios like:
 - An Admin who needs to view (but not edit) billing information
 - A Developer who should be able to create projects but also view invoices
 - A read-only user who monitors billing status
+
 ### Project Role Overrides via API
+
 The API allows setting any role as a project override, including `NO_ACCESS`:
+
 ```yaml
 # Example: Set NO_ACCESS override for a user on a specific project
 PUT /api/rest/public/client-user/{id}/roles
@@ -7732,144 +11381,218 @@ PUT /api/rest/public/client-user/{id}/roles
   ]
 }
 ```
+
 This enables scenarios not possible through the dashboard, such as hiding specific projects from users who would otherwise have access based on their organization role.
+
 ### Role Resolution Logic
+
 When determining a user's effective permissions for a project:
+
 1. Check if a project-specific role override exists
 2. If yes, use that role for all project-related operations
 3. If no, use the organization role
+
 For non-project operations (billing, team management), only the organization role applies.
 
+
 ----------------------------------------
 
 # Features > Scaling
 
+
 Zerops delivers enterprise-grade infrastructure with built-in automatic scaling and high availability. This means applications and databases dynamically adjust to traffic demands—scaling up during peak loads to maintain performance and scaling down during quiet periods to reduce costs.
+
 Unlike traditional hosting where resources must be predicted and pre-provisioned, Zerops continuously monitors workloads and automatically allocates exactly what is needed, when it is needed. This intelligent resource management ensures optimal performance without wasted spend.
+
 ## Key Benefits
+
 - **Cost Optimization**: Only pay for resources actually used
 - **Performance Reliability**: Maintain responsiveness during traffic spikes
 - **Automatic Management**: Built-in best practices with customizable settings
 - **High Availability**: Redundancy options for production environments
+
 ## Understanding Zerops Scaling Architecture
+
 Zerops uses two fundamentally different approaches for optimizing infrastructure:
+
 #### **Resource Management (Vertical Scaling)**
 - **Applies to:** Runtime services, databases, shared storage, and Linux containers (Alpine and Ubuntu)
 - **What it does:** Adjusts CPU, RAM, and disk resources within individual containers
 - **Management:** Automated by Zerops, but customizable by users
+
 :::note
 Docker services do not support automatic vertical scaling. Resource values can be manually changed, but this triggers a VM restart.
 :::
+
 #### **Container Architecture**
 - **For Runtime Services, Linux Containers, and Docker:** Horizontal Scaling (dynamic container count)
   - Adds or removes containers/VMs based on load
   - Requires applications to be designed for HA operation
   - Container/VM creation limits can be controlled
   - Docker containers run in VMs rather than native containers
+
 - **For Databases & Shared Storage:** High Availability Mode (fixed container count)
   - Single Container OR Multi-Container HA configuration
   - Must be chosen at service creation (cannot be changed later)
   - Managed by Zerops (no application changes needed)
+
 ### At-a-Glance Comparison
+
 * ✓ = Available *(configurable, defaults vary according to service type)*
-  
-      Feature
-      Runtime Services & Linux Containers
-      Databases
-      Shared Storage
-      Docker
-    
-      Automatic Resource Scaling
-      ✓
-      ✓
-      ✓
-      Manual (triggers VM restart)
-    
-      Automatic Horizontal Scaling
-      ✓
-      Fixed # of containers
-      Fixed # of containers
-      ✓
-    
-      High Availability
-      User-implemented
-      Zerops-managed HA mode
-      Zerops-managed HA mode
-      User-implemented
-    
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="">Feature</th>
+      <th className="">Runtime Services & Linux Containers</th>
+      <th className="">Databases</th>
+      <th className="">Shared Storage</th>
+      <th className="">Docker</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Automatic Resource Scaling</td>
+      <td className="w-fit text-center">✓</td>
+      <td className="w-fit text-center">✓</td>
+      <td className="w-fit text-center">✓</td>
+      <td className="w-fit text-center">Manual (triggers VM restart)</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Automatic Horizontal Scaling</td>
+      <td className="w-fit text-center">✓</td>
+      <td className="w-fit text-center">Fixed # of containers</td>
+      <td className="w-fit text-center">Fixed # of containers</td>
+      <td className="w-fit text-center">✓</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">High Availability</td>
+      <td className="w-fit text-center">User-implemented</td>
+      <td className="w-fit text-center">Zerops-managed HA mode</td>
+      <td className="w-fit text-center">Zerops-managed HA mode</td>
+      <td className="w-fit text-center">User-implemented</td>
+    </tr>
+  </tbody>
+</table>
+
 ## When to Configure Scaling
+
 You can configure scaling settings at three different stages:
+
 - **During service creation** - Configure initial scaling parameters when creating services in the Zerops GUI. Set resource limits, CPU mode, and container counts from the start.
+
 - **During import** - Use YAML configuration files to define comprehensive scaling settings including `verticalAutoscaling` parameters and horizontal scaling limits. See [Import & Export YAML Configuration](/references/import) for complete syntax.
+
 - **After service creation** - Modify most scaling settings anytime through your service's **Automatic scaling configuration** page. Note that some parameters like deployment mode for databases and shared storage cannot be changed after creation.
+
 This flexibility lets you plan scaling strategies upfront or adapt them as requirements evolve.
+
 ## Part 1: Resource Management
+
 Resource management in Zerops focuses on efficiently allocating and adjusting CPU, RAM, and disk resources within individual containers based on actual usage patterns.
+
 These resource management capabilities apply to **runtime** services, **databases**, **shared storage**, and **Linux containers** (Alpine and Ubuntu).
+
 :::note
 Docker services do not support automatic vertical scaling. Resources for Docker services are fixed at the values set manually and do not automatically adjust based on usage.
 :::
+
 :::tip Disable Scaling for Specific Resources
 To prevent automatic scaling of specific resources, simply set identical minimum and maximum values for CPU, RAM, or Disk.
 :::
+
 ### CPU Settings
+
 #### CPU Mode
+
 Two CPU allocation modes are available for any service:
+
 **Shared CPU**
+
 Shared CPU provides a physical CPU core shared with up to 10 other applications. Performance varies depending on neighbors, ranging from 1/10 to 10/10 power. This option is cost-effective for non-critical workloads, development, and testing environments.
+
 **Dedicated CPU**
+
 Dedicated CPU gives exclusive access to a full physical CPU core(s), ensuring consistent and predictable performance. This option is ideal for production environments and CPU-intensive applications.
+
 :::tip
 CPU mode can be changed (once per hour) as needed.
 :::
+
 See the [pricing](/company/pricing#resource-pricing) for the difference between CPU modes.
+
 #### Minimum and Maximum CPU Cores
+
 Set boundaries for CPU core allocation. Zerops will scale CPU resources within these limits based on actual usage.
+
 #### Start CPU Core Count
+
 Determines how many CPU cores are allocated when containers start:
 - Default: 2 cores
 - Applies to both dedicated and shared CPU modes
 - Higher values provide more processing power during application initialization
 - After startup, resources are automatically adjusted based on actual usage and limits
+
 #### CPU Scaling Thresholds
+
 For services using [dedicated CPU](#cpu-mode) only, CPU scaling is controlled by:
+
 **Min. Free CPU Cores (%)**
 - Scale-up is triggered when free capacity drops below a fixed fraction of a single CPU core
 - Default: 10%
 - Set as a percentage of a single core's capacity
 - Example: Setting to 20% means that with one core, at least 20% of that core should remain free
+
 **Dynamic Min. Free Total Core Percent**
 - Scale-up is triggered when total free capacity across all cores falls below a percentage of total capacity
 - Default: 0% (disabled)
 - Dynamically adjusts as the number of cores changes
 - Ideal for accommodating varying load distributions
 - Example: 20% setting ensures at least 20% of the combined capacity of all cores remains free
+
 ### RAM Settings
+
 #### Minimum and Maximum RAM
+
 Set boundaries for RAM allocation. Zerops will scale RAM within these limits based on actual usage.
+
 #### RAM Scaling Thresholds
+
 RAM usage is monitored every 10 seconds to ensure optimal performance. The minimum free RAM settings serve multiple important purposes: they prevent Out of Memory (OOM) errors, provide space for kernel disk caching (which improves application performance), and maintain a buffer for sudden memory demands.
+
 Swap is enabled for all containers to help prevent OOM errors, but proper minimum free RAM configuration is still essential—especially for services that use large amounts of RAM or benefit from kernel disk caching. Without sufficient free memory, performance may degrade due to increased disk access.
+
 Two threshold types determine RAM scaling:
+
 **Minimum Free RAM (absolute value in GB)**
 - Specifies an absolute threshold for free RAM
 - Additional memory is triggered when available RAM falls below this fixed amount
 - Default: 0.0625 GB (64 MB) for most services
 - Ideal for maintaining system stability and responsiveness
+
 **Minimum Free RAM (% of Granted)**
 - Establishes a dynamic threshold based on a percentage of total granted memory
 - Default: 0% (disabled)
 - The buffer scales proportionally as total memory increases
 - Particularly useful for handling varying loads
+
 :::note
 Whichever setting provides more free memory is used.
 :::
+
+[Video: /vids/ram-scaling.webm](/vids/ram-scaling.webm)
+
 ### Disk Settings
+
 #### Minimum and Maximum Disk
+
 Set boundaries for disk space allocation. Zerops will scale disk space within these limits based on actual usage.
+
 ### Resource Scaling Behavior
+
 Zerops implements an exponential growth pattern ensuring that **resources grow gradually** for minor load increases but can scale rapidly when significant additional capacity is needed. When resource usage triggers scaling, Zerops initially adds smaller increments, but as demand continues to increase, it can add larger increments to quickly meet the needs of your application.
+
 Below are the parameters that control this behavior across all services that support vertical scaling:
+
 - **Data Collection Interval:** How frequently resource usage metrics are collected
 - **Scale-Up Window Interval:** The timeframe in which high usage must persist before adding resources
 - **Scale-Down Window Interval:** The timeframe in which low usage must persist before reducing resources
@@ -7877,122 +11600,177 @@ Below are the parameters that control this behavior across all services that sup
 - **Scale-Down Threshold Percentile:** The usage percentile that triggers resource scaling down
 - **Minimum Step:** The smallest increment by which resources can increase during scaling
 - **Maximum Step:** The largest possible increment for resources when scaling rapidly under high load
-  
-      Parameter
-      CPU
-      RAM
-      Disk
-    
-      Data Collection Interval
-      10 seconds
-      10 seconds
-      10 seconds
-    
-      Scale-Up Window Interval
-      20 seconds
-      10 seconds
-      10 seconds
-    
-      Scale-Down Window Interval
-      60 seconds
-      120 seconds
-      300 seconds
-    
-      Scale-Up Threshold Percentile
-      60
-      50
-      50
-    
-      Scale-Down Threshold Percentile
-      40
-      50
-      50
-    
-      Minimum Step
-      1 (0.1 cores)
-      0.125 GB
-      0.5 GB
-    
-      Maximum Step
-      40
-      32 GB
-      128 GB
-    
-## Part 2: Container Architecture — Service-Specific Approaches
-Container architecture in Zerops defines how services are distributed across containers. Different service types use fundamentally different approaches:
-1. **Horizontal Scaling** (Runtime Services, Linux Containers, and Docker)
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="">Parameter</th>
+      <th className="">CPU</th>
+      <th className="">RAM</th>
+      <th className="">Disk</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Data Collection Interval</td>
+      <td className="w-fit">10 seconds</td>
+      <td className="w-fit">10 seconds</td>
+      <td className="w-fit">10 seconds</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Scale-Up Window Interval</td>
+      <td className="w-fit">20 seconds</td>
+      <td className="w-fit">10 seconds</td>
+      <td className="w-fit">10 seconds</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Scale-Down Window Interval</td>
+      <td className="w-fit">60 seconds</td>
+      <td className="w-fit">120 seconds</td>
+      <td className="w-fit">300 seconds</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Scale-Up Threshold Percentile</td>
+      <td className="w-fit">60</td>
+      <td className="w-fit">50</td>
+      <td className="w-fit">50</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Scale-Down Threshold Percentile</td>
+      <td className="w-fit">40</td>
+      <td className="w-fit">50</td>
+      <td className="w-fit">50</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Minimum Step</td>
+      <td className="w-fit">1 (0.1 cores)</td>
+      <td className="w-fit">0.125 GB</td>
+      <td className="w-fit">0.5 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Maximum Step</td>
+      <td className="w-fit">40</td>
+      <td className="w-fit">32 GB</td>
+      <td className="w-fit">128 GB</td>
+    </tr>
+  </tbody>
+</table>
+
+## Part 2: Container Architecture — Service-Specific Approaches
+
+Container architecture in Zerops defines how services are distributed across containers. Different service types use fundamentally different approaches:
+
+1. **Horizontal Scaling** (Runtime Services, Linux Containers, and Docker)
 2. **Deployment Modes** (Databases and Shared Storage)
+
 ### Horizontal Scaling (Runtime Services, Linux Containers, and Docker)
+
 Horizontal scaling adds or removes entire containers (or VMs for Docker) as demand fluctuates.
 * When vertical scaling reaches its defined maximum, new containers/VMs are automatically added to handle additional load.
 * As demand decreases, containers/VMs are gradually removed to optimize resource usage.
+
 :::important HA-ready Applications
 For applications to work properly across multiple containers, they must be designed to be HA-ready.
 :::
+
 #### Setting Horizontal Scaling Parameters
+
 To configure horizontal scaling, users need to set the minimum and maximum number of containers:
+
 - **Minimum Containers**: The baseline number of containers that should always be running (system limit: 1)
 - **Maximum Containers**: The upper limit of containers that can be created during high demand (system limit: 10)
+
 :::tip Disable Horizontal Scaling
 Setting identical minimum and maximum values creates a fixed number of containers (disables automatic horizontal scaling).
 :::
+
 ### Deployment Modes (Databases and Shared Storage)
+
 For databases and shared storage services, Zerops offers two deployment modes focused on reliability and data integrity.
+
 :::warning
 Deployment mode cannot be changed after creation.
 :::
+
 #### Single Container Mode
+
 Single Container Mode provides one container with vertical scaling only. This is suitable for development environments or non-critical data storage.
+
 **Characteristics:**
 - Limited redundancy
 - No automatic recovery if the container fails
 - Data since last backup (if available) may be lost if failure occurs
 - Cost-effective for non-production environments
+
 #### Highly Available (HA) Mode
+
 Highly Available (HA) Mode creates multiple containers with built-in redundancy. This mode is strongly recommended for production environments and mission-critical data.
+
 **Characteristics:**
 - Multiple containers distributed across different physical machines
 - Automatic failover and recovery mechanisms
 - Data redundancy and integrity protection
 - Higher reliability and availability
 - Recommended for production use
+
 :::important
 Database and shared storage services in HA mode have a **fixed number of containers** that cannot be increased or decreased.
 :::
+
 **Recovery process:**
+
 In HA mode, when a container or physical machine fails, recovery is handled automatically:
+
 1. The failed container is disconnected from the cluster
 2. A new container is created on a different physical machine
 3. Data is synchronized from remaining healthy copies
 4. The failed container is removed
 5. Service continues with minimal disruption
+
+[Video: /vids/database-scaling.webm](/vids/database-scaling.webm)
+
 ### Fixed Resource Allocation (Docker Services)
+
 Docker services in Zerops operate differently from other service types:
+
 #### Docker Service Characteristics
+
 - **VM-Based Deployment**: Docker services run in virtual machines rather than containers
 - **Fixed Resources**: Unlike other services, Docker services do not support automatic vertical scaling
 - **User-Defined Resources**: Resources are set at creation and remain fixed until manually changed
 - **VM Count Changes**: The number of VMs can be changed, but this requires a VM restart
 - **No Automatic Scaling**: Resource levels do not automatically adjust based on usage
+
 **Important Considerations for Docker Services:**
 - Initial resource values should be chosen carefully, as they cannot automatically scale
 - Planning for expected peak loads is important when setting resource values
 - Runtime services or Linux containers should be considered instead if dynamic scaling is essential
 - VM restarts cause temporary service disruption when changing VM count or resources
+
 :::warning
 Docker services use fixed resources that do not automatically scale. Sufficient resources should be allocated at creation to handle expected workload. Additionally, disk space for Docker services can only be increased, not decreased without recreation of the service.
 :::
+
 ## Monitoring Your Infrastructure
+
 Zerops provides comprehensive monitoring tools in the user interface to track both resource usage and container scaling activities:
+
 ### Resource History Graphs
+
 Resource and container scaling can be visualized over time:
 - CPU utilization per container
 - RAM usage patterns
 - Disk space consumption
 - Container count changes
+
 These graphs help understand application resource needs, identify usage patterns, and fine-tune scaling settings for optimal performance and cost efficiency.
+
+[Video: /vids/containers.webm](/vids/containers.webm)
+
 ## Troubleshooting
+
 #### Resource-Related Issues (All Service Types Except Docker)
+
 **Out of Memory Errors**
 * **Issue:** Application crashes with OOM errors despite resource scaling.
 * **Possible Cause:** Insufficient minimum free RAM setting.
@@ -8000,6 +11778,7 @@ These graphs help understand application resource needs, identify usage patterns
     - Increase the "Minimum free RAM" setting
     - Check for memory leaks in the application
     - Consider setting a higher minimum RAM value
+
 **Excessive Resource Costs**
 * **Issue:** Resources scaling up but not scaling down efficiently.
 * **Possible Cause:** Scale-down thresholds not optimized.
@@ -8007,7 +11786,9 @@ These graphs help understand application resource needs, identify usage patterns
     - Review usage patterns in monitoring graphs
     - Adjust scale-down thresholds to be more aggressive
     - Set appropriate resource minimums based on base requirements
+
 #### Runtime Service and Linux Container Issues (Horizontal Scaling)
+
 **Application Not Working Properly Across Multiple Containers**
 * **Issue:** Application errors or inconsistent behavior when horizontally scaled.
 * **Possible Cause:** Application not designed for distributed operation.
@@ -8015,22 +11796,29 @@ These graphs help understand application resource needs, identify usage patterns
     - Ensure the application properly handles stateless operation
     - Implement proper session management across containers
     - Review and modify application code to support multiple instances
+
 #### Docker Service Issues
+
 **Insufficient Resources for Workload**
 * **Issue:** Docker service experiencing performance issues or crashes.
 * **Possible Cause:** Fixed resources inadequate for actual workload.
 * **Solution:**
     - Since Docker services don't support automatic vertical scaling, a new service with higher resource allocations may be needed
     - Consider migrating to a runtime service or Linux container if dynamic resource scaling is needed
+
 *Need help implementing scaling in your project? Join our [Discord community](https://discord.gg/zerops) where our team and other Zerops users can assist you!*
 
 ----------------------------------------
 
 # Gleam > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Gleam application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -8039,51 +11827,65 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: gleam@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: gleam@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customise the runtime Gleam environment by installing additional
       # dependencies to the base Gleam runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Gleam application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Gleam application start command
       start: npm start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -8094,6 +11896,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -8103,11 +11906,19 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Gleam builds:
+
+- `gleam@1.5`, `gleam@1`, `gleam@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8118,12 +11929,18 @@ zerops:
       base: gleam@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Gleam, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+  major version of Gleam, [Zerops command line tool](/references/cli), `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8137,34 +11954,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Gleam defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8173,6 +12008,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: gleam@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -8180,20 +12016,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/gleam/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8202,42 +12049,59 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: gleam@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     npm i
     npm run build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - npm i
   - npm run build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/gleam/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - npm i --verbose
   - npm run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -8246,56 +12110,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -8307,22 +12196,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -8331,6 +12231,7 @@ zerops:
     build:
       base: gleam@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -8339,12 +12240,20 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/gleam/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Gleam version for your runtime.
+
 Following options are available for Gleam runtimes:
+
+- `gleam@1.5`, `gleam@1`, `gleam@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8354,18 +12263,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: gleam@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: gleam@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Gleam, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8375,6 +12291,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: gleam@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -8384,36 +12301,58 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Gleam service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Gleam service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
+
 | parameter   | description                                                                                                                                                                                                                                                                                                            |
 | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | port        | Defines the port number. You can set any port number between _10_ and _65435_. Ports outside this interval are reserved for internal Zerops systems.                                                                                                                                                                   |
 | protocol    | **Optional.** Defines the protocol. Allowed values are `TCP` or `UDP`. Default value is `TCP`.                                                                                                                                                                                                                         |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Gleam runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Gleam environment contains {data.alpine.default} the selected
-  major version of Gleam, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Gleam, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8421,6 +12360,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -8430,27 +12370,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/gleam/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the custom runtime cache go to `yyy`
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Gleam, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Gleam, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8459,6 +12417,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -8468,15 +12427,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -8485,22 +12449,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Gleam application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/gleam/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/gleam/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -8515,57 +12492,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/gleam/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Gleam application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Gleam application start command
       start: npm start
 ```
+
 We recommend starting your Gleam application using `npm start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Gleam application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -8573,25 +12577,32 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/gleam/how-to/create#set-secret-environment-variables) as your Gleam application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Gleam application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -8600,13 +12611,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -8615,14 +12631,23 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/gleam/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
+
 <table className="w-full my-1.5">
   <thead>
     <tr>
@@ -8652,13 +12677,16 @@ If your application requires a https request, set <code>scheme: https</code></td
     </tr>
   </tbody>
 </table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -8667,25 +12695,33 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/gleam/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/gleam/how-to/create#set-secret-environment-variables) as your Gleam application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -8697,8 +12733,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/gleam/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Gleam > How To > Build Process
@@ -8715,34 +12753,58 @@ Read more about how the [readiness check works](/gleam/how-to/deploy-process#rea
 
 # Gleam > How To > Create
 
+
 Zerops provides a powerful Gleam runtime service with extensive build support. The Gleam runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Gleam environment up and running in no time.
+
 ## Create a Gleam service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Gleam service:
+
+[Video: /vids/services/gleam.webm](/vids/services/gleam.webm)
+
 ### Choose a Gleam version
+
 Zerops supports the following Gleam versions:
+
 :::info
 You can easily [upgrade](/gleam/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](/gleam/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create a Gleam service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Gleam service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/gleam/how-to/create#create-a-project-description-file)
 3. [Create a project with a Gleam and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -8764,13 +12826,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Gleam version 20 service with default [auto scaling](/gleam/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/gleam/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -8815,103 +12882,171 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Gleam service and a [PostgreSQL](/postgresql/overview) service.
+
 Gleam service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/gleam/how-to/build-pipeline#ports). Gleam service will run on version 20 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
+
 | Parameter       | Description                                                                                                                     | Limitations             |
 | --------------- | ------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
 | **name**        | The name of the new project. Duplicates are allowed.                                                                            |                         |
 | **description** | **Optional.** Description of the new project.                                                                                   | Maximum 255 characters. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Gleam and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Gleam service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/gleam/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/gleam/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/gleam/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/gleam/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Gleam service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -8932,33 +13067,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Gleam service version 20 with default [auto scaling](/gleam/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Gleam > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'Erlang libraries: When you need additional Erlang libraries for your Gleam application',
-  'Native dependencies: When your Gleam dependencies require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -9012,55 +13152,101 @@ System packages for processing: When your app processes images, videos, or files
 
 # Gleam > Overview
 
+
 [Gleam ↗](https://gleam.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-gleam), a **_recipe_**, containing the most simple Gleam web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Gleam app running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Gleam app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "gleam" recipe on Zerops](https://app.zerops.io/recipe/?lf=gleam)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-gleam/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-gleam
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: gleam@1.5
     enableSubdomainAccess: true
     buildFromGit: https://github.com/zeropsio/recipe-gleam
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://api-808-3000.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 {"message":"This is a simple Gleam application running in Zerops.io, each request adds an entry to the PostgreSQL database and returns a count. See the source repository (https://github.com/zeropsio/recipe-gleam) for more information.","newEntry":"e64be640-d6c2-4be8-93ac-d1e40e56fa06","count":1}
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/gleam/how-to/create) — Dive in all Zerops has to offer for your Gleam application.
+- [Gleam recipes](https://github.com/zeropsio?q=gleam&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Gleam service](/gleam/how-to/create) — Start with creating a Gleam service using GUI or zCLI.
+- [Zerops.yaml](/gleam/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/gleam/how-to/scaling) — Set up scaling of your Gleam application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/gleam/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/gleam/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/gleam/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Go > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Go application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -9069,47 +13255,60 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: go@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - go build -o app main.go
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: app
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: some_file
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: go@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Go environment by installing additional
       # dependencies to the base Go runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Go application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Go application start command
       start: ./app
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -9120,6 +13319,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -9129,11 +13329,19 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Go builds:
+
+- `go@1.22`, `go@1`, `golang@1`, `go@latest`, `golang@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9144,12 +13352,18 @@ zerops:
       base: go@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  version of Go, Zerops command line tool, `git` and `wget`.
+  version of Go, [Zerops command line tool](/references/cli), `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9163,34 +13377,52 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Go defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9199,6 +13431,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: go@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -9206,20 +13439,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/go/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9228,96 +13472,138 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: go@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - go build -o app main.go
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it. Suppose your `main.go` file is in a `src` directory.
+
 ```yaml
 buildCommands:
   - |
     cd src
     go build -o app main.go
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command. Suppose your `main.go` file is in a `src` directory.
+
 ```yaml
 buildCommands:
   - cd src
   - go build -o app src/main.go
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/go/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - go build -v -o app main.go
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -9329,22 +13615,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -9353,6 +13650,7 @@ zerops:
     build:
       base: go@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         GO_ENV: production
@@ -9361,12 +13659,20 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/go/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Go version for your runtime.
+
 Following options are available for Go builds:
+
+- `go@1.22`, `go@1`, `golang@1`, `go@latest`, `golang@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9376,18 +13682,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: go@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: go@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Go, Zerops command line tool, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9397,6 +13710,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: go@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -9406,42 +13720,73 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Go service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access a Go service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Go runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Go environment contains {data.alpine.default}, the selected
-  major version of Go, Zerops command line tool and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+  major version of Go, [Zerops command line tool](/references/cli) and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9449,6 +13794,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -9458,27 +13804,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/go/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Go, Zerops command line tool and `git` and `wget`.
+  selected major version of Go, [Zerops command line tool](/references/cli) and `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9487,6 +13851,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -9496,15 +13861,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -9513,22 +13883,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Go application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/go/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/go/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -9543,57 +13926,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/go/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Go application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Go application start command
       start: ./app
 ```
+
 We recommend starting your Go application using `./app`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Go application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -9601,30 +14011,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Go application.
+
+        The command has access to the same [environment variables](/go/how-to/create#set-secret-environment-variables) as your Go application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Go application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -9633,13 +14060,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -9648,72 +14080,112 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/go/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
-**Example:**
-```yaml
-zerops:
-  # hostname of your service
-  - setup: app
-    # ==== how to build your application ====
-    build: ...
-    # ==== how to deploy your application ====
-    deploy:
-      # OPTIONAL. Define a readiness check with a HTTP GET request option.
-      # Configures the check on http://127.0.0.1:80/status
-      readinessCheck:
-        httpGet:
-          port: 80
-          path: /status
-    # ==== how to run your application ====
-    run: ...
-```
-Read more about how the [readiness check works](/go/how-to/deploy-process#readiness-checks) in Zerops.
-#### exec
-Configures the readiness check to run a local command.
-Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
-        Defines a local command to be run.
-        The command has access to the same environment variables as your Go application.
-        A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
-**Example:**
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
+**Example:**
+
+```yaml
+zerops:
+  # hostname of your service
+  - setup: app
+    # ==== how to build your application ====
+    build: ...
+
+    # ==== how to deploy your application ====
+    deploy:
+      # OPTIONAL. Define a readiness check with a HTTP GET request option.
+      # Configures the check on http://127.0.0.1:80/status
+      readinessCheck:
+        httpGet:
+          port: 80
+          path: /status
+
+    # ==== how to run your application ====
+    run: ...
+```
+
+Read more about how the [readiness check works](/go/how-to/deploy-process#readiness-checks) in Zerops.
+
+#### exec
+
+Configures the readiness check to run a local command.
+Following attributes are available:
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
+        Defines a local command to be run.
+
+        The command has access to the same [environment variables](/go/how-to/create#set-secret-environment-variables) as your Go application.
+
+        A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+**Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -9725,8 +14197,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/go/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Go > How To > Build Process
@@ -9743,35 +14217,60 @@ Read more about how the [readiness check works](/go/how-to/deploy-process#readin
 
 # Go > How To > Create
 
+
 Zerops provides a Go runtime service with extensive build support. Go runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Go service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Go service:
+
+[Video: /vids/services/golang.webm](/vids/services/golang.webm)
+
 ### Choose Go version
+
 Following Go versions are currently supported:
+
 :::info
 You can [change](/go/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/go/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Go service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Go service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/go/how-to/create#create-a-project-description-file)
 3. [Create a project with a Go and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -9792,13 +14291,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Go version 1 service with default [auto scaling](/go/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/go/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -9843,98 +14347,143 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Go service and a [PostgreSQL](/postgresql/overview) service.
+
 Go service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Go service will run on version 1 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Go service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/go/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/go/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/go/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/go/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Go service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -9955,33 +14504,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Go service version 1 with default [auto scaling](/go/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Go > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'CGO dependencies: When you use CGO and need C libraries not included in the default environment',
-  'Development tools: When you need debugging tools, profilers, or other development utilities',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -10035,13 +14589,21 @@ System packages for processing: When your app processes images, videos, or files
 
 # Go > Overview
 
+
 [Go ↗](https://go.dev/) is a statically typed, compiled high-level programming language designed at Google.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-go-hello-world), a **_recipe_**, containing the most simple Go web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Go running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Go running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "golang" recipe on Zerops](https://app.zerops.io/recipe/?lf=golang)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-go-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -10053,43 +14615,78 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-go-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/go/how-to/create) — Dive in all Zerops has to offer for your Go application.
+
 ## Feature Highlights
+
+- [Create Go service](/go/how-to/create) — Start with creating a Go service using GUI or zCLI.
+- [zerops.yaml](/go/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/go/how-to/scaling) — Set up scaling of your Go application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/go/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/go/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/go/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Guides > Backup
 
+
 Zerops auto-backs up databases and storage daily (00:00-01:00 UTC) with X25519 encryption; backups are retained for 7 days minimum after service/project deletion.
+
 ## Supported Services
 MariaDB, PostgreSQL, Qdrant, Elasticsearch, NATS, Meilisearch, Shared Storage.
+
 **Not supported**: Runtimes, Object Storage (use S3 lifecycle policies), Valkey/KeyDB (in-memory).
+
 ## Schedule Options
 - No backups
 - Once a day (default: 00:00-01:00 UTC)
 - Once a week
 - Once a month
 - Custom CRON: `minute hour day month weekday`
+
 ## Tagging
 - Auto tags: `daily` (every backup), `weekly` (first Monday UTC), `monthly` (1st of month UTC)
 - User tags: Up to 24 chars (letters, numbers, `:-_`)
 - **Protected tags**: Exempt from automatic deletion — use for critical snapshots
+
 ## Storage Limits
 | Plan | Backup Storage | Egress |
 |------|---------------|--------|
@@ -10097,13 +14694,17 @@ MariaDB, PostgreSQL, Qdrant, Elasticsearch, NATS, Meilisearch, Shared Storage.
 | Serious | 25 GB | 3 TB |
 | Technical max | 1 TiB per project (shared across all services) |
 | Technical max | 1 TiB per project (shared across all services) |
+
 ## Retention Defaults
 - Minimum kept: 7 daily + 4 weekly + 3 monthly
 - Maximum per service: 50 backups
+
 ## Encryption
 End-to-end with X25519 per-project keys. Decrypted only on download.
+
 ## Grace Period
 7 days after service or project deletion before backups are permanently removed.
+
 ## Backup Formats by Service
 | Service | Format |
 |---------|--------|
@@ -10115,56 +14716,84 @@ End-to-end with X25519 per-project keys. Decrypted only on download.
 | NATS | .tar.gz |
 | Shared Storage | filesystem archive |
 | Shared Storage | filesystem archive |
+
 ## Gotchas
 1. **Object Storage has no Zerops backup**: Use S3 lifecycle policies or external backup
 2. **Valkey/KeyDB not backed up**: In-memory data — use persistence or application-level backup
 3. **Backup storage is shared**: All services in a project share the backup quota
 
+
 ----------------------------------------
 
 # Guides > Build Cache
 
+
 Zerops uses a two-layer build cache: base layer (OS + prepareCommands) and build layer (buildCommands output). The `cache:` attribute in zerops.yml controls which files persist between builds. Changing `build.os`, `build.base`, `build.prepareCommands`, or `build.cache` invalidates both layers (cascade).
+
 ---
+
 ## Two-Layer Architecture
+
 | Layer | Contains | Cached when |
 |-------|----------|-------------|
 | **Base layer** | OS, installed packages, prepareCommands output | prepareCommands unchanged |
 | **Build layer** | Files from `cache:` attribute after buildCommands | cache config unchanged |
 | **Build layer** | Files from `cache:` attribute after buildCommands | cache config unchanged |
+
 Both layers are currently **coupled** -- invalidating the base layer also invalidates the build layer (cascade invalidation).
+
 ## Cache Lifecycle
+
 1. **Restoration**: cached files moved from `/build/cache` to `/build/source` (no-clobber -- source files win)
 2. **Build execution**: buildCommands run with cached + source files
 3. **Preservation**: specified cache files moved from `/build/source` to `/build/cache`
+
 No compression or network transfer -- fast directory rename operations within the container.
+
 ---
+
 ## Configuration
+
 ### Path-Specific Caching (Recommended)
+
 ```yaml
 build:
   cache: node_modules                # single path
   cache: [node_modules, .next]       # multiple paths
 ```
+
 All paths resolve relative to `/build/source`. Supports Go `filepath.Match` patterns (e.g., `"subdir/*.txt"`, `"package*"`). Forms `./node_modules`, `node_modules`, `node_modules/` are equivalent.
+
 ### System-Wide Caching
+
 - **`cache: true`** -- preserves entire build container state. Best for global package managers (Go modules, pip)
 - **`cache: false`** -- only prevents caching within `/build/source`. Files outside (e.g., `$GOPATH`) **remain cached**
+
 ---
+
 ## Cache Invalidation
+
 ### Automatic Triggers
+
 Any change to these zerops.yml fields invalidates **both layers**:
+
 - `build.os`
 - `build.base`
 - `build.prepareCommands`
 - `build.cache`
+
 **DO NOT** add trivial changes to `prepareCommands` (e.g., adding `vim`) without understanding this will also invalidate cached `node_modules`, `vendor/`, etc.
+
 ### Manual Triggers
+
 - **GUI**: Service detail -> Pipelines & CI/CD Settings -> Invalidate build cache
 - **API**: `DELETE /service-stack/{id}/build-cache`
 - **Version restore**: Activating a backup app version also invalidates cache
+
 ---
+
 ## Per-Runtime Cache Recommendations
+
 | Runtime | Recommended `cache:` paths |
 |---------|---------------------------|
 | Node.js / Bun | `node_modules`, `.next`, `.turbo`, `package-lock.json` |
@@ -10175,21 +14804,30 @@ Any change to these zerops.yml fields invalidates **both layers**:
 | Java | `cache: true` (.m2 lives outside /build/source) |
 | .NET | `cache: true` (NuGet outside /build/source) |
 | .NET | `cache: true` (NuGet outside /build/source) |
+
 ---
+
 ## Build Container Specs
+
 CPU 1-5 cores, RAM 8 GB fixed, Disk 1-100 GB, Timeout 60 min. User `zerops` with **sudo**. Default OS: **Alpine** (use `apt-get` with `os: ubuntu`).
+
 ---
+
 ## Common Pitfalls
+
 1. **Cascade invalidation**: Changing `prepareCommands` wipes build-layer cache too (e.g., adding `sqlite` to prepare also clears cached `node_modules`)
 2. **`cache: false` is misleading**: Only clears `/build/source` cache. Globally installed packages (Go modules, pip packages) persist in the base layer
 3. **No-clobber restore**: If source repo contains a file also in cache, **source wins** -- the cached version is silently skipped (logged but does not fail)
 4. **Lock file caching**: Cache lock files (`package-lock.json`, `composer.lock`) alongside dependency directories for consistent installs
 
+
 ----------------------------------------
 
 # Guides > Cdn
 
+
 Zerops CDN has 6 global regions with a **fixed 30-day cache TTL** (HTTP Cache-Control headers are ignored by CDN but still affect browsers). Built on Nginx + Cloudflare geo-steering.
+
 ## Regions
 1. **EU (Prague, CZ)** — Primary + all-region failover
 2. **EU (Falkenstein, DE)** — Secondary European
@@ -10197,25 +14835,32 @@ Zerops CDN has 6 global regions with a **fixed 30-day cache TTL** (HTTP Cache-Co
 4. **AU (Sydney)**
 5. **SG (Singapore)**
 6. **CA (Beauharnois, Canada)**
+
 DNS TTL: 30 seconds. Geo-steering routes to nearest node. EU Prague is fallback if all others down.
+
 ## CDN Modes
+
 ### Object Storage CDN
 - URL: `https://storage.cdn.zerops.app/bucket/path`
 - Env var: `${storageCdnUrl}`
 - Direct from Object Storage through CDN
+
 ### Static CDN
 - URL: `https://static.cdn.zerops.app/domain.com/path`
 - Env var: `${staticCdnUrl}`
 - For custom domains on static/nginx services
 - **Wildcard domains NOT supported**
+
 ### API CDN
 - Coming soon
 - Env var: `${apiCdnUrl}`
+
 ## Cache Behavior
 - TTL: **Fixed 30 days** (not configurable)
 - HTTP `Cache-Control` headers: Affect browser caching, **NOT CDN caching**
 - Eviction: LRU when storage capacity reached
 - First request: Fetched from origin and cached
+
 ## Purge Patterns
 ```
 /*            # All content
@@ -10224,100 +14869,138 @@ DNS TTL: 30 seconds. Geo-steering routes to nearest node. EU Prague is fallback
 /prefix*      # Pattern prefix match
 ```
 Wildcard must be at end. Use `$` suffix for exact file match.
+
 ### Purge via zsc
 ```bash
 zsc cdn purge /*              # Purge all cached content
 zsc cdn purge /images/*       # Purge directory
 zsc cdn purge /style.css$     # Purge exact file
 ```
+
 ## Gotchas
 1. **30-day fixed TTL**: Cannot be changed — `Cache-Control: max-age=3600` has no effect on CDN
 2. **No wildcard domains on static CDN**: `*.domain.com` is not supported
 3. **Purge wildcards at end only**: `/images/*.jpg` is invalid — use `/images/*`
 
+
 ----------------------------------------
 
 # Guides > Choose Cache
 
+
 **Use Valkey.** KeyDB development has stalled and is effectively deprecated on Zerops.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
 | **Any caching need** | **Valkey** (default) | Active development, full HA, Redis-compatible |
 | Legacy KeyDB apps | KeyDB | Only if migrating existing KeyDB deployment |
 | Legacy KeyDB apps | KeyDB | Only if migrating existing KeyDB deployment |
+
 ## Valkey (Default Choice)
+
 - Redis-compatible drop-in replacement
 - HA: 3 nodes (1 master + 2 replicas) with automatic failover
 - Ports: 6379 (non-TLS), 6380 (TLS), 7000 (read replica non-TLS), 7001 (read replica TLS)
 - Connection: `redis://${user}:${password}@${hostname}:6379`
 - HA detail: Ports 6379/6380 on replicas forward traffic to current master (Zerops-specific, not native Valkey)
+
 ## KeyDB (Deprecated)
+
 - Development activity has slowed significantly
 - Port: 6379
 - **Do not use for new projects**
+
 ## Gotchas
 1. **HA replication is async**: Brief data loss possible during master failover
 2. **Port forwarding is Zerops-specific**: Replicas forward 6379/6380 to master — this is not standard Redis/Valkey behavior
 3. **Read replicas use different ports**: 7000/7001 for direct replica reads
 
+
 ----------------------------------------
 
 # Guides > Choose Database
 
+
 **Use PostgreSQL** for everything unless you have a specific reason not to. It's the best-supported database on Zerops with full HA, read replicas, and pgBouncer.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
 | **General-purpose** | **PostgreSQL** (default) | Full HA, read replicas, pgBouncer, best Zerops support |
 | MySQL compatibility | MariaDB | MaxScale routing, async replication |
 | Analytics / OLAP | ClickHouse | Columnar storage, ReplicatedMergeTree, 4 protocol ports |
 | Analytics / OLAP | ClickHouse | Columnar storage, ReplicatedMergeTree, 4 protocol ports |
+
 ## PostgreSQL (Default Choice)
+
 - HA: 3 nodes (1 primary + 2 replicas)
 - Ports: 5432 (primary), 5433 (read replicas), 6432 (external TLS via pgBouncer)
 - Connection: `postgresql://${user}:${password}@${hostname}:5432/${db}`
 - Read scaling: Use port 5433 for read-heavy workloads
+
 ## MariaDB
+
 - HA: MaxScale routing with async replication
 - Port: 3306
 - Connection: `mysql://${user}:${password}@${hostname}:3306/${db}`
 - Use when: Application requires MySQL wire protocol
+
 ## ClickHouse
+
 - HA: 3 data nodes, replication factor 3
 - Ports: 9000 (native), 8123 (HTTP), 9004 (MySQL), 9005 (PostgreSQL)
 - Requires `ReplicatedMergeTree` engine in HA mode
 - Use when: Analytics, time-series, OLAP workloads
+
 ## Gotchas
 1. **HA mode is immutable**: Cannot switch HA/NON_HA after creation — delete and recreate
 2. **No internal TLS**: Use `http://hostname:port` internally — VPN provides encryption
 3. **PostgreSQL URI scheme**: Some libraries need `postgres://` not `postgresql://` — create a custom env var
 
+
 ----------------------------------------
 
 # Guides > Choose Queue
 
-**Use NATS** for most cases (simple, fast, JetStream persistence). Use **Kafka** only for enterprise event streaming with guaranteed ordering and unlimited retention.
+
+**Use NATS** for most cases (simple, fast, optional JetStream persistence layer when durability is needed). Use **Kafka** only for enterprise event streaming with guaranteed ordering and unlimited retention.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
-| **General messaging** | **NATS** (default) | Simple auth, JetStream built-in, fast |
+| **General messaging** | **NATS** (default) | Simple auth, fast, JetStream available when needed |
 | Enterprise event streaming | Kafka | SASL auth, 3-broker HA, unlimited retention |
-| Lightweight pub/sub | NATS | Low overhead, 8MB default messages |
+| Lightweight pub/sub | NATS — core | Low overhead, 8MB default messages, fire-and-forget |
+| Durable queues, replay, at-least-once | NATS — JetStream | Persistent streams, durable consumers, ack/redeliver |
 | Event sourcing / audit logs | Kafka | Indefinite topic retention, strong ordering |
 | Event sourcing / audit logs | Kafka | Indefinite topic retention, strong ordering |
+
 ## NATS (Default Choice)
+
+NATS exposes **two distinct messaging shapes**. Pick ONE per recipe and write yaml comments / KB content describing only that shape — mixing them confuses porters about what the recipe actually does.
+
+- **Core pub/sub + queue groups**: `nc.subscribe('subject', { queue: 'workers' })`. No persistence; queue groups load-balance delivery across replicas; lost messages stay lost. HA story: surviving cluster nodes keep delivering, no consumer position to restore. Use when fan-out + load balance + at-most-once is enough.
+- **JetStream streams + durable consumers**: opens an explicit stream via `JetStreamManager`, subscribes durably via `js.subscribe(...)`. Persistent message store; replay on reconnect; ack/redeliver. HA story: cluster replicates stream state, acked-but-unprocessed messages survive node loss. Use when at-least-once + replay + persistence are required.
+
+**Authoring rule**: a recipe's yaml comments and KB bullets should reflect the shape the code actually uses. If the worker only calls `nc.subscribe()` with a queue group and never opens a stream, do not invoke JetStream language at HA tiers — the recipe has no stream to replicate. If the worker opens a JetStream stream, the JetStream HA story is the relevant one.
+
 - Ports: 4222 (client), 8222 (HTTP monitoring)
 - Auth: user `zerops` + auto-generated password
 - **Connection** — two supported patterns, pick ONE:
   - **Separate env vars** (recommended, works with every NATS client library): pass `servers: ${hostname}:${port}` plus `user: ${user}, pass: ${password}` as client-side connect options. The servers list stays credential-free.
   - **Opaque connection string**: pass `${connectionString}` directly as the servers option — the platform builds a correctly-formatted URL with embedded auth that the NATS server expects.
-- JetStream: Enabled by default (`JET_STREAM_ENABLED=1`)
+- JetStream capability: enabled by default (`JET_STREAM_ENABLED=1`); recipes opt in by writing JetStream client code. Setting `JET_STREAM_ENABLED=0` hard-disables the capability across the project.
 - Storage: Up to 40GB memory + 250GB file store
 - Max message: 8MB default, 64MB max (`MAX_PAYLOAD`)
 - Health check: `GET /healthz` on port 8222
 - **Config changes require restart** (no hot-reload)
+
 ## Kafka
+
 - Port: 9092 (SASL PLAIN auth)
 - Auth: `user` + `password` env vars (auto-generated)
 - Bootstrap: `${hostname}:9092`
@@ -10325,19 +15008,24 @@ zsc cdn purge /style.css$     # Purge exact file
 - Storage: Up to 40GB RAM + 250GB persistent
 - Topic retention: **Indefinite** (no time or size limits)
 - Schema Registry: Port 8081 (if enabled)
+
 ## Gotchas
 1. **NATS config changes need restart**: No hot-reload — changing env vars requires service restart
 2. **Kafka single-node has no replication**: 1 broker = 3 partitions but zero redundancy
-3. **NATS JetStream HA sync interval**: 1-minute sync across nodes — brief data lag possible
+3. **NATS JetStream HA sync interval**: 1-minute sync across nodes — brief data lag possible. Applies only to recipes that actually open JetStream streams; core pub/sub recipes are unaffected.
 4. **Kafka SASL only**: No anonymous connections — always use the generated credentials
 5. **NATS authorization violation from a hand-composed URL**: do not build a `nats://user:pass@host:4222` URL from the separate env vars. Most NATS client libraries will parse the embedded credentials AND separately attempt SASL with the same values, producing a double-auth that the server rejects with `Authorization Violation` on the first CONNECT frame (symptom: startup crash, no successful subscription). Use either the separate env vars passed as connect options (credential-free servers list) or the opaque `${connectionString}` the platform builds for you — both patterns in the Connection section above avoid the double-auth path.
 
+
 ----------------------------------------
 
 # Guides > Choose Runtime Base
 
+
 **Use Alpine** as the default base for all services. Use Ubuntu only when you need system packages not available in Alpine. Use Docker only for pre-built images.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
 | **Any standard app** | **Alpine** (default) | ~5MB, fast, secure, sufficient for 95% of apps |
@@ -10345,36 +15033,47 @@ zsc cdn purge /style.css$     # Purge exact file
 | Pre-built Docker images | Docker | VM-based, bring your own image |
 | CGO / native libs | Ubuntu | Better glibc compatibility than Alpine's musl |
 | CGO / native libs | Ubuntu | Better glibc compatibility than Alpine's musl |
+
 ## Alpine (Default)
+
 - Size: ~5MB base
 - Package manager: `apk add`
 - Best for: All runtimes (Node.js, Python, Go, Rust, Java, PHP, etc.)
 - Zerops uses Alpine as default base for all managed runtimes
+
 ## Ubuntu
+
 - Size: ~100MB base
 - Package manager: `apt-get install`
 - Version: 24.04 LTS
 - Use when: You need packages not available in Alpine, or need glibc (not musl)
 - Example: Go apps with CGO, Python packages with C extensions that don't compile on musl
+
 ## Docker
+
 - **Runs in a VM** (not a container) — slower boot, higher overhead
 - Network: **Must use `--network=host`** or `network_mode: host` in compose
 - Scaling: Fixed resources only (no min-max auto-scaling), VM restarts on resource change
 - Disk: Can only increase, never decrease without recreation
 - Build phase runs in containers (not VMs)
 - **Always use specific version tags** — `:latest` is cached and won't re-pull
+
 ## Gotchas
 1. **Alpine uses musl**: Some C libraries may not compile — use Ubuntu if you hit musl issues
 2. **Docker is VM-based**: Vertical scaling restarts the VM — expect brief downtime
 3. **Docker `:latest` is cached**: Zerops won't re-pull — always use specific tags like `myapp:1.2.3`
 4. **Docker requires host networking**: Without `--network=host`, the container can't receive traffic
 
+
 ----------------------------------------
 
 # Guides > Choose Search
 
+
 **Use Meilisearch** for simple full-text search. Use **Elasticsearch** for advanced queries or HA requirements. Use **Qdrant** for vector/AI search.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
 | **Simple full-text search** | **Meilisearch** (default) | Instant setup, typo-tolerant, frontend-safe keys |
@@ -10382,46 +15081,60 @@ zsc cdn purge /style.css$     # Purge exact file
 | Autocomplete + typo-tolerance | Typesense | Raft HA, CORS built-in, fast |
 | Vector / AI similarity | Qdrant | gRPC + HTTP, automatic cluster replication |
 | Vector / AI similarity | Qdrant | gRPC + HTTP, automatic cluster replication |
+
 ## Meilisearch (Default for Simple Search)
+
 - Single-node only (no clustering)
 - Port: 7700
 - API keys: `masterKey` (admin), `defaultSearchKey` (frontend-safe), `defaultAdminKey` (backend)
 - Production mode by default (no search preview dashboard)
+
 ## Elasticsearch (Advanced / HA)
+
 - Cluster support with multiple nodes
 - Port: 9200 (HTTP only)
 - Auth: `elastic` user with auto-generated password
 - Plugins via `PLUGINS` env var (comma-separated)
 - JVM heap: `HEAP_PERCENT` env var (default 50%)
 - Min RAM: 0.25 GB
+
 ## Typesense (Fast Autocomplete)
+
 - HA: 3-node Raft consensus
 - API key via `apiKey` env var (immutable after generation)
 - CORS enabled by default
 - Recovery time: up to 1 minute during failover (503/500 auto-resolves)
 - Data persisted at `/var/lib/typesense`
+
 ## Qdrant (Vector Search)
+
 - Ports: 6333 (HTTP), 6334 (gRPC)
 - API keys: `apiKey` (full access), `readOnlyApiKey` (search only)
 - HA: 3 nodes with `automaticClusterReplication=true` by default
 - **Internal access only** — no public access available
+
 ## Gotchas
 1. **Meilisearch has no HA**: Single-node only — for HA full-text search, use Elasticsearch or Typesense
 2. **Qdrant is internal-only**: Cannot be exposed publicly — access via your runtime service
 3. **Typesense API key is immutable**: Cannot change `apiKey` after service creation
 4. **Elasticsearch plugins require restart**: Changing `PLUGINS` env var needs service restart
 
+
 ----------------------------------------
 
 # Guides > Ci Cd
 
+
 Zerops supports GitHub/GitLab webhook triggers (new tag or push to branch) and GitHub Actions / GitLab CI via `zcli push` with an access token.
+
 ## GitHub Integration (Webhook)
+
 ### Setup (GUI)
 1. Service detail → Build, Deploy, Run Pipeline Settings
 2. Connect with GitHub repository
 3. Select repo + authorize (requires **full access** for webhooks)
 4. Choose trigger: **New tag** (optional regex filter) or **Push to branch**
+
 ### GitHub Actions
 ```yaml
 name: Deploy
@@ -10434,25 +15147,33 @@ jobs:
       - uses: zeropsio/actions@main
         with:
           access-token: ${{ secrets.ZEROPS_TOKEN }}
-          service-id: 
+          service-id: <service-id>
 ```
+
 - `access-token`: From Settings → Access Token Management
 - `service-id`: From service URL or three-dot menu → Copy Service ID
+
 ## GitLab Integration (Webhook)
+
 ### Setup (GUI)
 1. Service detail → Build, Deploy, Run Pipeline Settings
 2. Connect with GitLab repository
 3. Authorize (requires **full access** for webhooks)
 4. Choose trigger: **New tag** (optional regex) or **Push to branch**
+
 ## Skip Pipeline
 Include `ci skip` or `skip ci` in commit message (case-insensitive).
+
 ## Disconnect
 Service detail → Build, Deploy, Run → Stop automatic build trigger.
+
 ## Gotchas
 1. **Full repo access required**: Webhook integration needs full access to create/manage webhooks
 2. **`ci skip` in commit message**: Prevents pipeline trigger — useful for docs-only changes
 3. **Service ID not obvious**: Find it in service URL or three-dot menu → Copy Service ID
+
 ## GitLab CI
+
 ```yaml
 deploy:
   stage: deploy
@@ -10465,11 +15186,14 @@ deploy:
   only:
     - main
 ```
+
 ## Generic CI (Any System)
+
 Any CI system with shell access can deploy via `zcli push`:
 1. Install zcli: `curl -L https://zerops.io/zcli/install.sh | sh`
-2. Authenticate: `zcli login `
-3. Deploy: `zcli push --project-id  --service-id `
+2. Authenticate: `zcli login <access-token>`
+3. Deploy: `zcli push --project-id <id> --service-id <id>`
+
 ### zcli push key flags
 | Flag | Description |
 |------|-------------|
@@ -10482,16 +15206,21 @@ Any CI system with shell access can deploy via `zcli push`:
 | `--deploy-git-folder` | Include `.git/` directory in deploy |
 | `--deploy-git-folder` | Include `.git/` directory in deploy |
 
+
 ----------------------------------------
 
 # Guides > Cloudflare
 
+
 Always use **Full (strict)** SSL mode in Cloudflare — "Flexible" causes redirect loops. Shared IPv4 with Cloudflare proxy is not recommended.
+
 ## DNS Configuration
+
 ### CNAME (non-apex or with CNAME flattening)
 ```
-CNAME  
+CNAME <domain> <project-cname-target>
 ```
+
 ### With Cloudflare Proxy (orange cloud)
 | IP Type | Record | Proxy |
 |---------|--------|-------|
@@ -10499,6 +15228,7 @@ CNAME
 | Dedicated IPv4 | `A <domain> <ipv4>` | Proxied |
 | Shared IPv4 | **Not recommended** | Reverse AAAA lookup issues |
 | Shared IPv4 | **Not recommended** | Reverse AAAA lookup issues |
+
 ### DNS-Only (gray cloud)
 | IP Type | Records Required |
 |---------|-----------------|
@@ -10506,19 +15236,24 @@ CNAME
 | Dedicated IPv4 | `A` (AAAA optional) |
 | IPv6 only | `AAAA` |
 | IPv6 only | `AAAA` |
+
 ## Wildcard Domains
 ```
-Method A: A *. + AAAA *.
-Method B: CNAME *. 
-ACME:     CNAME _acme-challenge. .zerops.zone
+Method A: A *.<domain> + AAAA *.<domain>
+Method B: CNAME *.<domain> <domain>
+ACME:     CNAME _acme-challenge.<domain> <domain>.zerops.zone
 ```
+
 ## SSL/TLS Settings (Cloudflare Dashboard)
 - **Encryption mode: Full (strict)** — mandatory
 - **Never use "Flexible"** — causes infinite redirect loops
 - Enable "Always Use HTTPS"
 - WAF exception: Skip rule for `/.well-known/acme-challenge/` (ACME validation)
+
 ## Preparing a Service for Cloudflare
+
 Any runtime service (nodejs, go, python, etc.) can be put behind Cloudflare. Steps:
+
 1. **Create the service** with `enableSubdomainAccess: true` in import YAML:
    ```yaml
    services:
@@ -10530,8 +15265,11 @@ Any runtime service (nodejs, go, python, etc.) can be put behind Cloudflare. Ste
 2. **Deploy code** to the service (via `zcli push` or `buildFromGit`)
 3. **Configure Cloudflare DNS** to point to your Zerops project IP
 4. **Set SSL mode to "Full (strict)"** in Cloudflare dashboard
+
 **Important**: The `zerops_subdomain enable` tool only works on deployed (ACTIVE) services. For new services, use `enableSubdomainAccess: true` in import YAML.
+
 Internal service-to-service communication must always use `http://` — never `https://`. SSL terminates at the Zerops L7 balancer.
+
 ## Gotchas
 1. **Flexible SSL = redirect loop**: Zerops forces HTTPS, Cloudflare Flexible sends HTTP → infinite redirect
 2. **Shared IPv4 + proxy is broken**: Reverse AAAA lookup doesn't work with Cloudflare proxy on shared IPv4
@@ -10539,16 +15277,24 @@ Internal service-to-service communication must always use `http://` — never `h
 4. **Wildcard SSL on Cloudflare Free**: Free plan doesn't proxy wildcard subdomains — use DNS-only or upgrade
 5. **Subdomain on undeployed service**: `zerops_subdomain enable` returns "Service stack is not http or https" on READY_TO_DEPLOY services — deploy code first or use `enableSubdomainAccess` in import YAML
 
+
 ----------------------------------------
 
 # Guides > Deployment Lifecycle
 
+
 Zerops build & deploy pipeline: temporary build container runs prepareCommands + buildCommands, uploads artifact via deployFiles, then deploys to runtime containers with optional readiness checks. Default is zero-downtime rolling deployment. Build has a 60-minute timeout. The pipeline emits events trackable via `zerops_events`.
+
 ---
+
 ## Build Phase
+
 ### Build Container Lifecycle
+
 The build container is **temporary** -- created on demand, destroyed after completion or failure.
+
 **Step-by-step execution order:**
+
 1. **Container creation** -- base environment from `build.base` + `build.os` (default Alpine)
 2. **Source code download** -- from GitHub, GitLab, or zcli push to `/var/www`
 3. **Cache restoration** -- cached files moved to `/build/source` (no-clobber, source wins)
@@ -10557,56 +15303,81 @@ The build container is **temporary** -- created on demand, destroyed after compl
 6. **Artifact upload** -- files matching `deployFiles` stored in internal Zerops storage
 7. **Cache preservation** -- files matching `cache:` moved to `/build/cache`
 8. **Container deletion** -- build container destroyed regardless of outcome
+
 ### Build Limits
+
 - **Resources**: CPU 1-5 cores, RAM 8 GB fixed, Disk 1-100 GB (auto-scales, not charged separately)
 - **Timeout**: **60 minutes** hard limit -- no retry, must trigger new pipeline
 - **Cancellation**: only available before build finishes -- once artifact uploaded, deploy cannot be cancelled
+
 ### Command Exit Codes
+
 - **Exit 0** -- success, next command runs
 - **Non-zero** -- build cancelled, check build log for errors
 - YAML list items = **separate shells**; use `|` block scalar for **single shell** (shared env/cwd)
+
 ---
+
 ## Runtime Prepare Phase (Optional)
+
 Runs **after build, before deploy** when `run.prepareCommands` is defined. Creates a **custom runtime image** with additional system packages.
+
 **Execution order:**
 1. Create prepare container from `run.os` + `run.base`
 2. Copy files from `build.addToRunPrepare` to `/home/zerops/`
 3. Execute `run.prepareCommands` in order
 4. Snapshot as custom runtime image
 5. Image cached for future deploys
+
 **Cache invalidation triggers:**
 - Change to `run.os`, `run.base`, or `run.prepareCommands`
 - Change to `build.addToRunPrepare` file contents
 - Manual invalidation via GUI
+
 **DO NOT** include application code in the runtime prepare image. Deploy files arrive separately.
+
 ---
+
 ## Deploy Phase
+
 ### First Deploy
+
 For each new container (count based on auto scaling settings):
+
 1. **Install runtime** -- base image or custom runtime image
 2. **Download artifact** -- from internal storage to `/var/www`
 3. **initCommands** -- optional per-container initialization (runs every start/restart)
 4. **start command** -- launch application
 5. **Readiness check** -- if configured, gates traffic routing
 6. **Container active** -- receives incoming requests
+
 Multiple containers deploy **in parallel**.
+
 ### Subsequent Deploys (Rolling Deployment)
+
 Default behavior (`temporaryShutdown: false`):
+
 1. New containers started (same count as existing)
 2. New containers go through steps 1-6 above
 3. **Both old and new versions run simultaneously** during transition
 4. Old containers removed from load balancer (stop receiving new requests)
 5. Old container processes terminated
 6. Old containers deleted
+
 ### temporaryShutdown Behavior
+
 | Setting | Behavior | Downtime |
 |---------|----------|----------|
 | `false` (default) | New containers start BEFORE old ones stop | **Zero downtime** |
 | `true` | Old containers stop BEFORE new ones start | **Temporary downtime** |
 | `true` | Old containers stop BEFORE new ones start | **Temporary downtime** |
+
 Use `temporaryShutdown: true` only when you cannot run two versions simultaneously (e.g., database migrations, singleton locks).
+
 ---
+
 ## Readiness Check vs Health Check
+
 | Aspect | Readiness Check | Health Check |
 |--------|----------------|--------------|
 | When | **During deploy only** | **Continuously after deploy** |
@@ -10614,59 +15385,85 @@ Use `temporaryShutdown: true` only when you cannot run two versions simultaneous
 | Location | `deploy.readinessCheck` | `run.healthCheck` |
 | Failure action | Container marked failed after timeout, replaced | Container restarted |
 | Failure action | Container marked failed after timeout, replaced | Container restarted |
+
 ### Readiness Check Mechanics
+
 1. Application starts via `start` command
 2. Readiness check runs (httpGet or exec)
 3. If **fails** -- wait `retryPeriod` seconds (default 5s), retry
 4. If **succeeds** -- container marked active, receives traffic
 5. If still failing after `failureTimeout` (default 300s / 5 min) -- container deleted, new one created
+
 **httpGet**: succeeds on HTTP `2xx`, follows `3xx` redirects, 5-second per-request timeout
 **exec.command**: succeeds on exit code 0, 5-second per-command timeout
+
 ---
+
 ## Event Timeline (zerops_events)
+
 Typical pipeline events in chronological order:
+
 1. **`stack.build` process RUNNING** -- build container created, pipeline started
 2. **`stack.build` process FINISHED** -- build complete, artifact uploaded
 3. **`appVersion` build event ACTIVE** -- deploy started, containers launching
 4. **Service status returns to RUNNING** -- all containers active, deploy complete
+
 **Terminal states:**
 - Build done: `stack.build` process status = `FINISHED`
 - Build failed: `stack.build` process status = `FAILED`
 - Deploy done: service containers all active, new appVersion is `ACTIVE`
+
 **DO NOT** keep polling after `stack.build` shows `FINISHED` -- that means the build itself is complete. The `ACTIVE` status on appVersion means deployed and running.
+
 ---
+
 ## Build Event Polling Checklist
+
 When monitoring a build/deploy via `zerops_events`:
+
 1. **Filter by service**: always use `serviceHostname` parameter to avoid stale events from other services or previous iterations
 2. **Check `stack.build` process**: look for status `FINISHED` (success) or `FAILED` (error). Once `FINISHED`, the build is done — stop polling build status
 3. **Check `appVersion` build event**: status `ACTIVE` means deployed and running. This confirms deploy completion
 4. **Do NOT confuse build events**: `stack.build` process `RUNNING` = build in progress. `appVersion` `ACTIVE` = already deployed. These are different events
 5. **Timeout guidance**: builds have a 60-minute hard limit. If no `FINISHED` after ~5 minutes for typical apps, check build logs via `zerops_logs`
 6. **Stale events**: project-level events may include old builds from previous deploys. Always verify the event timestamp and service match
+
 ## Application Versions
+
 Zerops keeps **10 most recent versions**. Older auto-deleted. Any archived version can be **restored** -- activates that version, archives current, restores env vars to their state when that version was last active.
+
 ## Gotchas
+
 1. **Build and run are SEPARATE containers** -- build output does not automatically appear in runtime. You must specify `deployFiles`
 2. **initCommands run on EVERY container start** -- including restarts and horizontal scaling, not just deploys
 3. **initCommands failures do NOT cancel deploy** -- app starts regardless of init exit code
 4. **prepareCommands in build vs run** -- `build.prepareCommands` customizes build env, `run.prepareCommands` creates custom runtime image. Different containers, different purposes
 5. **deployFiles land in `/var/www`** -- tilde syntax (`dist/~`) extracts contents directly to `/var/www/` (strips directory). Without tilde, `dist` → `/var/www/dist/` (preserved). **CRITICAL**: `run.start` path must match — `dist/~` + `start: bun dist/index.js` BREAKS because the file is at `/var/www/index.js`, not `/var/www/dist/index.js`
+
 ## SSHFS Mount and Deploy Interaction
+
 When using SSHFS (`zerops_mount`) for dev workflows, deploy replaces the container. This has important consequences:
+
 1. **After deploy, run container only has `deployFiles` content.** All other files (including zerops.yml if not in deployFiles) are gone. Use `deployFiles: [.]` for dev services to ensure zerops.yml and source files survive the deploy cycle.
 2. **SSHFS mount auto-reconnects after deploy.** No explicit remount is needed — the SSHFS reconnect mechanism handles the container replacement transparently. The mount only becomes truly stale during stop (container not running); after start it auto-reconnects again.
 3. **zerops.yml must be in deployFiles** for dev self-deploy lifecycle. Without it, subsequent deploys from the container fail because zerops.yml is missing.
+
 **Two kinds of "mount" (disambiguation):**
 - `zerops_mount` -- SSHFS tool, mounts service `/var/www` locally for development. This is a dev workflow tool.
 - Shared storage mount -- platform feature, attaches a shared-storage volume at `/mnt/{hostname}` via `mount:` in import.yml + zerops.yml `run.mount`. These are completely unrelated features.
 
+
 ----------------------------------------
 
 # Guides > Environment Variables
 
+
 Zerops manages environment variables at two scopes (project and service) with strict build/runtime isolation. Variables are set via zerops.yml, import.yml, or GUI. **Both project-level vars AND cross-service vars (`${hostname_varname}`) auto-inject as OS env vars into every container in the project** — no declaration required. `run.envVariables` exists only for mode flags and framework-convention renames. Re-declaring an auto-injected var under its own name creates a literal-string self-shadow. Secret vars are write-only after creation. Changes require service restart.
+
 ---
+
 ## Scope Hierarchy
+
 | Scope | Defined In | Visibility | Editable Without Redeploy |
 |-------|-----------|------------|--------------------------|
 | **Project** | import.yml `project.envVariables`, GUI | All services (auto-inherited) | Yes (restart required) |
@@ -10674,19 +15471,27 @@ Zerops manages environment variables at two scopes (project and service) with st
 | **Service basic (build)** | zerops.yml `build.envVariables` | Build container only | No (redeploy required) |
 | **Service basic (runtime)** | zerops.yml `run.envVariables` | Runtime container only | No (redeploy required) |
 | **Service basic (runtime)** | zerops.yml `run.envVariables` | Runtime container only | No (redeploy required) |
+
 ## Variable Precedence
+
 When the same key exists at multiple levels:
+
 1. **Service basic (build/runtime)** wins over service secret
 2. **Service-level** wins over project-level
 3. Build and runtime are **separate environments** -- same key can have different values in each
+
 **DO NOT** create a secret and a basic runtime variable with the same key expecting both to persist. The basic runtime variable from zerops.yml silently overrides the secret.
+
 ## Build/Runtime Isolation
+
 Build and runtime run in **separate containers**. Variables from one phase are not visible in the other unless explicitly referenced with prefixes:
+
 | Want to access | From | Use prefix |
 |---------------|------|-----------|
 | Runtime var `API_KEY` | Build container | `${RUNTIME_API_KEY}` |
 | Build var `BUILD_ID` | Runtime container | `${BUILD_BUILD_ID}` |
 | Build var `BUILD_ID` | Runtime container | `${BUILD_BUILD_ID}` |
+
 ```yaml
 zerops:
   - setup: app
@@ -10697,20 +15502,27 @@ zerops:
       envVariables:
         API_KEY: "12345-abcde"
 ```
+
 ## Cross-Service References — Auto-Injected Project-Wide
+
 **Every service's variables are automatically injected as OS environment variables into every other service's containers** — both runtime and build. A worker container sees `db_hostname`, `db_password`, `queue_user`, `storage_apiUrl`, etc. as real OS env vars at container start. Zero declaration in zerops.yml required.
+
 Read them directly in application code:
+
 ```javascript
 // Node — lowercase native names match the platform
 const host = process.env.db_hostname;
 const pwd  = process.env.db_password;
 const natsUser = process.env.queue_user;
 ```
+
 ```php
 // PHP
 $host = getenv('db_hostname');
 ```
+
 `run.envVariables` and `build.envVariables` have **two legitimate uses only**:
+
 1. **Mode flags** — per-setup values that don't come from another service:
    ```yaml
    run:
@@ -10718,6 +15530,7 @@ $host = getenv('db_hostname');
        NODE_ENV: production
        APP_ENV: local
    ```
+
 2. **Framework-convention renames** — forward a platform var under a different name because the framework config expects it. The key on the left MUST DIFFER from the source var name on the right:
    ```yaml
    run:
@@ -10725,39 +15538,55 @@ $host = getenv('db_hostname');
        DB_HOST: ${db_hostname}          # TypeORM expects uppercase DB_HOST
        DATABASE_URL: ${db_connectionString}
    ```
+
 **Do NOT re-declare auto-injected vars under their own name.** It is always wrong and never useful:
+
 ```yaml
 run:
   envVariables:
     db_hostname: ${db_hostname}        # SELF-SHADOW — see next section
     db_password: ${db_password}        # SELF-SHADOW
     queue_hostname: ${queue_hostname}  # SELF-SHADOW
-    STAGE_API_URL: ${STAGE_API_URL}    # SELF-SHADOW (project-level variant)
+    API_URL: ${API_URL}                # SELF-SHADOW (project-level variant)
 ```
+
 The referenced variable does **not** need to exist at definition time — Zerops resolves at container start.
+
 ### Self-Shadow Trap
+
 Writing `varname: ${varname}` in `run.envVariables` creates a literal-string self-shadow. The platform's interpolator sees the service-level variable of that name first, can't recurse back to the auto-injected value, and the resolved OS env var becomes the literal string `${varname}`:
+
 ```yaml
 run:
   envVariables:
     db_hostname: ${db_hostname}        # OS env: db_hostname='${db_hostname}' (literal)
     db_password: ${db_password}        # OS env: db_password='${db_password}' (literal)
 ```
+
 At runtime, the worker tries to connect to `"${db_hostname}:5432"` and crashes. The fix is to **delete the entire block** — those vars are already in the container's env without any declaration.
-This applies identically to project-level vars (`${STAGE_API_URL}`, `${APP_SECRET}`) and cross-service vars (`${db_hostname}`, `${queue_user}`) — both auto-propagate, both self-shadow under the same rule.
+
+This applies identically to project-level vars (`${API_URL}`, `${APP_SECRET}`) and cross-service vars (`${db_hostname}`, `${queue_user}`) — both auto-propagate, both self-shadow under the same rule.
+
 **Hostname transformation**: dashes become underscores. Service `my-db` variable `port` is `${my_db_port}`.
+
 ### Cross-Service References in API vs Runtime
+
 Cross-service references (`${hostname_varname}`) are **resolved at container start time**, not at definition time. This means:
+
 - **`zerops_discover` with `includeEnvs=true`** returns the **literal template** (e.g., `${db_password}`), NOT the resolved value. This is expected — the API stores templates, not resolved values.
 - **Inside the running container**, environment variables contain the actual resolved values.
 - **Restarting a service does NOT change** what `zerops_discover` returns — it always shows templates. To verify resolved values, check from inside the container (e.g., via SSH or application endpoint).
+
 ### Isolation Modes (envIsolation)
+
 `envIsolation` does NOT control whether cross-service vars auto-inject — they do, in every mode. It controls something narrower: how `${hostname_varname}` templates inside zerops.yml and import.yml *resolve* during platform interpolation.
+
 | Mode | Behavior |
 |------|----------|
 | `service` (default) | Service-scoped: `${hostname_varname}` templates inside that service's YAML resolve by following the hostname prefix. The OS env in every container still contains every other service's vars as auto-injected keys. |
 | `none` (legacy) | Cross-service references can be written without the `${hostname_varname}` prefix (e.g. `${password}` resolves to the nearest match). Do not use for new projects — ambiguous, error-prone. |
 | `none` (legacy) | Cross-service references can be written without the `${hostname_varname}` prefix (e.g. `${password}` resolves to the nearest match). Do not use for new projects — ambiguous, error-prone. |
+
 Set in import.yml at project or service level:
 ```yaml
 project:
@@ -10766,58 +15595,76 @@ services:
   - hostname: db
     envIsolation: none     # legacy — avoid
 ```
+
 **Default (`service`) is the right choice.** The auto-inject behavior above applies under the default.
+
 ## Project Variables -- Auto-Inherited
+
 Project variables are **automatically available in every service, in both runtime AND build containers**. The platform injects them as OS env vars at container start in every service's runtime container and also in every service's build container during the build phase. From zerops.yaml's point of view they are referenced **directly by name** with `${VAR_NAME}` — **no `RUNTIME_` prefix in either scope**. The `RUNTIME_` prefix is reserved for a different use case: lifting a single service's service-level runtime variable into that same service's build context. Project-scope vars are broader than service-scope and do not need lifting.
+
 **In shell commands** (buildCommands, initCommands, start) project vars are directly readable:
 ```yaml
 build:
   buildCommands:
-    - echo "building for $STAGE_API_URL"          # shell reads the OS env var
-    - VITE_API_URL=$STAGE_API_URL npm run build    # or pass it forward by shell prefix
+    - echo "building for $API_URL"                # shell reads the OS env var
+    - VITE_API_URL=$API_URL npm run build         # or pass it forward by shell prefix
 ```
+
 **In `build.envVariables` YAML** (to compose a derived var that the bundler consumes) reference the project var directly without prefix:
 ```yaml
 build:
   envVariables:
-    VITE_API_URL: ${STAGE_API_URL}   # project var STAGE_API_URL read as-is, NO RUNTIME_ prefix
+    VITE_API_URL: ${API_URL}         # project var API_URL read as-is, NO RUNTIME_ prefix
 ```
+
 **In `run.envVariables` YAML** (to forward a project var under a framework-conventional name without creating a shadow), reference directly without prefix:
 ```yaml
 run:
   envVariables:
-    FRONTEND_URL: ${STAGE_FRONTEND_URL}      # project var STAGE_FRONTEND_URL forwarded as FRONTEND_URL
+    CORS_ALLOWED_ORIGIN: ${FRONTEND_URL}     # project var FRONTEND_URL forwarded under a different name
 ```
+
 **DO NOT** re-reference an auto-injected variable under its SAME name — that's a self-shadow loop. Applies to BOTH project-level vars AND cross-service vars:
+
 ```yaml
 envVariables:
   PROJECT_NAME: ${PROJECT_NAME}           # project-level self-shadow
-  STAGE_API_URL: ${STAGE_API_URL}         # project-level self-shadow
+  API_URL: ${API_URL}                     # project-level self-shadow
   db_hostname: ${db_hostname}             # cross-service self-shadow
   queue_user: ${queue_user}               # cross-service self-shadow
 ```
+
 All four resolve to the literal string `${VAR_NAME}` inside the container — the framework tries to connect to `"${db_hostname}:5432"` and crashes. The fix is to delete those lines entirely — the platform already injects the real value as an OS env var.
+
 To **override** a project variable for one service, define a service-level variable with the same key and a DIFFERENT VALUE (not a reference to the project var):
 ```yaml
 run:
   envVariables:
     LOG_LEVEL: debug    # overrides project-level LOG_LEVEL for this service
 ```
+
 ### Typical pattern: project-level URL constants for dual-runtime recipes
+
 Dual-runtime recipes (frontend SPA + backend API on the same platform) use project-level URL constants as the single source of truth for cross-service URLs. The constants are derived from `${zeropsSubdomainHost}` (a platform-generated project-scope env var present from project creation) and the services' known hostnames:
+
 ```yaml
 project:
   envVariables:
-    STAGE_API_URL: https://apistage-${zeropsSubdomainHost}-3000.prg1.zerops.app
-    STAGE_FRONTEND_URL: https://appstage-${zeropsSubdomainHost}.prg1.zerops.app
+    API_URL: https://apistage-${zeropsSubdomainHost}-3000.prg1.zerops.app
+    FRONTEND_URL: https://appstage-${zeropsSubdomainHost}.prg1.zerops.app
 ```
-The platform resolves `${zeropsSubdomainHost}` when injecting the value into services at container start. The frontend consumes `STAGE_API_URL` via plain `${STAGE_API_URL}` in `build.envVariables` (baking it into the bundle at compile time) — **no `RUNTIME_` prefix**. The API consumes `STAGE_FRONTEND_URL` via plain `${STAGE_FRONTEND_URL}` in `run.envVariables` (for CORS allow-list). The same names must be set on the workspace project via `zerops_env project=true action=set` after provision, so workspace verification doesn't see literal `${STAGE_FRONTEND_URL}` strings.
+
+The platform resolves `${zeropsSubdomainHost}` when injecting the value into services at container start. The frontend consumes `API_URL` via plain `${API_URL}` in `build.envVariables` (baking it into the bundle at compile time) — **no `RUNTIME_` prefix**. The API consumes `FRONTEND_URL` via plain `${FRONTEND_URL}` in `run.envVariables` (for CORS allow-list). The same names must be set on the workspace project via `zerops_env project=true action=set` after provision, so workspace verification doesn't see literal `${FRONTEND_URL}` strings.
+
 ## Secret Variables
+
 - Defined via GUI, import.yml `envSecrets`, or `dotEnvSecrets`
 - **Write-only after creation** -- values masked in GUI, cannot be read back via API
 - Can be updated without redeploy, but service **must be restarted**
 - Overridden by basic (zerops.yml) variables with the same key
+
 ### dotEnvSecrets
+
 Import secrets in `.env` format within import.yml:
 ```yaml
 services:
@@ -10827,8 +15674,11 @@ services:
       DB_PASSWORD=secure123
 ```
 All entries become secret variables. Requires `#zeropsPreprocessor=on` if using generator functions.
+
 ## envReplace -- File-Level Substitution
+
 Replaces placeholders in deployed files with environment variable values **during deployment** (not at runtime).
+
 ```yaml
 run:
   envReplace:
@@ -10837,34 +15687,50 @@ run:
       - ./config/
       - ./templates/settings.json
 ```
+
 | Parameter | Required | Description |
 |-----------|----------|-------------|
 | `delimiter` | Yes | Wrapping characters (e.g., `%%` makes `%%VAR%%`). String or array |
 | `target` | Yes | Files or directories to process. String or array |
 | `target` | Yes | Files or directories to process. String or array |
+
 **DO NOT** expect directory targets to recurse into subdirectories. `./config/` processes only files directly in `config/`, not `config/jwt/`. Specify each subdirectory explicitly.
+
 ## Naming Restrictions
+
 **Key**: must match `[a-zA-Z_]+[a-zA-Z0-9_]*`. Case-sensitive. Must be unique within scope regardless of case.
+
 **Value**: ASCII only. No EOL characters.
+
 ## Restart Requirement
+
 Env var changes (secret or project) take effect only on container start. The running process does **not** receive updated values.
+
 **DO NOT** expect hot-reload of env vars. After changing secrets or project vars in GUI, **restart the service**. For zerops.yml `envVariables` changes, a **full redeploy** is required.
+
 ## System-Generated Variables
+
 Zerops auto-generates variables per service (e.g., `hostname`, `PATH`, DB connection strings). Cannot be deleted. Some read-only (`hostname`), others editable (`PATH`). Can be referenced by other services using `${hostname_varname}`.
+
 ## Common Mistakes
-- **DO NOT** re-reference auto-injected vars under their own name — self-shadow loop. Applies to BOTH project-level (`STAGE_API_URL: ${STAGE_API_URL}`) AND cross-service (`db_hostname: ${db_hostname}`, `queue_user: ${queue_user}`).
+
+- **DO NOT** re-reference auto-injected vars under their own name — self-shadow loop. Applies to BOTH project-level (`API_URL: ${API_URL}`) AND cross-service (`db_hostname: ${db_hostname}`, `queue_user: ${queue_user}`).
 - **DO NOT** declare cross-service vars you only want to READ — they are already in the container's OS env. Read via `process.env.db_hostname` / `getenv('db_hostname')` directly. Declare in `run.envVariables` only to RENAME (e.g. `DB_HOST: ${db_hostname}`) or to set mode flags.
 - **DO NOT** forget restart after GUI/API env changes — process won't see new values
 - **DO NOT** expect `envReplace` to recurse subdirectories — it does not
 - **DO NOT** rely on reading secret values back — they are write-only after creation
 - **DO NOT** create both secret and basic vars with same key — basic silently wins
 
+
 ----------------------------------------
 
 # Guides > Firewall
 
+
 Zerops uses nftables with restricted TCP ports 1-1024 (only 22, 53, 80, 123, 443, 587 allowed); UDP and ports 1025-65535 are unrestricted.
+
 ## TCP Ports 1-1024 (Restricted)
+
 | Port | Protocol | Status |
 |------|----------|--------|
 | 22 | SSH | Allowed |
@@ -10877,161 +15743,73 @@ Zerops uses nftables with restricted TCP ports 1-1024 (only 22, 53, 80, 123, 443
 | 587 | SMTP/STARTTLS | Allowed |
 | All others | — | **Blocked** |
 | All others | — | **Blocked** |
+
 ## UDP Ports
 No restrictions on any UDP port.
+
 ## TCP Ports 1025-65535
 No restrictions.
+
 ## Direct Port Access Firewall
 For services with direct port access enabled:
 - Configure **blacklist** or **whitelist** rules per port
 - Available on ports 10-65435
 - Protocols: TCP, UDP
+
 ## Port Modification
 Contact `support@zerops.io` with Project ID + Organization ID to request changes to restricted ports.
+
 ## Gotchas
 1. **Port 25 is permanently blocked**: Use port 587 with STARTTLS for email sending
 2. **Port 465 is blocked**: Legacy SMTPS — use 587 instead
 3. **Cannot self-service unblock**: Must contact Zerops support for port exceptions
 
+
 ----------------------------------------
 
-# Guides > Local Development
+# Guides > Logging
+
 
-Develop locally with hot reload while connecting to Zerops managed services (DB, cache, storage) via VPN. ZCP generates `.env` with real credentials. Deploy to Zerops with `zerops_deploy` which uses `zcli push` under the hood.
----
-## Setup
-### Prerequisites
-- **zcli** installed: `npm i -g @zerops/zcli` or [docs.zerops.io/references/cli](https://docs.zerops.io/references/cli)
-- **VPN**: WireGuard (installed by zcli automatically on first `zcli vpn up`)
-- **Project-scoped token**: Create in Zerops GUI → Settings → Access Tokens → Custom access per project
-### Configuration
-```json
-// .mcp.json (in project root)
-{
-  "mcpServers": {
-    "zcp": {
-      "command": "zcp",
-      "env": { "ZCP_API_KEY": "" }
-    }
-  }
-}
-```
----
-## Workflow
-### 1. Connect to Zerops services
+Zerops captures stdout/stderr as logs; use syslog output format for severity filtering. Supports forwarding to Better Stack, Papertrail, or self-hosted ELK via syslog.
+
+## Log Types
+1. **Build logs** — output from build pipeline
+2. **Prepare runtime logs** — output from custom runtime image creation
+3. **Runtime/Database logs** — operational output (stdout/stderr)
+
+## Access Methods
+
+### GUI
+- Project detail → service → Logs section
+- Filter by severity, time range, container
+
+### CLI
 ```bash
-zcli vpn up 
-```
-- All services accessible by hostname (e.g., `db`, `cache`)
-- One project at a time — switching disconnects the current
-- **Env vars NOT available via VPN** — use `.env` file instead
-### 2. Load credentials
-ZCP generates `.env` from `zerops_discover`:
+zcli service log <service-name>                  # Runtime logs
+zcli service log <service-name> --showBuildLogs  # Build logs
 ```
-db_host=db
-db_port=5432
-db_password=
-db_connectionString=postgresql://db:@db:5432/db
-```
-How to load:
-| Runtime | Method |
-|---------|--------|
-| Node.js 20+ | `node --env-file .env app.js` |
-| Next.js, Vite, Nuxt | Automatic (reads `.env`) |
-| PHP/Laravel | Automatic (reads `.env`) |
-| Python | `python-dotenv` or `django-environ` |
-| Go | `godotenv.Load()` or `source .env && go run .` |
-| Java/Spring | `spring-dotenv` or `application.properties` |
-| Java/Spring | `spring-dotenv` or `application.properties` |
-### 3. Develop locally
-Start your dev server as usual — hot reload works against Zerops managed services over VPN.
-### 4. Deploy to Zerops
-```
-zerops_deploy targetService="appstage"
-```
-Uses `zcli push` under the hood. Blocks until build completes.
----
-## zerops.yml for Local Mode
-The same `zerops.yml` works for both local push and container deploy:
-```yaml
-zerops:
-  - setup: appstage
-    build:
-      base: nodejs@22
-      buildCommands:
-        - npm ci
-        - npm run build
-      deployFiles: ./dist
-    run:
-      start: node dist/server.js
-      ports:
-        - port: 3000
-          httpSupport: true
-      envVariables:
-        DB_URL: ${db_connectionString}
-```
-`${hostname_varName}` references are resolved by Zerops at container runtime — they work regardless of push source (local or container).
----
-## Connection Troubleshooting
-| Symptom | Diagnosis | Fix |
-|---------|-----------|-----|
-| `nc -zv db 5432` times out | VPN not connected | `zcli vpn up <project-id>` |
-| VPN connected, still timeout | Wrong project | `zcli vpn up <correct-project-id>` |
-| Connected but auth fails | Stale .env | Regenerate from `zerops_discover includeEnvs=true` |
-| Service unreachable | Service stopped | `zerops_manage action="start" serviceHostname="db"` |
-| Service unreachable | Service stopped | `zerops_manage action="start" serviceHostname="db"` |
-### Diagnostic sequence
-1. `zerops_discover service="db"` — is service RUNNING?
-2. `nc -zv db 5432 -w 3` — network reachable?
-3. Compare `.env` vs `zerops_discover includeEnvs=true` — credentials current?
----
-## Multi-Project
-Each project directory has its own `.mcp.json` + `.zcp/state/`. VPN is one per machine — switch manually:
-```bash
-zcli vpn up   # work on project A
-zcli vpn up   # auto-disconnects A, connects B
-```
----
-## Gotchas
-1. **VPN = network only**: Env vars must come from `.env` file, not VPN connection
-2. **`.env` contains secrets**: Add to `.gitignore` immediately — never commit
-3. **Deploy = new container**: Local files on Zerops are lost on every deploy. Only `deployFiles` content persists
-4. **One VPN project at a time**: Connecting to project B disconnects project A
-5. **Object storage (S3)**: Uses HTTPS apiUrl — may work without VPN but not fully verified. Include VPN as fallback
-6. **zcli must be installed**: `zerops_deploy` requires zcli in PATH. Error message includes install link if missing
-
-----------------------------------------
-
-# Guides > Logging
 
-Zerops captures stdout/stderr as logs; use syslog output format for severity filtering. Supports forwarding to Better Stack, Papertrail, or self-hosted ELK via syslog.
-## Log Types
-1. **Build logs** — output from build pipeline
-2. **Prepare runtime logs** — output from custom runtime image creation
-3. **Runtime/Database logs** — operational output (stdout/stderr)
-## Access Methods
-### GUI
-- Project detail → service → Logs section
-- Filter by severity, time range, container
-### CLI
-```bash
-zcli service log                   # Runtime logs
-zcli service log  --showBuildLogs  # Build logs
-```
 ## Severity Filtering
 Logs must output to **syslog format** for severity filtering to work. Plain stdout/stderr logs appear as "info" level.
+
 ## Log Forwarding
+
 ### Ready-Made Integrations
 - **Better Stack** — cloud log management
 - **Papertrail** — cloud log aggregation
 - **ELK Stack** — self-hosted (Elasticsearch + Logstash + Kibana)
+
 ### ELK Stack Setup (Self-Hosted on Zerops)
+
 Services needed:
 - `elkstorage` — Elasticsearch
 - `kibana` — UI
 - `logstash` — Log collection (UDP syslog)
+
 Multi-project forwarding: make Logstash public with firewall whitelist rules.
+
 ### Custom syslog-ng Configuration
+
 **Critical**: Use source name `s_src` (not `s_sys`):
 ```
 source s_src {
@@ -11039,9 +15817,11 @@ source s_src {
     internal();
 };
 ```
+
 Certificate paths:
 - System certs: `/etc/ssl/certs`
 - Custom certs: `ca-file("/etc/syslog-ng/user.crt")`
+
 ## Gotchas
 1. **Syslog format required**: Without syslog formatting, all logs appear as same severity — no filtering possible
 2. **Build logs separate**: Use `--showBuildLogs` flag in CLI — not shown by default
@@ -11049,14 +15829,18 @@ Certificate paths:
 4. **UDP for Logstash**: Zerops forwards logs via UDP syslog — ensure Logstash listens on UDP
 5. **Custom certs path**: Place custom CA certs in `/etc/syslog-ng/user.crt`
 
+
 ----------------------------------------
 
 # Guides > Metrics
 
+
 Zerops supports ELK (APM + logs) and Prometheus/Grafana stacks; expose `/metrics` endpoint and set `ZEROPS_PROMETHEUS_PORT` for auto-scraping.
+
 ## Deployment Modes
 - **Local**: Monitoring services in the same project as your app
 - **Global**: Dedicated observability project (recommended for multi-project)
+
 ## ELK Stack Services
 | Service | Purpose |
 |---------|---------|
@@ -11065,14 +15849,16 @@ Zerops supports ELK (APM + logs) and Prometheus/Grafana stacks; expose `/metrics
 | `apmserver` | APM traces (made public via Zerops subdomain) |
 | `logstash` | Log collection |
 | `logstash` | Log collection |
+
 ### APM Configuration
 ```yaml
 envVariables:
   ELASTIC_APM_ACTIVE: "true"
   ELASTIC_APM_SERVICE_NAME: my-app
   ELASTIC_APM_SERVER_URL: https://apmserver.zerops.app
-  ELASTIC_APM_SECRET_TOKEN: 
+  ELASTIC_APM_SECRET_TOKEN: <your-secret>
 ```
+
 ## Prometheus + Grafana Stack Services
 | Service | Purpose |
 |---------|---------|
@@ -11082,27 +15868,35 @@ envVariables:
 | `prometheusbackups` | S3 for Prometheus data |
 | `prometheuslight` | Forwarder (in source project for cross-project) |
 | `prometheuslight` | Forwarder (in source project for cross-project) |
+
 ### Custom Metrics
 1. Expose HTTP `/metrics` endpoint in your app
 2. Set env var: `ZEROPS_PROMETHEUS_PORT=8080` (comma-separated for multiple ports)
 3. Prometheus auto-discovers and scrapes
+
 ## Built-in Metrics
 - Service scaling & resource usage
 - PostgreSQL (with `pg_stat_statements` extension)
 - MariaDB
 - Valkey
+
 ## Gotchas
 1. **`ZEROPS_PROMETHEUS_PORT` is required**: Without it, Prometheus won't discover your custom metrics endpoint
 2. **APM server must be public**: Use Zerops subdomain to expose apmserver for trace collection
 3. **Cross-project needs forwarder**: Use `prometheuslight` service in source project to forward to global Prometheus
 
+
 ----------------------------------------
 
 # Guides > Networking
 
+
 Zerops networking has two layers: a private VXLAN network per project (service-to-service via hostname, plain HTTP) and an L7 balancer for public traffic (SSL termination, round-robin, health checks). Apps must bind `0.0.0.0` — binding localhost causes 502. The L7 balancer is nginx-based with configurable timeouts, buffers, rate limiting, and access policies.
+
 ---
+
 ## Architecture Overview
+
 ```
 Internet
   │
@@ -11110,33 +15904,49 @@ Internet
   │
   └─ Direct port ──→ L3/Core Balancer ──→ container VXLAN IP:port
 ```
+
 **Per-project infrastructure:**
 - **Private VXLAN network** — isolated overlay network shared by all services
 - **L7 HTTP Balancer** — 2 HA containers, auto-scales, domain routing + SSL
 - **L3 Core Balancer** — IP addresses and direct port access (TCP/UDP)
+
 ---
+
 ## Internal Networking (VXLAN)
+
 Services in the same project communicate by **hostname and internal port**:
+
 ```
 http://api:3000/health
 http://postgres:5432
 ```
+
 **Rules:**
 - Always **`http://`** — never `https://` for internal traffic
 - Isolated per project — no cross-project private networking
 - Service discovery is automatic — no manual network config
 - VPN uses same hostnames: `http://api:3000` from local machine (both `api` and `api.zerops` resolve — VPN sets up DNS search domain)
+
 **Cross-service env vars**: prefix with hostname — e.g., `app_API_TOKEN`. Zerops auto-generates connection vars for managed services.
+
 **DO NOT** use `https://` for service-to-service calls — SSL terminates at the L7 balancer, internal network is already isolated.
+
 ---
+
 ## L7 Balancer (HTTP/HTTPS)
+
 The L7 balancer is **nginx-based**, deployed as 2 HA containers per project. It handles SSL/TLS termination (Let's Encrypt, auto-renewed), domain routing, round-robin load balancing with health checks, and connection pooling.
+
 ### Proxy Headers
+
 The balancer forwards client info via standard headers:
 - **`X-Forwarded-For`** / **`X-Real-IP`** — original client IP
 - **`X-Forwarded-Proto`** — `https` (original protocol)
+
 Your app receives plain HTTP but can inspect these headers for the real client info.
+
 ### Key Default Settings
+
 | Parameter | Default | Range | Notes |
 |-----------|---------|-------|-------|
 | `worker_connections` | 4000 | 1024-65535 | Simultaneous connections per worker |
@@ -11148,8 +15958,11 @@ Your app receives plain HTTP but can inspect these headers for the real client i
 | `send_timeout` | 2s | 1s-300s | Response transmission timeout |
 | `proxy_buffering` | on | on/off | Buffer backend responses |
 | `proxy_buffering` | on | on/off | Buffer backend responses |
+
 **Zerops subdomain** balancer: fixed **50 MB** upload limit (not configurable).
+
 ### Advanced Routing Features (GUI)
+
 | Feature | Description |
 |---------|-------------|
 | **Redirects** | 301/302/307/308 with `preservePath` and `preserveQuery` options |
@@ -11158,9 +15971,13 @@ Your app receives plain HTTP but can inspect these headers for the real client i
 | **Basic Auth** | HTTP Basic Authentication per location |
 | **Custom Content** | Return static content with custom status code and MIME type |
 | **Custom Content** | Return static content with custom status code and MIME type |
+
 ---
+
 ## 502 Bad Gateway Diagnostic Checklist
+
 Work through these steps **in order**:
+
 1. **Binding address** — App bound to `0.0.0.0`? Binding `127.0.0.1`/`localhost` is the #1 cause
 2. **Port match** — App listening on the port declared in `zerops.yml` `ports[]`?
 3. **App running** — Check runtime logs (`zerops_logs`) for crash/startup errors
@@ -11168,15 +15985,22 @@ Work through these steps **in order**:
 5. **Readiness check** — If configured, traffic only routes after it passes
 6. **Service status** — Is the service ACTIVE? (check `zerops_discover`)
 7. **Timeout settings** — For slow responses, increase `send_timeout` (default 2s)
+
 **Common framework fixes:**
 ```bash
 app.listen(3000, '0.0.0.0')
+
 flask run --host=0.0.0.0
+
 http.ListenAndServe(":8080", handler)  // implicit 0.0.0.0
+
 server.address=0.0.0.0
 ```
+
 ---
+
 ## Shared vs Dedicated IPv4
+
 | Feature | Shared IPv4 | Dedicated IPv4 |
 |---------|-------------|----------------|
 | Cost | Free | $3 / 30 days |
@@ -11187,15 +16011,21 @@ server.address=0.0.0.0
 | SNI routing | AAAA record used for verification | Not needed |
 | Production use | No | Yes |
 | Production use | No | Yes |
+
 **Shared IPv4 SNI mechanism**: Zerops reverse-looks-up the domain's AAAA record to verify project ownership. Without it, routing fails silently.
+
 ---
+
 ## Cloudflare Integration Summary
+
 - **SSL mode**: Always **Full (strict)** — "Flexible" causes redirect loops
 - **Shared IPv4 + proxy**: **DO NOT** — reverse AAAA lookup breaks with Cloudflare proxy
 - **Best setup**: IPv6-only AAAA record, Cloudflare proxied (handles IPv4 translation)
 - **ACME challenge**: WAF skip rule for `/.well-known/acme-challenge/`
-- **Wildcard SSL**: `_acme-challenge.` CNAME to `.zerops.zone`
+- **Wildcard SSL**: `_acme-challenge.<domain>` CNAME to `<domain>.zerops.zone`
+
 ---
+
 ## Gotchas
 1. **Binding localhost = 502**: The L7 balancer connects via VXLAN IP, not localhost — always bind `0.0.0.0`
 2. **Internal HTTPS breaks things**: Service-to-service must use `http://` — the VXLAN network is already isolated
@@ -11204,13 +16034,18 @@ server.address=0.0.0.0
 5. **Cross-project networking impossible**: Each project is an isolated VXLAN — use public access to bridge projects
 6. **Shared IPv4 needs AAAA**: Missing AAAA record = silent routing failure on shared IPv4
 
+
 ----------------------------------------
 
 # Guides > Object Storage Integration
 
+
 Zerops Object Storage is S3-compatible (MinIO). Always set `AWS_USE_PATH_STYLE_ENDPOINT: true`. Use env var references `${storage_*}` for credentials. Container filesystem is lost on deploy — use Object Storage for any files that must persist across deployments.
+
 ## Environment Variables
+
 When you create an Object Storage service, Zerops auto-generates these env vars (prefix with hostname for cross-service access, e.g. `${storage_apiUrl}`):
+
 | Variable | Description |
 |----------|-------------|
 | `apiUrl` | S3 endpoint URL — full `https://...` URL ready for any S3 SDK's `endpoint` option |
@@ -11223,7 +16058,9 @@ When you create an Object Storage service, Zerops auto-generates these env vars
 | `serviceId` | Service ID (Zerops-generated) |
 | `hostname` | Service hostname |
 | `hostname` | Service hostname |
+
 **Use `${storage_apiUrl}` as the S3 endpoint** — it carries the complete `https://` scheme and is what every S3 SDK's `endpoint` option expects. The `apiHost` variant is host-only; if a client library requires host separately, combine `https://${storage_apiHost}` manually — **never `http://`**. The object-storage gateway rejects plaintext HTTP with a 301 redirect to the HTTPS equivalent, and most S3 SDKs don't follow the redirect automatically. The symptom of a misconfigured endpoint is `UnknownError` or connection-refused on the first bucket call.
+
 Reference them in zerops.yml `run.envVariables`:
 ```yaml
 S3_ENDPOINT: ${storage_apiUrl}
@@ -11233,14 +16070,21 @@ S3_BUCKET: ${storage_bucketName}
 S3_REGION: us-east-1
 AWS_USE_PATH_STYLE_ENDPOINT: "true"
 ```
+
 ## Path Style Endpoint (Required)
+
 Zerops uses MinIO which requires **path-style** URLs (not virtual-hosted):
+
 ```
 https://endpoint.com/bucket-name/object-key
+
 https://bucket-name.endpoint.com/object-key
 ```
+
 **Every S3 client must be configured for path-style access.**
+
 ## Framework Integration
+
 ### PHP (Laravel — Flysystem)
 ```php
 // config/filesystems.php
@@ -11255,8 +16099,10 @@ https://bucket-name.endpoint.com/object-key
 ],
 ```
 Package: `league/flysystem-aws-s3-v3`
+
 ### Node.js (AWS SDK v3)
 ```javascript
+
 const s3 = new S3Client({
   endpoint: process.env.S3_ENDPOINT,
   forcePathStyle: true,  // REQUIRED
@@ -11268,6 +16114,7 @@ const s3 = new S3Client({
 });
 ```
 Package: `@aws-sdk/client-s3`
+
 ### Python (boto3)
 ```python
 import boto3
@@ -11280,6 +16127,7 @@ s3 = boto3.client('s3',
 )
 ```
 Package: `boto3`
+
 ### Java (AWS SDK)
 ```java
 S3Client s3 = S3Client.builder()
@@ -11294,7 +16142,9 @@ S3Client s3 = S3Client.builder()
     .region(Region.US_EAST_1)
     .build();
 ```
+
 ## import.yaml Definition
+
 ```yaml
 services:
   - hostname: storage
@@ -11303,15 +16153,20 @@ services:
     objectStoragePolicy: public-read  # predefined policy
     priority: 10
 ```
+
 **Predefined policies** (`objectStoragePolicy`):
 - `private` — no anonymous access (documents, backups)
 - `public-read` — anonymous list + get (media, avatars, static assets)
 - `public-objects-read` — anonymous get only, no listing (direct links only)
 - `public-write` — anonymous put only
 - `public-read-write` — full anonymous access
+
 **Custom policy**: use `objectStorageRawPolicy` with IAM Policy JSON instead (template var `{{ .BucketName }}` available).
+
 Each service = one bucket (auto-named, immutable). Need multiple buckets? Create multiple services.
+
 ## When to Use Object Storage
+
 | Scenario | Use Object Storage? |
 |----------|-------------------|
 | User uploads (avatars, documents) | Yes — lost on deploy |
@@ -11321,6 +16176,7 @@ Each service = one bucket (auto-named, immutable). Need multiple buckets? Create
 | Logs | No — use Zerops logging |
 | Database dumps | Yes — for backup storage |
 | Database dumps | Yes — for backup storage |
+
 ## Gotchas
 1. **`forcePathStyle: true` / `AWS_USE_PATH_STYLE_ENDPOINT: true` is REQUIRED**: Zerops uses MinIO which doesn't support virtual-hosted style
 2. **Container filesystem is replaced on deploy**: Files on disk survive restarts but are lost when a new container is created (deploy, scale-up). Always use Object Storage for persistent data
@@ -11331,16 +16187,24 @@ Each service = one bucket (auto-named, immutable). Need multiple buckets? Create
 7. **No Zerops backup**: Object Storage is not covered by the Zerops backup system
 8. **No autoscaling**: Quota (1-100 GB) must be set manually, changeable in GUI after creation
 
+
 ----------------------------------------
 
 # Guides > Php Tuning
 
+
 Override php.ini via `PHP_INI_*` env vars, FPM via `PHP_FPM_*`. Both require **restart** (not reload). Zerops defaults: upload/post = 1024M, FPM dynamic 20/2/1/3. Upload bottleneck is L7 balancer (50MB subdomain), not PHP.
+
 ## PHP Configuration (`PHP_INI_*`)
+
 Override any php.ini directive via `PHP_INI_{directive}` env vars in `run.envVariables` or via `zerops_env` API.
+
 **Requires restart** to take effect. Reload writes config files (`/etc/php*/conf.d/overwrite.ini`) but FPM master does not re-read INI on reload.
+
 ### Zerops Platform Defaults
+
 Zerops overrides several stock PHP values for production use:
+
 | Directive | Zerops default | Stock PHP | Why |
 |-----------|---------------|-----------|-----|
 | `upload_max_filesize` | **1024M** | 2M | Generous upload limit (L7 balancer is the real gate) |
@@ -11352,7 +16216,9 @@ Zerops overrides several stock PHP values for production use:
 | `date.timezone` | **UTC** | (empty) | Consistent timezone |
 | `sendmail_path` | `/usr/sbin/sendmail -t -i` | (empty) | System sendmail wired |
 | `sendmail_path` | `/usr/sbin/sendmail -t -i` | (empty) | System sendmail wired |
+
 ### Example
+
 ```yaml
 zerops:
   - setup: app
@@ -11365,11 +16231,17 @@ zerops:
         PHP_INI_max_execution_time: 60
         PHP_INI_max_input_vars: 5000
 ```
+
 ## PHP-FPM (`PHP_FPM_*`)
+
 Configure FPM process management via `PHP_FPM_*` env vars. **Requires restart** — same as PHP_INI.
+
 Config files are written to `/etc/php*/php-fpm.d/www.conf` by `zerops-zenv` at container startup.
+
 ### Dynamic Mode (default)
+
 Pre-forks a pool of workers. Good for consistent traffic.
+
 | Variable | Default |
 |----------|---------|
 | `PHP_FPM_PM` | `dynamic` |
@@ -11380,7 +16252,9 @@ Pre-forks a pool of workers. Good for consistent traffic.
 | `PHP_FPM_PM_MAX_SPAWN_RATE` | `32` |
 | `PHP_FPM_PM_MAX_REQUESTS` | `500` |
 | `PHP_FPM_PM_MAX_REQUESTS` | `500` |
+
 High-traffic example:
+
 ```yaml
 envVariables:
   PHP_FPM_PM_MAX_CHILDREN: 50
@@ -11389,8 +16263,11 @@ envVariables:
   PHP_FPM_PM_MAX_SPARE_SERVERS: 15
   PHP_FPM_PM_MAX_REQUESTS: 1000
 ```
+
 ### Ondemand Mode
+
 Spawns workers only when requests arrive. Saves memory for low-traffic sites.
+
 ```yaml
 envVariables:
   PHP_FPM_PM: ondemand
@@ -11398,26 +16275,37 @@ envVariables:
   PHP_FPM_PM_PROCESS_IDLE_TIMEOUT: 60s
   PHP_FPM_PM_MAX_REQUESTS: 500
 ```
+
 Available parameters for ondemand:
 - `PHP_FPM_PM_MAX_CHILDREN` -- maximum child processes
 - `PHP_FPM_PM_PROCESS_IDLE_TIMEOUT` -- idle timeout before termination (default: 60s)
 - `PHP_FPM_PM_MAX_REQUESTS` -- requests per process before recycling (default: 500)
+
 ## Upload Limits (3-layer chain)
+
 File uploads pass through three layers -- ALL must allow the size:
+
 1. **L7 Balancer**: `client_max_body_size` = 512m (custom domain) / **50MB fixed** (subdomain)
 2. **PHP**: `upload_max_filesize` = 1024M (Zerops default)
 3. **PHP**: `post_max_size` = 1024M (Zerops default)
+
 Zerops pre-configures generous PHP limits, so the **L7 balancer is typically the bottleneck**:
 - Subdomain (zerops.app): hard 50MB cap, cannot be changed
 - Custom domain: 512m default, configurable via custom Nginx template
+
 ## Extensions (Alpine)
-Install via `sudo apk add --no-cache php84-` — version prefix must match PHP major+minor (e.g. `php84-` for PHP 8.4). Sudo required — containers run as `zerops` user.
+
+Install via `sudo apk add --no-cache php84-<ext>` — version prefix must match PHP major+minor (e.g. `php84-` for PHP 8.4). Sudo required — containers run as `zerops` user.
+
 Build and runtime are **separate containers with separate images**. The build base (`php@X`) is Alpine-minimal. The runtime base (`php-nginx@X`, `php-apache@X`) bundles more extensions but not all.
+
 If a Composer dependency requires an extension that's missing from the build image:
 - Install it in `build.prepareCommands` so Composer validates platform requirements properly
 - If also needed at runtime, install in `run.prepareCommands` too (separate container, separate image)
 - **Never** use `--ignore-platform-reqs` — it suppresses all platform checks, hiding real problems that crash at runtime
+
 Common extensions not in the build base: `ext-pcntl`, `ext-posix` (needed by Horizon), `ext-gd`, `ext-intl`.
+
 ```yaml
 build:
   base: php@8.4
@@ -11430,25 +16318,34 @@ run:
   prepareCommands:
     - sudo apk add --no-cache php84-pcntl php84-posix
 ```
+
 ## Gotchas
+
 - **Reload does NOT apply changes** -- `PHP_INI_*` and `PHP_FPM_*` both require restart. Zerops reload rewrites config files via `zerops-zenv` but does not signal FPM to re-read them.
 - **Upload fails at 50MB on subdomain** -- this is the L7 balancer limit, not PHP. Use a custom domain for larger uploads.
 - **`post_max_size` must be >= `upload_max_filesize`** -- PHP silently drops the POST body if it exceeds `post_max_size`, even if the file itself is under `upload_max_filesize`.
 
+
 ----------------------------------------
 
 # Guides > Production Checklist
 
+
 Before going to production: (1) databases to HA mode, (2) minContainers: 2 on app services, (3) replace Mailpit with real SMTP, (4) remove Adminer, (5) use Object Storage for uploads, (6) use Redis/Valkey for sessions.
+
 ## Database
+
 | Item | Dev | Production |
 |------|-----|------------|
 | Mode | `NON_HA` | `HA` (must recreate) |
 | Backups | Optional | Enabled |
 | Connection | Single primary | Primary + read replicas |
 | Connection | Single primary | Primary + read replicas |
+
 **HA is immutable** — cannot switch after creation. Delete and recreate with `mode: HA`.
+
 ## Application Services
+
 | Item | Dev | Production |
 |------|-----|------------|
 | minContainers | 1 | 2+ |
@@ -11456,28 +16353,36 @@ Before going to production: (1) databases to HA mode, (2) minContainers: 2 on ap
 | Logging | Console/debug | Structured (syslog) |
 | Debug mode | Enabled | Disabled |
 | Debug mode | Enabled | Disabled |
+
 ```yaml
 - hostname: app
   type: nodejs@22
   minContainers: 2
   maxContainers: 4
 ```
+
 ## Dev Services to Remove
+
 ### Mailpit → Production SMTP
 ```yaml
 - hostname: mailpit
   type: go@1
   buildFromGit: https://github.com/zeropsio/recipe-mailpit
+
 envVariables:
   SMTP_HOST: smtp.sendgrid.net
   SMTP_PORT: "587"
 envSecrets:
   SMTP_PASSWORD: your-production-key
 ```
+
 ### Adminer → Remove or Restrict
 Remove entirely or disable `enableSubdomainAccess`. Use VPN + pgAdmin/DBeaver locally.
+
 ## File Storage
+
 **Container filesystem survives restarts but is replaced on every deploy** — files stored on disk persist through reload/restart/stop+start but are lost on deploy or container replacement (scale-up/down).
+
 | Use case | Solution |
 |----------|----------|
 | User uploads | Object Storage (S3) |
@@ -11485,14 +16390,18 @@ Remove entirely or disable `enableSubdomainAccess`. Use VPN + pgAdmin/DBeaver lo
 | Temp files | Container disk (OK) |
 | Build artifacts | Deploy via zerops.yaml |
 | Build artifacts | Deploy via zerops.yaml |
+
 ```yaml
 - hostname: storage
   type: object-storage
   objectStorageSize: 2
   objectStoragePolicy: public-read
 ```
+
 ## Sessions & Cache
+
 **File-based sessions break with multiple containers and are lost on deploy.**
+
 | Use case | Solution |
 |----------|----------|
 | PHP sessions | Redis/Valkey |
@@ -11500,39 +16409,49 @@ Remove entirely or disable `enableSubdomainAccess`. Use VPN + pgAdmin/DBeaver lo
 | Django sessions | Redis backend |
 | Express sessions | Redis store |
 | Express sessions | Redis store |
+
 ```yaml
 - hostname: cache
   type: valkey@7.2
   mode: NON_HA  # HA for production
 ```
+
 ## Framework-Specific Production Settings
+
 ### PHP/Laravel
 - `APP_ENV: production`, `APP_DEBUG: "false"`
 - Trusted proxies: `TRUSTED_PROXIES: 127.0.0.1,10.0.0.0/8`
 - Sessions in Redis, not files
 - Optimize: `php artisan config:cache && route:cache && view:cache`
+
 ### PHP/Symfony
 - `APP_ENV: prod`
 - `TRUSTED_PROXIES: 127.0.0.1,10.0.0.0/8`
 - Logging via Monolog SyslogHandler
+
 ### Python/Django
 - `DEBUG: "false"`
 - `CSRF_TRUSTED_ORIGINS: https://your-domain.com`
 - `ALLOWED_HOSTS: .zerops.app,your-domain.com`
 - Static files via `collectstatic`
+
 ### Node.js
 - `NODE_ENV: production`
 - `HOST: 0.0.0.0`
 - Health check endpoint at `/status` or `/health`
+
 ### Java/Spring
 - `server.address: 0.0.0.0` (required — default binds localhost)
 - Actuator health endpoints enabled
 - JVM memory flags: `-Xmx512m` (match container limits)
+
 ### Elixir/Phoenix
 - `PHX_SERVER: "true"` (required to start server in releases)
 - `SECRET_KEY_BASE` generated via preprocessor
 - `PHX_HOST` set to domain
+
 ## HA Checklist
+
 | Item | Recommendation |
 |------|---------------|
 | Core package | **Serious Core** for production (better SLA, dedicated resources) |
@@ -11542,8 +16461,11 @@ Remove entirely or disable `enableSubdomainAccess`. Use VPN + pgAdmin/DBeaver lo
 | Database mode | `mode: HA` for all managed services (immutable — plan before creation) |
 | Min containers | `minContainers: 2` on all app services for zero-downtime deploys |
 | Min containers | `minContainers: 2` on all app services for zero-downtime deploys |
+
 ## Health Check Pattern
+
 Combined readiness + runtime health check for production services:
+
 ```yaml
 zerops:
   - setup: app
@@ -11559,7 +16481,9 @@ zerops:
           path: /health
       start: node server.js
 ```
+
 Readiness check gates traffic during deploy. Health check runs continuously — unhealthy containers are restarted after 5-minute retry window.
+
 ## Gotchas
 1. **HA is immutable**: Must delete and recreate service to switch modes
 2. **Container filesystem survives restarts but is replaced on every deploy**: use external storage for persistent data
@@ -11568,12 +16492,16 @@ Readiness check gates traffic during deploy. Health check runs continuously —
 5. **Debug mode leaks secrets**: Disable APP_DEBUG in production
 6. **Missing health checks**: Load balancer can't route around unhealthy containers
 
+
 ----------------------------------------
 
 # Guides > Public Access
 
+
 Zerops offers three public access methods: zerops.app subdomains (dev only, 50MB upload limit), custom domains (production, needs IPv4/IPv6), and direct port access (TCP/UDP on 10-65435).
+
 ## Access Methods
+
 ### 1. Zerops Subdomains (`.zerops.app`)
 - Shared HTTPS balancer (scalability bottleneck)
 - Max upload: **50 MB**
@@ -11584,39 +16512,48 @@ Zerops offers three public access methods: zerops.app subdomains (dev only, 50MB
 - **Port-specific subdomains**: If HTTP ports are defined in zerops.yml, each port gets its own subdomain: `{hostname}-{subdomainHost_prefix}-{port}.{subdomainHost_rest}`. Example: hostname `appdev`, subdomainHost `1df2.prg1.zerops.app`, port 3000 → actual URL `https://appdev-1df2-3000.prg1.zerops.app`. Port 80 omits the port suffix: `https://appdev-1df2.prg1.zerops.app`
 - **Internal network fallback**: Every service is accessible internally via `http://{hostname}:{port}` (e.g., `http://appdev:3000`). Use this to verify the app is running when subdomain access is uncertain — `curl http://appdev:3000/health` from the ZCP container or any other service in the project
 - Works for: nodejs, static, nginx, go, python, php, java, rust, dotnet, and all other runtime types
+
 ### 2. Custom Domains (Production)
 - Per-project HTTPS balancer (2 containers, HA)
 - Round-robin load balancing + health checks
 - Full upload limit: 512 MB
 - Requires IP address assignment:
+
 | IP Type | Cost | Protocol | Notes |
 |---------|------|----------|-------|
 | Shared IPv4 | Free | HTTP/HTTPS only | Limited connections, shorter timeouts |
 | Dedicated IPv4 | $3/30 days | All protocols | Non-refundable, auto-renews |
 | IPv6 | Free | All protocols | Dedicated per project |
 | IPv6 | Free | All protocols | Dedicated per project |
+
 ### 3. Direct Port Access
 - Available for: Runtime services, PostgreSQL
 - Port range: 10-65435 (80, 443 reserved)
 - Protocols: TCP, UDP
 - Configurable firewall: blacklist or whitelist per port
+
 ## DNS Setup (Custom Domain)
 Point your domain to the project's IP:
 - `A` record → Dedicated IPv4
 - `AAAA` record → IPv6
 - Shared IPv4: Requires **both A and AAAA** records (AAAA needed for SNI routing)
+
 ## Gotchas
 1. **Shared IPv4 needs AAAA record**: Without AAAA, SNI routing fails — always add both A and AAAA
 2. **zerops.app 50MB limit**: File uploads over 50MB fail on subdomains — use custom domain
 3. **Dedicated IPv4 is non-refundable**: $3/30 days, auto-renews — cannot get refund if removed early
 4. **Ports 80/443 reserved**: Your app cannot bind to these — Zerops uses them for SSL termination
 
+
 ----------------------------------------
 
 # Guides > Scaling
 
+
 Zerops autoscales vertically (CPU/RAM/disk) and horizontally (container count). Runtimes support both. Managed services (DB, cache, shared-storage) support vertical only with fixed container count (NON_HA=1, HA=3). Object-storage and Docker have no autoscaling. Extends grammar.md section 9 with mechanics, thresholds, YAML syntax, and common mistakes.
+
 ## When to Scale Which Way
+
 | Symptom | Scale type | Why |
 |---------|-----------|-----|
 | CPU/memory pressure on existing containers | Vertical (CPU/RAM) | More resources per container |
@@ -11624,7 +16561,9 @@ Zerops autoscales vertically (CPU/RAM/disk) and horizontally (container count).
 | Disk filling up | Vertical (disk) | More storage per container |
 | Latency-sensitive workload on SHARED CPU | CPU mode → DEDICATED | Guaranteed cores, no burstable throttling |
 | Latency-sensitive workload on SHARED CPU | CPU mode → DEDICATED | Guaranteed cores, no burstable throttling |
+
 ## Applicability Matrix
+
 | Service type | Vertical autoscaling | Horizontal scaling | Notes |
 |---|---|---|---|
 | **Runtime** (Node.js, Go, PHP, Python, Java, etc.) | Yes | Yes (1-10 containers) | Full autoscaling |
@@ -11635,38 +16574,55 @@ Zerops autoscales vertically (CPU/RAM/disk) and horizontally (container count).
 | **Object storage** | No | No | Fixed size at creation, no verticalAutoscaling |
 | **Docker** | No (manual, triggers VM restart) | Yes (VM count changeable, triggers restart) | No autoscaling at all |
 | **Docker** | No (manual, triggers VM restart) | Yes (VM count changeable, triggers restart) | No autoscaling at all |
+
 ## Vertical Autoscaling
+
 ### CPU Modes
+
 | Mode | Behavior | Best for |
 |---|---|---|
 | **SHARED** | Physical core shared with up to 10 tenants. Performance ranges 1/10 to 10/10 depending on neighbors | Dev, staging, low-traffic production |
 | **DEDICATED** | Exclusive full physical core(s). Consistent performance | Production, CPU-intensive workloads |
 | **DEDICATED** | Exclusive full physical core(s). Consistent performance | Production, CPU-intensive workloads |
+
 - CPU mode can be changed **once per hour**
 - **startCpuCoreCount**: cores allocated at container start (default: 2). Increase for apps with heavy initialization
+
 ### CPU Scaling Thresholds (DEDICATED mode only)
+
 - **Min free CPU cores** (`minFreeCpuCores`): scale-up triggers when free capacity on a single core drops below this fraction, range 0.0-1.0 (default: 0.1 = 10%)
 - **Min free CPU percent** (`minFreeCpuPercent`): scale-up triggers when total free capacity across all cores drops below this percentage, range 0-100 (default: 0, disabled)
+
 ### RAM Dual-Threshold System
+
 RAM is monitored every **10 seconds**. Two independent thresholds control scale-up -- whichever provides **more free memory** wins:
+
 | Threshold | Field | Default | Behavior |
 |---|---|---|---|
 | **Absolute** | `minFreeRamGB` | 0.0625 GB (64 MB) | Scale up when free RAM drops below this fixed amount |
 | **Percentage** | `minFreeRamPercent` | 0% (disabled) | Scale up when free RAM drops below this % of granted RAM |
 | **Percentage** | `minFreeRamPercent` | 0% (disabled) | Scale up when free RAM drops below this % of granted RAM |
+
 Both thresholds serve dual purpose: prevent OOM crashes and preserve space for kernel disk caching. Swap is enabled as a safety net but does not replace proper threshold configuration.
+
 **Higher wins example**: with 12 GB granted RAM, `minFreeRamGB=0.5` (500 MB buffer) and `minFreeRamPercent=5` (600 MB buffer) — the 600 MB threshold applies. As granted RAM grows, the percentage threshold automatically provides a larger buffer.
+
 ### Disk
 - **Grows only -- never shrinks** (no scale-down). Set `minDisk = maxDisk` to disable.
+
 ### Resource Limits (Defaults)
+
 | Resource | Min | Max |
 |---|---|---|
 | CPU cores | 1 | 8 |
 | RAM | 0.125 GB | 48 GB |
 | Disk | 1 GB | 250 GB |
 | Disk | 1 GB | 250 GB |
+
 PostgreSQL and MariaDB override RAM minimum to **0.25 GB**.
+
 ### Scaling Behavior Parameters
+
 | Parameter | CPU | RAM | Disk |
 |---|---|---|---|
 | Collection interval | 10s | 10s | 10s |
@@ -11677,43 +16633,66 @@ PostgreSQL and MariaDB override RAM minimum to **0.25 GB**.
 | Minimum step | 1 (0.1 cores) | 0.125 GB | 0.5 GB |
 | Maximum step | 40 | 32 GB | 128 GB |
 | Maximum step | 40 | 32 GB | 128 GB |
+
 Scaling uses exponential growth: small increments initially, larger jumps under sustained high load.
+
 **Scale-up behavior summary:**
 - **RAM/Disk**: immediate scale-up when free resources drop below threshold (single measurement)
 - **CPU**: requires 2 consecutive measurements below threshold (~20s window) to avoid spikes
 - **Scale-down is conservative**: 3-5 consecutive measurements above threshold (60-300s depending on resource) — prevents flapping
+
 ### Spike Protection via minRam
+
 Autoscaling reacts within 10-20 seconds. Compilation and package installation create RAM spikes faster than scaling can respond. Set `minRam` high enough to absorb the first spike WITHOUT relying on autoscaling:
+
 - **Dev services** (compilation on container via SSH): `minRam` must cover the build tool peak — `npm install`, `go build`, `cargo build` spike within seconds
 - **Stage/prod services** (pre-built artifacts): `minRam` only needs to cover the startup peak (JVM heap allocation, SSR warming)
+
 Thresholds (`minFreeRamGB`, `minFreeRamPercent`) handle gradual load growth. They cannot protect against sub-10s spikes that exceed the total allocated RAM. See runtime guides for per-runtime `minRam` recommendations.
+
 **Disabling autoscaling**: set **minimum = maximum** for any resource to pin it at a fixed value (e.g., `minRam: 2, maxRam: 2`).
+
 ## Horizontal Scaling
+
 Applies to **runtimes and Linux containers only**. New containers are added when vertical scaling reaches configured maximums.
+
 - **minContainers**: baseline always running (system range: 1-10)
 - **maxContainers**: upper limit during peak (system range: 1-10)
 - Set `minContainers = maxContainers` to disable horizontal autoscaling
+
 **HA requirement**: applications must be stateless and handle distributed operation (no local file sessions, no local uploads).
+
 ### Managed Services (DB, Cache, Shared Storage)
+
 Container count is **fixed by deployment mode**, set at creation, **immutable**:
+
 | Mode | Containers | Use case |
 |---|---|---|
 | `NON_HA` | 1 | Development, non-critical |
 | `HA` | 3 (on separate physical machines) | Production, automatic failover |
 | `HA` | 3 (on separate physical machines) | Production, automatic failover |
+
 HA recovery: failed container is disconnected, new one created on different hardware, data synchronized from healthy copies, failed container removed.
+
 PostgreSQL HA exposes read replica port **5433** for distributing SELECT queries.
+
 ## Configuring Thresholds via zerops_scale
+
 Threshold parameters can be set via the `zerops_scale` MCP tool, not just import.yml:
+
 ```
 zerops_scale serviceHostname="api" minFreeRamGB=0.5 minFreeRamPercent=5 minFreeCpuCores=0.2
 ```
+
 All four threshold parameters (`minFreeRamGB`, `minFreeRamPercent`, `minFreeCpuCores`, `minFreeCpuPercent`) are optional and can be combined with any other scaling parameters in a single call.
+
 ## Docker Services
 - Run in **VMs**, not containers. **No autoscaling** -- resources fixed at creation
 - Changing resources or VM count triggers **VM restart** (downtime). Disk can only increase
 - Consider runtime services or Linux containers if dynamic scaling is needed
+
 ## import.yml Syntax
+
 ```yaml
 services:
   # Runtime with full scaling
@@ -11732,6 +16711,7 @@ services:
       minFreeRamPercent: 10
       minDisk: 1
       maxDisk: 20
+
   # Managed DB (vertical only, no container settings)
   - hostname: db
     type: postgresql@16
@@ -11745,32 +16725,46 @@ services:
       minDisk: 5
       maxDisk: 100
 ```
+
 ## Strategy Presets
+
 **Development** — SHARED CPU, min resources, 1 container. Cost-effective for dev/staging:
 ```
 zerops_scale serviceHostname="api" cpuMode="SHARED" minCpu=1 maxCpu=2 minRam=0.25 maxRam=1 minContainers=1 maxContainers=1
 ```
+
 **Production** — DEDICATED CPU, higher minimums, multiple containers for HA:
 ```
 zerops_scale serviceHostname="api" cpuMode="DEDICATED" minCpu=2 maxCpu=8 minRam=2 maxRam=8 minContainers=2 maxContainers=6
 ```
+
 **Burst workloads** — Wide autoscaling range, SHARED CPU:
 ```
 zerops_scale serviceHostname="worker" cpuMode="SHARED" minCpu=1 maxCpu=8 minRam=1 maxRam=16 minContainers=1 maxContainers=10
 ```
+
 ## Common Mistakes
+
 **DO NOT** add `verticalAutoscaling` to **object-storage** or **shared-storage** services in import.yml -- causes import failure. Object storage has a fixed `objectStorageSize` only. Shared storage is managed automatically.
+
 **DO NOT** set `minContainers` or `maxContainers` for managed services (DB, cache, shared-storage) -- container count is fixed by `mode` (NON_HA=1, HA=3). Setting these causes import failure.
+
 **DO NOT** use `DEDICATED` CPU for low-traffic or dev services -- wastes resources. Use `SHARED` and switch to `DEDICATED` only when consistent performance matters.
+
 **DO NOT** set `minFreeRamGB: 0` and `minFreeRamPercent: 0` simultaneously -- the API rejects this with "Invalid custom autoscaling value". Always keep at least the default absolute threshold (0.0625 GB).
+
 **DO NOT** forget that disk **never shrinks** -- setting a high `minDisk` is permanent for that container's lifetime.
+
 **DO NOT** assume horizontal scaling works automatically -- your application must be stateless. File-based sessions, local uploads, and in-memory state break with multiple containers.
 
+
 ----------------------------------------
 
 # Guides > Smtp
 
+
 Only port **587** (STARTTLS) is allowed for outbound email — ports 25 and 465 are permanently blocked. Use an external email service.
+
 ## Port Configuration
 | Port | Status | Protocol |
 |------|--------|----------|
@@ -11778,7 +16772,9 @@ Only port **587** (STARTTLS) is allowed for outbound email — ports 25 and 465
 | 465 | **Blocked** | Legacy SMTPS (deprecated) |
 | **587** | **Allowed** | SMTP submission with STARTTLS |
 | **587** | **Allowed** | SMTP submission with STARTTLS |
+
 ## Provider Configurations
+
 | Provider | Host | Port | Username | Password |
 |----------|------|------|----------|----------|
 | Gmail | smtp.gmail.com | 587 | user@gmail.com | App password |
@@ -11788,6 +16784,7 @@ Only port **587** (STARTTLS) is allowed for outbound email — ports 25 and 465
 | Mailgun | smtp.mailgun.org | 587 | postmaster@domain | Password |
 | Amazon SES | `email-smtp.{region}.amazonaws.com` | 587 | Access key | Secret key |
 | Amazon SES | `email-smtp.{region}.amazonaws.com` | 587 | Access key | Secret key |
+
 ## Configuration Example
 ```yaml
 envVariables:
@@ -11795,36 +16792,105 @@ envVariables:
   SMTP_PORT: "587"
   SMTP_USER: apikey
 envSecrets:
-  SMTP_PASSWORD: 
+  SMTP_PASSWORD: <sendgrid-api-key>
 ```
+
 ## Gotchas
 1. **Port 25 is permanently blocked**: Cannot be unblocked — use 587 with STARTTLS
 2. **Port 465 is also blocked**: Legacy SMTPS is deprecated — use 587
 3. **Gmail needs App Password**: Regular Gmail passwords won't work — generate an App Password in Google Account settings
 
+
+----------------------------------------
+
+# Guides > Verify Web Agent Protocol
+
+
+Sub-agent dispatch protocol for end-to-end verification of a Zerops web
+service. The main agent reads `develop-verify-matrix` (atom) for which
+services need this protocol; the protocol body itself lives here so it
+ships only when fetched, not on every per-turn payload.
+
+Spawn one sub-agent per web-facing target. Substitute `{targetHostname}`
+and `{runtime}` with that service's values when constructing the prompt.
+
+---
+
+## Sub-agent dispatch prompt
+
+```
+Agent(model="sonnet", prompt="""
+Verify Zerops service "{targetHostname}" ({runtime}) works for end users.
+
+## Protocol
+1. `zerops_verify serviceHostname="{targetHostname}"` — infrastructure baseline
+2. If NOT healthy → VERDICT: FAIL (cite failed checks from zerops_verify response)
+3. `zerops_discover service="{targetHostname}"` — get subdomainUrl or connection info
+4. Determine reachable URL:
+   - subdomainUrl available → use it (public HTTPS)
+   - no subdomain, no custom domain → VERDICT: UNCERTAIN (cannot reach from outside)
+   - unreachable after timeout → VERDICT: UNCERTAIN
+5. `agent-browser open {url}`
+6. `agent-browser snapshot` — accessibility tree for AI analysis
+7. Evaluate: does the page render meaningful content?
+   - Interactive elements (buttons, links, forms)?
+   - Text content (headings, paragraphs)?
+   - Or empty/broken (empty root div, error page, blank screen)?
+8. If concerns: `agent-browser eval "JSON.stringify(Array.from(document.querySelectorAll('script[src]')).map(s=>s.src))"` for loaded scripts
+9. For SPAs: `agent-browser eval "window.__errors || []"` AND check if console has errors
+
+## Rules
+- zerops_verify unhealthy/degraded → always VERDICT: FAIL (never override infra checks)
+- HTTP 401/403 with rendered content (login page, auth challenge) → VERDICT: PASS (auth is working correctly)
+- HTTP 401/403 with empty body → VERDICT: UNCERTAIN (cannot determine if intentional)
+- zerops_verify healthy + page empty/broken → VERDICT: FAIL (cite what you see)
+- zerops_verify healthy + page renders real content → VERDICT: PASS
+- agent-browser unavailable or URL unreachable → VERDICT: UNCERTAIN
+
+## Output (mandatory format)
+### Infrastructure
+zerops_verify status and check summary
+
+### Application
+what you observed — DOM content, JS errors, visual state
+
+### Evidence
+accessibility tree excerpt or error details
+
+### VERDICT: PASS or FAIL or UNCERTAIN — one-line justification
+""")
+```
+
+
 ----------------------------------------
 
 # Guides > Vpn
 
-Zerops VPN uses WireGuard via `zcli vpn up ` — connects to one project at a time, services accessible by hostname, but env vars are NOT available through VPN.
+
+Zerops VPN uses WireGuard via `zcli vpn up <project-id>` — connects to one project at a time, services accessible by hostname, but env vars are NOT available through VPN.
+
 ## Commands
 ```bash
-zcli vpn up                     # Connect
-zcli vpn up  --auto-disconnect  # Auto-disconnect on terminal close
-zcli vpn up  --mtu 1350        # Custom MTU (default 1420)
+zcli vpn up <project-id>                    # Connect
+zcli vpn up <project-id> --auto-disconnect  # Auto-disconnect on terminal close
+zcli vpn up <project-id> --mtu 1350        # Custom MTU (default 1420)
 zcli vpn down                               # Disconnect
 ```
+
 ## Behavior
 - All services accessible via hostname (e.g., `db`, `api`) — `.zerops` suffix optional
 - **One project at a time** — connecting to another disconnects the current
 - Automatic reconnection with daemon
 - **Environment variables NOT available** through VPN — use GUI or API to read them
+
 ## Hostname Resolution
 - Both plain hostname (`db`) and suffixed (`db.zerops`) work — VPN configures a DNS search domain
 - Plain hostname is resolved via the `.zerops` search domain automatically (e.g., `db` → `db.zerops`)
 - Example: `postgresql://user:pass@db:5432/mydb` or `postgresql://user:pass@db.zerops:5432/mydb`
 - Note: CLI tools like `dig`, `nslookup`, `host` bypass the system resolver and may show false NXDOMAIN — use `dscacheutil -q host -a name db` on macOS to verify, or just test with `nc -zv db 5432`
+
 ## Troubleshooting
+
 | Problem | Solution |
 |---------|----------|
 | Interface already exists | `zcli vpn down` then `zcli vpn up` |
@@ -11833,21 +16899,29 @@ zcli vpn down                               # Disconnect
 | Conflicting VPN | Use `--mtu 1350` |
 | Ubuntu 25.* issues | Install AppArmor utilities |
 | Ubuntu 25.* issues | Install AppArmor utilities |
+
 ## Gotchas
 1. **No env vars via VPN**: Must read env vars from GUI or API — VPN only provides network access
 2. **One project at a time**: Cannot connect to multiple projects simultaneously
 3. **Hostname resolution**: Both `hostname` and `hostname.zerops` work (VPN sets up DNS search domain). Use plain hostname for simplicity. If resolution fails on Windows, add `zerops` to DNS suffix list in Advanced TCP/IP Settings.
 
+
 ----------------------------------------
 
 # Guides > Zerops Yaml Advanced
 
+
 Behavioral semantics for advanced zerops.yml features: health/readiness checks, deploy strategies, cron, background processes, runtime init, envReplace, routing, and `extends`. Schema is in grammar.md -- this file covers what the schema cannot express.
+
 ---
+
 ## Health Check Behavior
+
 Health checks run **continuously** on every container after startup. Two types (mutually exclusive):
+
 - **`httpGet`**: GET to `localhost:{port}{path}`. Success = 2xx. Runs **inside** the container. Use `host` for custom Host header, `scheme: https` only if app requires TLS.
 - **`exec`**: Shell command, success = exit 0. Has access to all env vars. Use YAML `|` for multi-command scripts.
+
 | Parameter | Purpose |
 |-----------|---------|
 | `failureTimeout` | Seconds of consecutive failures before container restart |
@@ -11855,11 +16929,17 @@ Health checks run **continuously** on every container after startup. Two types (
 | `recoveryTimeout` | Seconds of success before restarted container receives traffic again |
 | `execPeriod` | Interval in seconds between check attempts |
 | `execPeriod` | Interval in seconds between check attempts |
+
 **Failure sequence**: repeated failures -> `disconnectTimeout` removes from LB -> `failureTimeout` triggers restart -> `recoveryTimeout` gates traffic reconnection.
+
 **DO NOT** configure both `httpGet` and `exec` in the same block.
+
 ---
+
 ## Readiness Check Behavior
+
 Runs **only during deployments** to gate traffic switch to a new container.
+
 ```yaml
 deploy:
   readinessCheck:
@@ -11867,19 +16947,29 @@ deploy:
     failureTimeout: 60
     retryPeriod: 10
 ```
+
 **How it works**: Checks the **new** container at `localhost`. Until it passes, traffic stays on the old container. After `failureTimeout`, deploy fails and the old container remains active.
+
 **DO NOT** confuse with healthCheck -- readiness gates a deploy; healthCheck monitors continuously after.
+
 > **Dev/stage distinction**: In dev+stage pairs, healthCheck and readinessCheck belong ONLY on the stage entry. Dev services use `start: zsc noop --silent` — the agent controls server lifecycle via SSH. Adding healthCheck to dev causes unwanted container restarts during iteration.
+
 ---
+
 ## temporaryShutdown
+
 | Value | Behavior | Downtime |
 |-------|----------|----------|
 | `false` (default) | New containers start first, old removed after readiness | None (zero-downtime) |
 | `true` | All old containers stop, then new ones start | Yes |
 | `true` | All old containers stop, then new ones start | Yes |
+
 Use `true` when: exclusive DB migration access needed, or brief downtime acceptable. Use `false` for: production web services, APIs, user-facing apps.
+
 ---
+
 ## Crontab Execution
+
 ```yaml
 run:
   crontab:
@@ -11888,11 +16978,17 @@ run:
       workingDir: /var/www/html
       allContainers: false
 ```
+
 Parameters: `command` (required), `timing` (required, 5-field cron: `min hour dom mon dow`), `workingDir` (default `/var/www`), `allContainers` (`false` = one container, `true` = all containers).
+
 Cron runs inside the runtime container with full env var access. When `allContainers: false`, Zerops picks **one** container (good for DB jobs). Use `true` for cache clearing or log rotation everywhere. Minimum granularity is 1 minute.
+
 ---
+
 ## startCommands (Background Processes)
+
 Runs **multiple named processes** in parallel. **Mutually exclusive** with `start`.
+
 ```yaml
 run:
   startCommands:
@@ -11903,9 +16999,13 @@ run:
       initCommands:
         - litestream restore -if-replica-exists -if-db-not-exists $DB_NAME
 ```
+
 Each entry: `command` (required), `name` (required), `workingDir` (optional), `initCommands` (optional, per-process init). **DO NOT** use both `start` and `startCommands`.
+
 ---
+
 ## initCommands vs prepareCommands
+
 | Feature | `run.initCommands` | `run.prepareCommands` |
 |---------|-------------------|----------------------|
 | **When** | Every container start/restart | Only when building runtime image |
@@ -11914,19 +17014,28 @@ Each entry: `command` (required), `name` (required), `workingDir` (optional), `i
 | **Deploy files** | Present in `/var/www` | **Not available** -- DO NOT reference app files |
 | **Reruns on** | Restart, scaling, deploy | Only when commands change |
 | **Reruns on** | Restart, scaling, deploy | Only when commands change |
+
 ---
+
 ## envReplace (Variable Substitution)
+
 Replaces placeholders in deployed files with env var values at deploy time.
+
 ```yaml
 run:
   envReplace:
     delimiter: "%%"
     target: [./config/, ./templates/settings.json]
 ```
+
 File containing `%%DATABASE_URL%%` gets the placeholder replaced with the actual value. Multiple delimiters supported: `delimiter: ["%%", "##"]`. Use for: secrets in config files, PEM certificates, frontend configs.
+
 **Directory targets are NOT recursive** -- `./config/` processes only files directly in that directory. Specify subdirectories explicitly.
+
 ---
+
 ## routing (Static Services Only)
+
 ```yaml
 run:
   routing:
@@ -11938,13 +17047,18 @@ run:
       - for: "/*"
         values: { X-Frame-Options: "'DENY'" }
 ```
+
 - **`cors`**: Sets Access-Control-Allow-Origin. `"*"` auto-converted to `'*'`
 - **`redirects[]`**: `from` (wildcards `*`), `to`, `status`, `preservePath`, `preserveQuery`
 - **`headers[]`**: `for` (path pattern), `values` (header key-value pairs)
 - **`root`**: Custom root directory
+
 **DO NOT** use on non-static services -- silently ignored.
+
 ---
+
 ## extends (Configuration Inheritance)
+
 ```yaml
 zerops:
   - setup: base
@@ -11954,7 +17068,9 @@ zerops:
     extends: base
     run: { envVariables: { NODE_ENV: production } }
 ```
+
 Supports single parent (`extends: base`) or multiple parents (`extends: [base, logging]`) -- later parents override earlier ones:
+
 ```yaml
 zerops:
   - setup: base
@@ -11965,65 +17081,85 @@ zerops:
     extends: [base, logging]
     run: { envVariables: { NODE_ENV: production } }
 ```
+
 Configuration is **merged at the section level** -- child values override parent values within each section (build, run, deploy), but unspecified sections inherit from parent. Must reference another `setup` name in the same file.
+
 ## Base Images
+
 Available runtimes and versions are listed in **Service Stacks (live)** -- injected by `zerops_knowledge` and workflow responses. Some key rules:
+
 - PHP: build `php@X`, run `php-nginx@X` or `php-apache@X` (different bases)
 - Deno, Gleam: REQUIRES `os: ubuntu` (not available on Alpine)
 - Static sites: build `nodejs@latest`, run `static`
 - `@latest` = newest stable version
+
 ---
 
+
 ----------------------------------------
 
 # Help > Contacts
 
+
 :construction: **We apologize for any inconvenience, we are doing our best to finish this documentation ASAP to make your Zerops experience a blast!** :construction:
+
 In the meantime, if you have any troubles setting up your application, or if you find a specific part of the documentation missing, don't hesitate to contact our team via:
 
+- [Discord (recommended)](https://discord.com/invite/WDvCZ54) — The fastest way to get help from our team and other community members.
+- [Report an issue](https://github.com/zeropsio/docs/issues/new/choose) — If you want to report an issue, please click here.
+- [Email](mailto:support@zerops.io) — Reach the team directly, this might take longer as the community won
+- [Twitter](https://x.com/zeropsio) — Reach out to us by direct messagining or by tagging @zeropsio in your tweets for a response.
+
+
 ----------------------------------------
 
 # Help > Faq
 
+
 Get quick answers to your related questions about Zerops from frequently asked questions we get asked.
+
 ### General
-  Question: Where can I find the Zerops Dashboard GUI?
-Answer: 
-    You can access the Zerops Dashboard GUI directly at app.zerops.io.
-  
-  Question: How much does it cost to get started?
-Answer: 
-    It's free to get started, and no credit card is required! However, we
-    recommend visiting our pricing page to explore the options that best suit your needs.
+
+  **Question: Where can I find the Zerops Dashboard GUI?**
+
+You can access the Zerops Dashboard GUI directly at [app.zerops.io](https://app.zerops.io).
+
+  **Question: How much does it cost to get started?**
+
+It's free to get started, and no credit card is required! However, we
+    recommend visiting our [pricing page](/company/pricing) to explore the options that best suit your needs.
+
     We also have a calculator on our pricing page that can help you estimate the cost of your project.
-  
-  Question: Where are your servers located?
-Answer: 
-    Our infrastructure spans multiple regions. In Europe, we operate our own high-tier
-    data center in Prague, Czech Republic, running on bare metal servers managed by
-    vshosting's senior admin team — vshosting.eu,
+
+  **Question: Where are your servers located?**
+
+Our infrastructure spans multiple regions. In Europe, we operate our own high-tier
+    data center in **Prague**, Czech Republic, running on bare metal servers managed by
+    vshosting's senior admin team — [vshosting.eu](https://vshosting.eu/),
     one of the largest providers of managed hosting in Europe. In the US, we have servers
-    in New York, with additional US East Coast capacity on its way through a trusted
+    in **New York**, with additional US East Coast capacity on its way through a trusted
     infrastructure partner.
-    Stay tuned for updates on our Discord server and checkout our roadmap!
-  
-  Question: Why should I use Zerops over Self-Hosted PaaS?
-Answer: 
-    We have a detailed article discussing whether you should go for a Self-hosted PaaS → [The rise of self-hosted PaaS — is $5 VPS all you need?](https://zerops.io/article/the-rise-of-self-hosted-paa-s-is-5-vps-all-you-need).
-  
-  Question: How do I change my email?
-Answer: 
-    Navigate to the main menu in the Zerop GUI (with your icon) and add a new user with the selected email to your team.
-    
-  Question: I have more questions. Where can I reach out to get help?
-Answer: 
-    You can reach us on our Discord server for support. For additional contact options, please visit our contacts page.
-  
+
+    Stay tuned for updates on our [Discord server](https://docs.zerops.io/discord) and checkout our [roadmap](https://zerops.io/#about)!
+
+  **Question: Why should I use Zerops over Self-Hosted PaaS?**
+
+We have a detailed article discussing whether you should go for a Self-hosted PaaS → [The rise of self-hosted PaaS — is $5 VPS all you need?](https://zerops.io/article/the-rise-of-self-hosted-paa-s-is-5-vps-all-you-need).
+
+  **Question: How do I change my email?**
+
+Navigate to the main menu in the Zerop GUI (with your icon) and add a new user with the selected email to your team.
+
+  **Question: I have more questions. Where can I reach out to get help?**
+
+You can reach us on our [Discord server](https://docs.zerops.io/discord) for support. For additional contact options, please visit our [contacts page](https://docs.zerops.io/help/contacts).
+
 
 ----------------------------------------
 
 # Homepage
 
+
 export const runtimes = [
     { name: "Node.js", link: "/nodejs/overview", icon:  },
     { name: "PHP", link: "/php/overview", icon:  },
@@ -12039,11 +17175,13 @@ export const runtimes = [
     { name: "Nginx", link: "/nginx/overview", icon:  },
     { name: "Static", link: "/static/overview", icon:  },
 ]
+
 export const containers = [
     { name: "Ubuntu", link: "/ubuntu/overview", icon:  },
     { name: "Alpine", link: "/alpine/overview", icon:  },
     { name: "Docker", link: "/docker/overview", icon:  },
 ]
+
 export const databases = [
     { name: "PostgreSQL", link: "/postgresql/overview", icon:  },
     { name: "MariaDB", link: "/mariadb/overview", icon:  },
@@ -12057,58 +17195,109 @@ export const databases = [
     { name: "ClickHouse", link: "/clickhouse/overview", icon:  },
     { name: "KeyDB", link: "/keydb/overview", icon:  },
 ]
+
 export const storages = [
     { name: "Object storage", link: "/object-storage/overview", icon:  },
     { name: "Shared storage", link: "/shared-storage/overview", icon:  },
 ]
+
+<div className="!max-w-xxl !mx-none">
+
 Zerops is a **developer-first Platform-as-a-Service**, running on bare metal, with every part built from scratch. Zerops aims to be the perfect mix of **developer experience**, **flexibility**, **scalability** and **affordability**, making it a great fit for applications of any size, complexity and traffic.
+
 ## Natively supported services
+
 ### Runtimes & web servers
+
 For these services Zerops provides pre-prepared build and runtime images and flexible pipeline that allows you to modify them and build your applications.
+
 ### Linux containers & VMs
+
 These services can be deployed either as plain Linux containers or using Docker images, giving you flexibility to run any application or service.
+
 ### Databases, search engines & message brokers
+
 These services are fully managed by Zerops and offered in highly available and single container modes.
+
 ### Storages
+
 Fully managed S3 compatible storage running on a separate infrastructure and persistent disk that can be mounted to multiple services.
+
 ## Quicklinks
+
+- [zCLI](/references/cli)
+- [zerops.yaml](/zerops-yaml/specification)
+- [Import file](/references/import)
+
 ## Feature highlights
+
 Four concepts that play together to make Zerops developer-first and live up to the claim "no matter the size or environment".
+
 ### ➡️ Custom dedicated infrastructure deployed with each project
+
 Zerops is made of three levels: **project** -> **service** -> **container**. For each project Zerops deploys dedicated **core services**, these consist of:
+
 - **L3 balancer** with a firewall and unique IP addresses assigned to it, this serves as the main entry point from the internet,
 - **Logger** and **Statistics** containers that gather logs and resource metrics from all services inside the project and allow for log forwarding
 - **L7 load balancer** that handles and routes http traffic, SSL termination and SSL certificates
+
 User services (which consist of one or more containers) inside the project share a private network created with VXLAN, have resources isolated with cgroups and can securely communicate with each other simply by using the hostname and ports and read and reference each other's environment variables.
+
 :::tip[**What does this mean for you?**]
+
 You get a fully managed, professional infrastructure setup that will scale no matter how much traffic you get and deals with all the networking, balancing and security stuff, so you can just focus on your actual applications.
-Read more about the project infrastructure
+
+[Read more about the project infrastructure](/features/infrastructure)
+
 :::
+
 ### ➡️ Granular resource configuration, autoscaling and high availability of services
+
 Zerops has fully automatic horizontal and vertical scaling with configuration steps as small as 0.125 GB RAM and 1 CPU core. Your runtime services can go from a single container with 0.25 RAM and 1 CPU core to 10 containers each with 32 GB RAM and 10 CPU cores and then back in a matter of minutes. At the same time, all database and storage services are offered in well-crafted setups that go through performance optimizations while scaling and are available in both non-HA (single container) and high availability (multiple containers and balancers) modes.
+
 :::tip[**What does this mean for you?**]
+
 You won't ever overprovision or underprovision your resources and your services will always have the exact resources they need. There won't be any cutting corners like sharing too few CPU cores between too many services. You will be able to rely on professional, reliable and highly available database setups with auto-repairing abilities that will scale along with your applications.
-Read more about autoscaling and high availability
+
+[Read more about autoscaling and high availability](/features/scaling)
+
 :::
+
 ### ➡️ Full Linux OS containers with a powerful, flexible build and deploy pipeline
+
 Zerops uses Incus to create containers, which means that you get a full Linux OS, either Ubuntu or Alpine, depending on your choices. This provides the perfect middle ground between a containerized process (Docker) and a full-fledged VM (Proxmox). Zerops provides build and runtime bases for all the popular runtime technologies and a powerful and flexible pipeline that allows you to modify and cache both the build and runtime images. This circumvents the need for Docker registries. The pipeline can be triggered either automatically, by connecting the service with GitHub or GitLab repositories, or manually using our CLI - either for triggering from your machine, or from any existing CI/CD process.
+
 :::tip[**What does this mean for you?**]
+
 You get a built-in powerful and flexible pipeline to modify build and runtime images and deploy your code, without any downtime. It can be used standalone or easily plugged into any existing CI/CD process.
-Read more about the build and deploy pipeline
+
+[Read more about the build and deploy pipeline](/features/pipeline)
+
 :::
+
 ### ➡️ Pricing model that doesn't get in the way of good development practices
+
 "Simple and predictable pricing"... is what others say and what we actually do. In Zerops, cost per hardware resource (CPU, RAM, Disk) is 3-5x cheaper than with popular alternatives. And there are no plans, no feature tiers, no fees for seats. PaaS is just hardware with a cherry and bow on top, so why would we charge you for anything else but hardware resources?
+
 :::tip[**What does this mean for you?**]
+
 You get a powerful managed platform with all the best features unlocked for a price that's nearly on par with VPS. You can create as many environments as you need, even one for each developer working on a project, all with the same infrastructure as production, so they can utilize Zerops for their local development. No more "but it works on my machine".
+
 :::
+</div>
+
 
 ----------------------------------------
 
 # Java > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Java application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -12117,47 +17306,60 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: java@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - ./mvnw clean install
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: target/app.jar
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: some_file
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: java@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Java environment by installing additional
       # dependencies to the base Java runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Java application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Java application start command
       start: java -jar target/app.jar
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -12168,6 +17370,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -12177,11 +17380,17 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Java builds:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12192,13 +17401,19 @@ zerops:
       base: java@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected version
-  of Java, Zerops command line tool, `git` and
+  of Java, [Zerops command line tool](/references/cli), `git` and
   `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12212,34 +17427,52 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Java defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12248,6 +17481,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: java@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -12255,20 +17489,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/java/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12277,96 +17522,138 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: java@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - ./mvnw clean install
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it. Suppose your `mvnw` executable file is in a `cmd` directory.
+
 ```yaml
 buildCommands:
   - |
     cd cmd
     ./mvnw clean install
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command. Suppose your `mvnw` executable file is in a `cmd` directory.
+
 ```yaml
 buildCommands:
   - cd cmd
   - ./cmd/mvnw clean install
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/java/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the `-X` debug option.
+
 ```yaml
 buildCommands:
   - ./mvnw -X clean install
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app.jar
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - api
   - app.jar
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -12378,22 +17665,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -12402,6 +17700,7 @@ zerops:
     build:
       base: java@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         DB_NAME: db
@@ -12409,12 +17708,18 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/java/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Java version for your runtime.
+
 Following options are available for Java builds:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12424,18 +17729,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: java@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: java@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the selected major
   version of Java, Zerops command line tool, git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12445,6 +17757,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: java@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -12454,44 +17767,75 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Java service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access a Java service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the Java runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Java environment contains {data.alpine.default}, the selected major
-  version of Java, Zerops command line tool and
+  version of Java, [Zerops command line tool](/references/cli) and
   `git` and `wget`. To install additional packages or tools add one or more
   prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12499,6 +17843,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -12508,27 +17853,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/java/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the selected
-  major version of Java, Zerops command line tool and `git` and `wget`.
+  major version of Java, [Zerops command line tool](/references/cli) and `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12537,6 +17900,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -12546,15 +17910,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -12563,22 +17932,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Java application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/java/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/java/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -12592,57 +17974,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/java/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Java application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Java application start command
       start: java -jar target/app.jar
 ```
+
 We recommend starting your Java application using `java -jar target/app.jar`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Java application start command
       start: java -jar target/app.jar
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -12650,30 +18059,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Java application.
+
+        The command has access to the same [environment variables](/java/how-to/create#set-secret-environment-variables) as your Java application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Java application start command
       start: java -jar target/app.jar
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -12682,13 +18108,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -12697,40 +18128,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/java/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -12739,30 +18192,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/java/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Java application.
+
+        The command has access to the same [environment variables](/java/how-to/create#set-secret-environment-variables) as your Java application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -12774,8 +18245,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/java/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Java > How To > Build Process
@@ -12792,35 +18265,60 @@ Read more about how the [readiness check works](/java/how-to/deploy-process#read
 
 # Java > How To > Create
 
+
 Zerops provides a Java runtime service with extensive build support. Java runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Java service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Java service:
+
+[Video: /vids/services/java.webm](/vids/services/java.webm)
+
 ### Choose Java version
+
 Following Java versions are currently supported:
+
 :::info
 You can [change](/java/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/java/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Java service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Java service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/java/how-to/create#create-a-project-description-file)
 3. [Create a project with a Java and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -12841,13 +18339,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Java version 1 service with default [auto scaling](/java/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/java/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -12892,98 +18395,143 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Java service and a [PostgreSQL](/postgresql/overview) service.
+
 Java service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Java service will run on version 1 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Java service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/java/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/java/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/java/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/java/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Java service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -13004,33 +18552,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Java service version 1 with default [auto scaling](/java/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Java > How To > Customize Runtime
 
-Build tools: When you need Maven, Gradle, or other build tools not included by default',
-  'Native libraries: When your Java dependencies require system libraries that aren\'t in the default environment',
-  'Application servers: When you need Tomcat, Jetty, or other application servers',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -13084,14 +18637,23 @@ Build tools: When you need Maven, Gradle, or other build tools not included by d
 
 # Java > Overview
 
+
 # Java overview
+
 [Java ↗](https://www.java.com/en/) is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-java-hello-world), a **_recipe_**, containing the most simple Java web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Java running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Java running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "java" recipe on Zerops](https://app.zerops.io/recipe/?lf=java)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-java-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -13103,97 +18665,162 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-java-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/java/how-to/create) — Dive in all Zerops has to offer for your Java application.
+
 ## Feature Highlights
+
+- [Create Java service](/java/how-to/create) — Start with creating a Java service using GUI or zCLI.
+- [zerops.yaml](/java/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/java/how-to/scaling) — Set up scaling of your Java application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/java/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/java/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/java/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Kafka > Overview
 
+
 Zerops provides a fully managed [Apache Kafka](https://kafka.apache.org/) messaging platform with automated scaling and zero infrastructure overhead, letting developers focus entirely on development.
+
 ## Supported Versions
+
 Currently supported Kafka version:
+
 Import configuration version:
+
+- `kafka@3.9`
+- `kafka@3.8`
+
 ## Service Configuration
+
 Our Kafka implementation features optimized default settings designed for common use cases.
+
 ### Key Configuration
+
 * **Client Connections:** Data brokers available on port `9092`
 * **Authentication:** Secure SASL PLAIN with automatically generated credentials
 * **Data Persistence:** Topic data stored indefinitely (no time or size limit)
 * **Performance:** Optimized settings for reliability and throughput
+
 ### Resource Allocation
+
 Zerops automatically allocates resources to your Kafka service based on demand:
+
 * **Memory:** Up to 40GB RAM for high-performance message processing
 * **Storage:** Up to 250GB for persistent storage of messages and logs
 * **Auto-scaling:** Resources scale up and down automatically based on workload
+
 ## Deployment Modes
+
 :::important
 Deployment mode is selected during service creation and cannot be changed later.
 :::
+
 ### High-Availability (HA) Setup
+
 The recommended solution for production workloads and mission-critical data:
+
 * Creates a multi-node Kafka cluster with 3 broker nodes
 * Configures 6 partitions across the cluster
 * Implements replication factor of 3 (each broker node has a copy of each partition)
 * Default topic replication is also 3 (overridable by user application)
 * Zerops automatically attempts to repair the cluster and data replication in case of a node failure
+
 ### Single Node Instance
+
 Suitable for development and testing environments:
+
 * Consists of 1 broker node
 * Configures 3 partitions
 * No data replication
 * Lower resource requirements
+
 :::note
 Use for development or non-critical data only, as data loss may occur due to container volatility.
 :::
+
 ## Authentication Management
+
 Authentication credentials are automatically generated and managed by the platform using SASL PLAIN authentication.
+
 **Access your credentials through:**
 * The service access details in the Zerops GUI
 * Environment variables in your service configuration:
   * `user` - Username for authentication
   * `password` - Generated secure password
   * `port` - Kafka port (value: `9092`)
+
 ## Client Access
+
 Client implementations differ, please refer to your chosen client's configuration manual for specific details.
+
 ### Access Methods
+
 #### Seed Broker Connection
 Connect to the Kafka cluster using the "seed" (or "bootstrap") broker server:
 ```
-:9092
+<hostname>:9092
 ```
+
 #### Specific Broker Access
 To access a single specific broker or a list of all/some brokers:
 ```
-node-stable-1.db..zerops:9092,node-stable-2.db..zerops:9092,...
+node-stable-1.db.<hostname>.zerops:9092,node-stable-2.db.<hostname>.zerops:9092,...
 ```
+
 ## Best Practices
+
 ### Production Workloads
 * Use HA mode for all production deployments
 * Configure proper retention policies for your topics based on your data requirements
 * Monitor consumer lag to ensure messages are being processed efficiently
 * Use consumer groups to distribute processing load
+
 ### Development Environments
 * Single node instances are suitable for development and testing
 * Be aware of potential data loss in non-HA deployments
 * Consider using smaller message sizes during development to reduce resource usage
+
 ## Support
+
 For advanced configurations or custom requirements:
 * Join our [Discord community](https://discord.gg/zerops)
 * Contact support via [email](mailto:support@zerops.io)
@@ -13202,10 +18829,15 @@ For advanced configurations or custom requirements:
 
 # Keydb > How To > Connect
 
+
 ## Copy access details from Zerops GUI
+
 You will find the KeyDB access details under the **Access details** button in the project dashboard page.
+
 The same information is available in the service detail page in the left menu under the **Peek access details** button.
+
 ### KeyDB access parameters:
+
 | Parameter             | Description                                                                      |
 | --------------------- | -------------------------------------------------------------------------------- |
 | **Hostname**          | The service hostname specified when the KeyDB service was created.               |
@@ -13214,26 +18846,43 @@ The same information is available in the service detail page in the left menu un
 This port is fixed for all KeyDB services and cannot be customized. |
 | **Connection string** | The connection string for KeyDB service is:
 `redis://{hostname}:6379`        |
+
 ## Connect to KeyDB from runtime services of the same project
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 #### Example
+
 To connect to KeyDB `database1` service, set
+
 ```
 host = database1
 ```
+
 You will find the password under the [**Access details**](#copy-access-details-from-zerops-gui) button in Zerops GUI.
+
 :::caution
 Do not use SSL/TLS protocols when connecting to KeyDB from other runtime services in the same project. Zerops KeyDB is not configured to support these protocols. The security is assured by the project private network. Due to security reasons Zerops doesn't allow exposing KeyDB service to the internet.
 :::
+
 ## Use KeyDB environment variables
+
 Zerops creates default environment variables for each KeyDB service to help you with connection from runtime services in the same project. To avoid the need to copy database access parameters manually, use environment variables in your [runtime service].
+
 ### Prefix the environment variable key
+
 All services of the same project can reference environment variables from other services. To use an environment variable from one service in another service in the same project, you must prefix the environment variable key with the service hostname and underscore.
+
 #### Example
+
 To access the `connectionString` env variable of the `keydb1` service, use `keudb1_connectionString` as the env variable key.
+
 ### KeyDB environment variables
+
 List of service environment variables is available in Zerops GUI. Go to a KeyDB service detail and choose **Environment variables** in the left menu.
+
 Zerops creates following environment variables when the KeyDB service is created:
+
 | Variable              | Description                                                                      |
 | --------------------- | -------------------------------------------------------------------------------- |
 | **Hostname**          | The service hostname specified when the KeyDB service was created.               |
@@ -13244,26 +18893,41 @@ This port is fixed for all KeyDB services and cannot be customized. |
 | **serviceId**         | ID of the KeyDB service. Generated by Zerops.                                    |
 | **Connection string** | The connection string for KeyDB service is:
 `redis://{hostname}:6379`        |
+
 You can create own custom [environment variables](/features/env-variables) for the KeyDB service in Zerops GUI and use them in the same way as the default variables.
+
 ## Connect to KeyDB in Zerops remotely
+
 :::caution
 Due to security reasons Zerops doesn't allow exposing KeyDB service directly to the internet.
 :::
+
 ### Start VPN connection
+
 You can securely connect to KeyDB from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool. To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn#start-vpn)
+
 ### Access KeyDB through VPN
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](#use-keydb-environment-variables) are available when connected through VPN. To connect to KeyDB in Zerops you have to copy the [access details](#copy-access-details-from-zerops-gui) manually from Zerops GUI.
+
 :::caution
 Do not use SSL/TLS protocols when connecting to KeyDB over VPN. Zerops KeyDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 ### Stop VPN connection
+
 [Stop the Zerops VPN](/references/networking/vpn#stop-vpn) in zCLI.
+
 ### Connect to KeyDB from another Zerops project
+
 All services of the same project share a **dedicated private network**. You can use the service hostname to connect from one service to another within the same project.
+
 Different Zerops projects have no special connection. They can communicate with each other only via the internet. If you need to connect to a KeyDB service in a Zerops project from a runtime service in another project, you need to use the [Zerops VPN](#access-keydb-through-vpn). Due to security reasons Zerops doesn't allow exposing KeyDB service directly to the internet.
 
+
 ----------------------------------------
 
 # Keydb > How To > Control
@@ -13274,44 +18938,70 @@ Different Zerops projects have no special connection. They can communicate with
 
 # Keydb > How To > Create
 
+
 [KeyDB ↗](https://docs.keydb.dev/) is a fully open source database, backed by Snap, and a faster drop in alternative to Redis.
+
 ## Create KeyDB using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new KeyDB service:
+
 ### Choose KeyDB version
+
 Following KeyDB versions are currently supported:
+
 ### Set a hostname
+
 Enter a unique service identifier like `keydb`, `db` etc.
+
 #### Limitations:
+
 - Duplicate services with the same name within the same project are not allowed
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Configure auto scaling
+
 Zerops automatically scales KeyDB services based on actual database usage. Configure the scaling parameters to match your database needs and control costs.
+
 **CPU Mode**: Choose between shared (cost-effective) or dedicated (consistent performance).
+
 **Resource Limits**: Set minimum and maximum resources for CPU, RAM, and disk to control costs and ensure performance.
+
 **Deployment Mode**: Choose the reliability configuration for your KeyDB service:
+
 - **Highly Available**: Multiple containers with redundancy across different physical machines. Recommended for production environments.
 - **Single Container**: One container suitable for development and non-critical environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 :::tip Learn More
 For detailed scaling configuration, deployment mode details, and troubleshooting, see:
 - [How Zerops scales KeyDB](/keydb/how-to/scale) - Database-specific scaling guide
 - [Automatic Scaling and High Availability](/features/scaling) - Complete technical details
 :::
+
 ## Create KeyDB using zCLI
+
 zCLI is the Zerops command-line tool. To create a new KeyDB service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](#create-a-project-description-file)
 3. Create a project and a KeyDB service
+
 ### Create a project description file
+
 Zerops uses a yaml format file to describe the project infrastructure.
+
 #### Basic example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
@@ -13326,9 +19016,13 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one KeyDB service in single container mode with default [auto scaling](/keydb/how-to/scale) configuration. Hostname will be set to `keydb1`.
+
 #### Full example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
@@ -13367,103 +19061,163 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain two KeyDB services.
+
 The hostname of the first service will be set to `keydb1`. The highly available mode will be chosen and the custom [auto scaling configuration](/keydb/how-to/scale) will be set.
+
 The hostname of the second service will be set to `keydb2`. The single container mode will be chosen and the default [auto scaling configuration](/keydb/how-to/scale) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains only KeyDB services but you can create a `description.yaml` with [different types] of services.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
+
         The hostname of the new database will be set to the `hostname` value.
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [KeyDB service types](/references/import-yaml/type-list#database-services) are currently supported.
-      
-      mode
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>mode</strong></td>
+      <td className="w-fit">
         Defines the operation mode of KeyDB service.
-        HA
-        
+
+        <strong>HA</strong>
+
         Creates a KeyDB cluster with 2 database containers. This mode is suited for production.
+
         Zerops always keeps the 2 database containers on different physical machines. All your data is stored redundantly in 2 identical copies. In case of a failure of a container or the underlying physical machine, Zerops automatically disconnects the failed container from the cluster, creates a new container and syncs all data from the remaining copy. Finally the broken container is automatically deleted.
-        NON_HA
-        
+
+        <strong>NON_HA</strong>
+
         Zerops will create a KeyDB database installed in a single container. Useful for non-essential data or dev environments.
+
         Your data is stored only in a single container. If the container or the underlying physical machine fails, your data since the last backup are lost. Zerops doesn't provide any automatic repairs of single node KeyDB services.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/keydb/how-to/scaling#configure-scaling).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-:::caution
-The KeyDB service **hostname** and **mode** are fixed after the service is created. They can't be changed later.
-:::
-### Create a project based on the description.yaml
-When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
-```sh
-Usage:
-  zcli project project-import importYamlPath [flags]
-Flags:
-  -h, --help                Help for the project import command.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+:::caution
+The KeyDB service **hostname** and **mode** are fixed after the service is created. They can't be changed later.
+:::
+
+### Create a project based on the description.yaml
+
+When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
+```sh
+Usage:
+  zcli project project-import importYamlPath [flags]
+
+Flags:
+  -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add KeyDB service to an existing project
+
 #### Example
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```bash
 # array of project services
 services:
@@ -13475,208 +19229,317 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one KeyDB service in single container mode with default [auto scaling](/keydb/how-to/scale) configuration will be added to your project. Hostname of the new service will be set to `keydb1`.
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file](#create-a-project-description-file). The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the `import.yaml` file is 100 kB.
 
 ----------------------------------------
 
 # Keydb > How To > Manage
 
+
 ## How to use a database management tool on your workstation
+
 Do you already use a database management tool that supports KeyDB on your workstation? Connect it securely to KeyDB from your local workspace via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to KeyDB remotely](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely).
+
 :::caution
 Do not use SSL/TLS protocols when connecting to KeyDB over VPN. Zerops KeyDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 ## How to use KeyDB Client CLI on your workstation
+
 If you use the [keydb-cli ↗](https://docs.keydb.dev/docs/keydbcli/) command-line client to manage your KeyDB on your local workspace, you can connect it securely to KeyDB via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to KeyDB remotely](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely).
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely) are available when connected through VPN. To connect to KeyDB in Zerops you have to copy the [access details](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely) manually from Zerops GUI.
+
 Use `keydb-cli` command to connect to KeyDB in Zerops:
+
 ```sh
 keydb-cli -h [hostname]
 ```
+
 :::caution
 Do not use SSL/TLS protocols when connecting to KeyDB over VPN. Zerops KeyDB is not configured to support these protocols. The security is assured by the VPN.
 :::
 
+
 ----------------------------------------
 
 # Keydb > How To > Scale
 
+
 Zerops automatically scales your KeyDB service based on actual database usage. When your database needs more power, resources increase. When demand drops, resources scale down to reduce costs.
+
 :::tip Read More
 For complete scaling details across all services, see [Automatic Scaling and High Availability](/features/scaling).
 :::
+
 ## How KeyDB scaling works
+
 KeyDB services use **vertical scaling** to adjust CPU, RAM, and disk resources within containers based on usage patterns. Unlike runtime services, KeyDB does not use horizontal scaling (adding/removing containers). Instead, KeyDB services use deployment modes for high availability.
+
 ## Configure scaling
+
 You can configure scaling settings:
+
 - **During service creation** - Set initial scaling parameters when [creating](/keydb/how-to/create) your KeyDB service
 - **During import** - Define scaling configuration in your YAML import file using `verticalAutoscaling` parameters
 - **After service creation** - Navigate to your KeyDB service and select **Automatic scaling configuration** to modify settings
+
 ### Basic settings
-  
+
 **CPU Mode**: Choose between shared (cost-effective, variable performance) or dedicated (consistent performance, higher cost). You can change CPU mode once per hour. See [pricing](https://zerops.io/#pricing) for costs.
+
 **Resource limits**: Configure minimum and maximum resources for your KeyDB service:
+
 - **Lower the maximum** to control costs and prevent over-scaling
 - **Raise the minimum** when you need guaranteed baseline performance
 - **Set minimum = maximum** to disable automatic scaling for that specific resource
+
 **Deployment mode**: Choose the reliability configuration for your KeyDB service:
+
 - **Single Container**: One container with vertical scaling only. Suitable for development environments.
 - **Highly Available**: Multiple containers with built-in redundancy. Recommended for production environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 When a container fails in HA mode, Zerops automatically replaces it with a new container on a different physical machine and synchronizes data from healthy copies.
+
 ### Advanced settings
+
 **Start CPU cores**: Determines how many CPU cores are allocated during database startup. Increase this value if your KeyDB service starts slowly or requires more processing power during initialization.
+
 **RAM thresholds**: Help prevent out-of-memory crashes by maintaining buffer space:
+
 - **Absolute (GB)**: Maintains this amount of free RAM at all times
 - **Percentage**: Keeps this percentage of total RAM free
+
 Consider increasing these values if your database experiences memory-related issues.
-  
+
 :::info Read More
 For detailed technical parameters and scaling behavior, see [Automatic Scaling and High Availability](/features/scaling#resource-scaling-behavior).
 :::
+
 ## Monitor usage
+
 Navigate to your KeyDB service and select **Service containers & Overview** to view:
 - CPU, RAM, and disk usage over time
 - Historical scaling events
 - Container health status
+
 ## Technical details
+
 Zerops monitors database usage and automatically adjusts resources based on predefined thresholds and timing parameters. The scaling behavior follows the same principles as other services in the platform.
+
 For complete technical specifications including:
 - Resource monitoring intervals and thresholds
 - Scale-up and scale-down timing parameters
 - Scaling increments and steps
 - Detailed scaling behavior patterns
+
 See [Resource Scaling Behavior](/features/scaling#resource-scaling-behavior) in the general scaling documentation.
+
 ## Common issues
+
 **Out of memory errors**
 - Increase minimum free RAM settings in your scaling configuration
 - Consider raising the minimum RAM allocation
 - Check for memory-intensive operations
+
 **Higher than expected costs**
 - Consider lowering your maximum resource limits
 - Review scaling patterns in the monitoring dashboard
+
 **Slow database startup**
 - Increase the "Start CPU cores" setting
 - Consider switching to dedicated CPU mode for consistent performance
+
 *Need help? Join our [Discord community](https://discord.gg/zerops) for assistance!*
 
 ----------------------------------------
 
 # Keydb > Overview
 
+
 [KeyDB ↗](https://docs.keydb.dev/) is a fully open source database, a faster drop-in alternative to Redis. It offers enhanced performance, multithreading capabilities, and maintains full compatibility with Redis clients and APIs.
+
 :::important
 While KeyDB is available in Zerops, please note that KeyDB development has not been very active recently. For new Redis-compatible deployments, we recommend considering [Valkey](/valkey/overview) as the preferred alternative due to its active development and ongoing support.
 :::
+
 ## Feature Highlights
+
+- [Create KeyDB service](/keydb/how-to/create) — Start with creating a KeyDB service using GUI or zCLI.
+- [Import config file](/keydb/how-to/create#full-example) — Use an example config file to import your KeyDB service.
+
 ### Connect to KeyDB service
+
+- [Manage KeyDB database](/keydb/how-to/manage)
+- [Connect from the same project](/keydb/how-to/connect#connect-to-keydb-from-runtime-services-of-the-same-project)
+- [Connect remotely](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely)
+
 ## Popular Guides
+
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your KeyDB service securely with Zerops VPN.
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
 
 # Mariadb > How To > Backup
 
+
 Zerops provides automated data backup for MariaDB services with full encryption and flexible management options.
+
 For general backup information including configuration, scheduling, and management options, see the [Zerops Backups](/features/backup) documentation, which covers:
 - Backup scheduling and retention policies
 - Tagging system and storage quotas
 - Manual backup creation and CLI tools
 - Security and encryption details
+
 This page focuses on MariaDB-specific backup details.
+
 ## MariaDB Backup Format
+
 MariaDB backups are created using `mariabackup` and stored in `.xb.gz` format:
+
 - **Format**: `.xb.gz` (single archive)
 - **Tooling**: `mariabackup`
 - **Compression**: Uses `xbstream` format, gzip compressed
 - **Storage**: Encrypted and stored in isolated object storage
+
 ## Restoring MariaDB Backups
+
 To restore a MariaDB backup, follow these steps:
+
 :::tip
 If the backup is large and the export/import has higher demands, consider scaling up the RAM in the container before starting. You can use [zsc](/references/zsc) to temporarily scale up:
 ```bash
 zsc scale ram +2GB 10m
 ```
 :::
+
 ### Step 1: Deploy the restore helper service
+
 Import the [MariaDB restore recipe](https://github.com/zeropsio/recipe-mariadb-restore) as a service into the project where your MariaDB service is located.
+
 Use the `zerops-import.yaml` file from the repository to import the service. See the [import documentation](/references/import) for details, or follow the steps in the [recipe README](https://github.com/zeropsio/recipe-mariadb-restore?tab=readme-ov-file#deploy-on-zerops).
+
 ### Step 2: Get the backup download URL
+
 1. Navigate to your MariaDB service in the Zerops GUI
 2. Go to the **Backups List & Configuration** section
 3. Find the backup you want to restore
 4. Click the **three dots menu** (⋮) on that backup
 5. Select **Copy download link**
+
 ### Step 3: Run the backup script
+
 Connect to the `mariadbrestore` service using the GUI terminal or via [VPN](/references/networking/vpn) and [SSH](/references/networking/ssh).
+
 :::note
 To use environment variables from your MariaDB service in the backup and restore commands, make sure the `envIsolation` project variable is set to `none`. See [Environment Variable Isolation](/features/env-variables#environment-variable-isolation) and [Referencing Variables](/features/env-variables#referencing-variables) for details.
 :::
+
 Run the backup script:
+
 ```bash
-backup.sh -d  -u ""
+backup.sh -d <source_database_name> -u "<backup_download_url>"
 ```
+
 Verify the backup was created:
+
 ```bash
 ls -lh backup.sql
 ```
+
 :::note
 You can also verify the backup file exists by checking the **File browser** in the `mariadbrestore` service.
 :::
+
 :::info
 After the export completes, the terminal may become unresponsive. If this happens, refresh the terminal.
 :::
+
 ### Step 4: Import data to the target database
+
 Import the data to your target MariaDB database:
+
 ```bash
-mariadb -u  -h  -p  < backup.sql
+mariadb -u <target_user> -h <target_host> -p<target_password> <target_database_name> < backup.sql
 ```
+
 Alternatively, you can download the `backup.sql` dump file for later use or to restore to a database outside of Zerops.
+
 ## High Availability
+
 For MariaDB services running in High Availability mode:
 - Backups are created on a randomly selected healthy node
 - Other nodes remain operational during the backup process
 - Manual backups typically run on the primary node
+
 ## Best Practices
+
 - Always create a manual backup with a protected tag before database migrations or major schema changes
 - Test your restore process periodically in a non-production environment
 - Monitor your backup storage usage in the Project Overview
 - Use descriptive tags like `pre-migration-v2` for important snapshots
+
 For additional best practices and troubleshooting, refer to the [main backup documentation](/features/backup).
 
 ----------------------------------------
 
 # Mariadb > How To > Connect
 
+
 ## Default MariaDB database and user
+
 Zerops creates a default database and a default user automatically when a new MariaDB service is [created](/mariadb/how-to/create).
+
 #### Database
+
 The default database name is identical to the service hostname. The default encoding is set to `utf8mb4`.
+
 #### DB user
+
 Default user name is identical to the service hostname. Default user password is generated randomly. You will find the password in [Zerops GUI](/mariadb/how-to/connect#copy-access-details-from-zerops-gui) or you can use the [environment variable](#use-mariadb-environment-variables).
+
 :::info
 Zerops creates a second DB user: `zps` for maintenance reasons with full privileges. Do not delete, change the password or remove privileges from this user, it will disrupt Zerops ability to maintain the database cluster.
 :::
+
 ## Copy access details from Zerops GUI
+
 You will find the MariaDB access details under the **Access details** button in the project dashboard page.
+
 The same information is available in the service detail page in the left menu under the **Peek access details** button.
+
 ### MariaDB access parameters:
+
 | Parameter             | Description                                                                                                                          |
 | --------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
 | **Hostname**          | The service hostname specified when the MariaDB service was created.                                                                 |
@@ -13687,29 +19550,46 @@ This port is fixed for all MariaDB services and cannot be customized.
 | **Password**          | Zerops sets a random password when the service is created.                                                                           |
 | **Connection string** | The connection string for MariaDB service is:
 `mysql://${user}:${password}@{hostname}:3306`                                      |
+
 ## Connect to MariaDB from runtime services of the same project
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 #### Example
+
 To connect to MariaDB `database1` service, set
+
 ```
 host = database1
 user = database1
 password = **********
 ```
+
 You will find the password under the [**Access details**](/mariadb/how-to/connect#copy-access-details-from-zerops-gui) button in Zerops GUI.
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB from other runtime services in the same project. Zerops MariaDB is not configured to support these protocols. The security is assured by the project private network. Due to security reasons Zerops doesn't allow exposing MariaDB service to the internet.
 :::
+
 ## Use MariaDB environment variables
+
 Zerops creates default environment variables for each MariaDB service to help you with connection from runtime services in the same project. To avoid the need to copy database access parameters manually, use environment variables in your [runtime service].
+
 ### Prefix the environment variable key
+
 All services of the same project can reference environment variables from other services. To use an environment variable from one service in another service in the same project, you must prefix the environment variable key with the service hostname and underscore.
+
 #### Example
+
 To access the `connectionString` env variable of the `mariadb1` service, use `mariadb1_connectionString` as the env variable key.
 To access the `password` env variable of the `mariadb2` service, use `mariadb2_password` as the env variable key.
+
 ### MariaDB environment variables
+
 List of service environment variables is available in Zerops GUI. Go to a MariaDB service detail and choose **Environment variables** in the left menu.
+
 Zerops creates following environment variables when the MariaDB service is created:
+
 | Variable              | Description                                                                                                                                                                                                                                                                                                                                                       |
 | --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **Hostname**          | The service hostname specified when the MariaDB service was created.                                                                                                                                                                                                                                                                                              |
@@ -13720,35 +19600,52 @@ This port is fixed for all MariaDB services and cannot be customized.
 | **serviceId**         | ID of the MariaDB service. Generated by Zerops.                                                                                                                                                                                                                                                                                                                   |
 | **Connection string** | The connection string for MariaDB service is:
 `mysql://${user}:${password}@{hostname}:3306`
+
 Connection string contains [references](/mariadb/how-to/connect#mariadb-access-parameters) to `user` and `password` variables. Each time the `user` or `password` variable is updated, the `connectionString` variable is automatically updated as well. |
 | **User**              | Zerops creates a database user automatically when the service is created. The user name is always identical to the service hostname.                                                                                                                                                                                                                              |
 | **Password**          | Zerops sets a random password when the service is created.                                                                                                                                                                                                                                                                                                        |
+
 :::caution
 When you change the value of the password env variable, only the env variable is updated, not the actual password of the MariaDB user. You have to update the password of the database user manually.
 :::
 :::caution
 When you change the password of the default MariaDB user in the database, the new password is not synchronised to the password env variable. You have to update the `password` env variable manually.
 :::
+
 You can create own custom [environment variables](/features/env-variables) for the MariaDB service in Zerops GUI and use them in the same way as the default variables.
+
 ## Connect to MariaDB in Zerops remotely
+
 :::caution
 Due to security reasons Zerops doesn't allow exposing MariaDB service directly to the internet.
 :::
+
 ### Start VPN connection
+
 You can securely connect to MariaDB from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool. To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn#start-vpn)
+
 ### Access MariaDB through VPN
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](#use-mariadb-environment-variables) are available when connected through VPN. To connect to MariaDB in Zerops you have to copy the [access details](#copy-access-details-from-zerops-gui) manually from Zerops GUI.
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 ### Stop VPN connection
+
 [Stop the Zerops VPN](/references/networking/vpn#stop-vpn) in zCLI.
+
 ### Connect to MariaDB from another Zerops project
+
 All services of the same project share a **dedicated private network**. You can use the service hostname to connect from one service to another within the same project.
+
 Different Zerops projects have no special connection. They can communicate with each other only via the internet. If you need to connect to a MariaDB service in a Zerops project from a runtime service in another project, you need to use the [Zerops VPN](#access-mariadb-through-vpn). Due to security reasons Zerops doesn't allow exposing MariaDB service directly to the internet.
 
+
 ----------------------------------------
 
 # Mariadb > How To > Control
@@ -13759,50 +19656,80 @@ Different Zerops projects have no special connection. They can communicate with
 
 # Mariadb > How To > Create
 
+
 MariaDB is the open source relational database loved by developers all over the world. Created by MySQL's original developers, MariaDB is compatible with MySQL and guaranteed to stay open source forever.
+
 ## Create MariaDB using Zerops GUI
+
 :::note
 If you're migrating from another database system such as MySQL, please review the [migration information](#migrating-from-other-database-systems) section first, as some critical settings must be configured at creation time.
 :::
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new MariaDB service:
+
+[Video: /vids/services/mariadb.webm](/vids/services/mariadb.webm)
+
 ### Choose MariaDB version
+
 Following MariaDB versions are currently supported:
+
 ### Set a hostname
+
 Enter a unique service identifier like `mariadb`, `sql`, `db` etc.
+
 #### Limitations:
+
 - Duplicate services with the same name within the same project are not allowed
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Configure auto scaling
+
 Zerops automatically scales MariaDB services based on actual database usage. Configure the scaling parameters to match your database needs and control costs.
+
 **CPU Mode**: Choose between shared (cost-effective) or dedicated (consistent performance).
+
 **Resource Limits**: Set minimum and maximum resources for CPU, RAM, and disk to control costs and ensure performance.
+
 **Deployment Mode**: Choose the reliability configuration for your MariaDB service:
+
 - **Highly Available**: Multiple containers with redundancy across different physical machines. Recommended for production environments.
 - **Single Container**: One container suitable for development and non-critical environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 :::tip Learn More
 For detailed scaling configuration, deployment mode details, and troubleshooting, see:
 - [How Zerops scales MariaDB](/mariadb/how-to/scale) - Database-specific scaling guide
 - [Automatic Scaling and High Availability](/features/scaling) - Complete technical details
 :::
+
 ## Create MariaDB using zCLI
+
 :::note
 If you're migrating from another database system such as MySQL, please review the [migration information](#migrating-from-other-database-systems) section first, as some critical settings must be configured at creation time.
 :::
+
 zCLI is the Zerops command-line tool. To create a new MariaDB service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](#create-a-project-description-file)
 3. Create a project and a MariaDB service
+
 ### Create a project description file
+
 Zerops uses a yaml format file to describe the project infrastructure.
+
 #### Basic example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
@@ -13817,9 +19744,13 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one MariaDB 10.4 service in single container mode with default [auto scaling](/mariadb/how-to/scale) configuration. Hostname will be set to `mariadb1`.
+
 #### Full example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
@@ -13861,112 +19792,169 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain two MariaDB 10.4 services.
+
 The hostname of the first service will be set to `mariadb1`. The highly available mode will be chosen and the custom [auto scaling configuration](/mariadb/how-to/scale) will be set. The `lower_case_table_names` system variable will be set to "1".
+
 The hostname of the second service will be set to `mariadb2`. The single container mode will be chosen and the default [auto scaling configuration](/mariadb/how-to/scale) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains only MariaDB services but you can create a `description.yaml` with [different types] of services.
-  
-      Parameter
-      Description
-      Limitations
-    
-      hostname
-      A unique service identifier like `mariadb`,`sql`, `db` etc.
-      
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      Specifies the service type and version.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">A unique service identifier like `mariadb`,`sql`, `db` etc.</td>
+      <td className="w-fit">
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">Specifies the service type and version.</td>
+      <td className="w-fit">
         See what [MariaDB service types](/references/import-yaml/type-list#database-services) are currently supported.
-      
-      mode
-      Defines the operation mode of MariaDB service.
-      
-        HA
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>mode</strong></td>
+      <td className="w-fit">Defines the operation mode of MariaDB service.</td>
+      <td className="w-fit">
+        <b>HA</b>
+
         Zerops will create a MariaDB cluster with 3 database containers and 2
         free database proxies. This mode is suited for production.
-        
+
         Zerops always keep the 3 database containers on different physical
         machines. All your data is stored redundantly in 3 copies. In case of a
         failure of a container or the underlying physical machine, Zerops
         automatically disconnects the failed container from the cluster, creates
         a new container and syncs all data from the remaining 2 copies. Finally
         the broken container is automatically deleted.
-        
-        NON_HA
-        
+
+        <b>NON_HA</b>
+
         Zerops will create a MariaDB database installed in a single container.
         Useful for non-essential data or dev environments.
-        
+
         Your data is stored only in a single container. If the container or the
         underlying physical machine fails, your data since the last backup are
         lost. Zerops doesn't provide any automatic repairs of single node
         MariaDB services.
-      
-      verticalAutoscaling
-      Defines custom vertical auto scaling parameters
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">Defines [custom vertical auto scaling parameters](/mariadb/how-to/scaling#configure-scaling)</td>
+      <td className="w-fit">
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-       - cpuMode
-      Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-       - minCpu/maxCpu
-      Set the minCpu or maxCpu in CPU cores (integer).
-      
-       - minRam/maxRam
-      Set the minRam or maxRam in GB (float).
-      
-       - minDisk/maxDisk
-      Set the minDisk or maxDisk in GB (float).
-      
-      envSecrets
-      Defines [secret environment variables](/features/env-variables#2-secret-variables) for the service
-      
-:::caution
-The MariaDB service **hostname** and **mode** are fixed after the service is created. They can't be changed later.
-:::
-### Create a project based on the description.yaml
-When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
-```sh
-Usage:
-  zcli project project-import importYamlPath [flags]
-Flags:
-  -h, --help                Help for the project import command.
-      --org-id string        If you have access to more than one organization, you must specify the org ID for which the
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong> - cpuMode</strong></td>
+      <td className="w-fit">Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong> - minCpu/maxCpu</strong></td>
+      <td className="w-fit">Set the minCpu or maxCpu in CPU cores (integer).</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong> - minRam/maxRam</strong></td>
+      <td className="w-fit">Set the minRam or maxRam in GB (float).</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong> - minDisk/maxDisk</strong></td>
+      <td className="w-fit">Set the minDisk or maxDisk in GB (float).</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">Defines [secret environment variables](/features/env-variables#2-secret-variables) for the service</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
+:::caution
+The MariaDB service **hostname** and **mode** are fixed after the service is created. They can't be changed later.
+:::
+
+### Create a project based on the description.yaml
+
+When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
+```sh
+Usage:
+  zcli project project-import importYamlPath [flags]
+
+Flags:
+  -h, --help                Help for the project import command.
+      --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add MariaDB service to an existing project
+
 #### Example
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```bash
 # array of project services
 services:
@@ -13981,56 +19969,87 @@ services:
     envSecrets:
       lower_case_table_names: "1"
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one MariaDB 10.4 service in single container mode with default [auto scaling](/mariadb/how-to/scale) configuration will be added to your project. Hostname of the new service will be set to `mariadb1`. The `lower_case_table_names` system variable will be set to "1".
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file](#create-a-project-description-file). The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the `import.yaml` file is 100 kB.
+
 ## Migrating from other database systems
+
 ### Configure system variables
+
 When migrating to MariaDB in Zerops from other database systems, you may need to configure specific system variables to maintain compatibility with your existing applications.
+
 #### Setting `lower_case_table_names` for MySQL compatibility
+
 The `lower_case_table_names` system variable determines how MariaDB handles table name case sensitivity:
-  
-      Value
-      Table Name Storage
-      Comparison Behavior
-    
-      0
-      Stored as specified (preserves case)
-      Case-sensitive
-    
-      1
-      Stored in lowercase
-      Case-insensitive
-    
-      2
-      Stored as specified (preserves case)
-      Case-insensitive
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Value</strong></th>
+      <th className="w-fit"><strong>Table Name Storage</strong></th>
+      <th className="w-fit"><strong>Comparison Behavior</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>0</strong></td>
+      <td className="w-fit">Stored as specified (preserves case)</td>
+      <td className="w-fit">Case-sensitive</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>1</strong></td>
+      <td className="w-fit">Stored in lowercase</td>
+      <td className="w-fit">Case-insensitive</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>2</strong></td>
+      <td className="w-fit">Stored as specified (preserves case)</td>
+      <td className="w-fit">Case-insensitive</td>
+    </tr>
+  </tbody>
+</table>
+
 :::caution
 This variable must be configured when the MariaDB instance is first created and cannot be changed afterward. This is a limitation of MariaDB itself, not specific to Zerops.
 :::
+
 When configuring this in Zerops:
+
 - **Using GUI**: Set the `lower_case_table_names` parameter in the advanced options section when creating a new MariaDB service
 - **Using YAML**: Include it in your service configuration under the `envSecrets` section (see examples in the [Create MariaDB using zCLI](#create-mariadb-using-zcli) section)
+
 ##### Migration considerations
+
 If you're migrating from MySQL to MariaDB and your application relies on a specific table name case handling:
+
 1. Determine the value used in your source MySQL installation
 2. Configure the same value in your Zerops MariaDB configuration before initializing the database
 3. For most migrations from MySQL 5.7, setting the value to "1" is recommended for compatibility
+
 After deploying your MariaDB service, you can verify the settings with this SQL command:
+
 ```sql
 SELECT @@lower_case_file_system, @@lower_case_table_names;
 ```
+
 :::important
 If you need to change this setting after the database has been initialized, you'll need to create a new MariaDB service with the correct configuration and migrate your data.
 :::
@@ -14039,59 +20058,94 @@ If you need to change this setting after the database has been initialized, you'
 
 # Mariadb > How To > Export Import Data
 
+
 ## Use Adminer to export or import data
+
 [Adminer ↗](https://www.adminer.org) is an open source full-featured database management tool written in PHP.
+
 1. [Install Adminer to Zerops](/mariadb/how-to/manage#how-to-install-adminer-to-zerops)
 2. Use Adminer standard export or import functions
+
 ## Use phpMyAdmin to export or import data
+
 [phpMyAdmin ↗](https://www.phpmyadmin.net) is a free software tool written in PHP, intended to handle the administration of MariaDB over the Web.
+
 1. [Install phpMyAdmin to Zerops](/mariadb/how-to/manage#how-to-install-phpmyadmin-to-zerops)
 2. Use phpMyAdmin standard export or import functions
+
 ## Use a database management tool on your workstation to export or import data
+
 Do you already use a database management tool that supports MariaDB on your workstation? Connect it securely to MariaDB from your local workspace via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to MariaDB remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely).
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 Once the connection to MariaDB is established, use the standard export or import functions of your favourite management tool.
+
 ## Use mysql CLI to export or import data
+
 If you are using the [mysql ↗](https://dev.mysql.com/doc/refman/8.1/en/mysql.html) command-line client to manage your MariaDB on your local workspace, you can connect it securely to MariaDB via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to MariaDB remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely).
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](/mariadb/how-to/connect#use-mariadb-environment-variables) are available when connected through VPN. To connect to MariaDB in Zerops you have to copy the [access details](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely) manually from Zerops GUI.
+
 Use [mysql ↗](https://dev.mysql.com/doc/refman/8.1/en/mysql.html) command to connect to MariaDB in Zerops:
+
 ```sh
 mysql -h [hostname] -u [user] -p [password] [database_name]
 ```
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 To export your database data and structure, use the [mysqldump ↗](https://dev.mysql.com/doc/refman/8.1/en/mysqldump.html) command.
+
 ```sh
 mysqldump -h [hostname] -u [user] –p [password] [database_name] > dumpfilename.sql
 ```
+
 To import your database data and structure, use the `mysql` command.
+
 ```sh
 mysql -h [hostname] -u [user] –p [password] [database_name] < dumpfilename.sql
 ```
 
+
 ----------------------------------------
 
 # Mariadb > How To > Manage
 
+
 ## Default database and user
+
 Zerops creates a default database and a default user automatically when a new MariaDB service is [created](/mariadb/how-to/create).
+
 #### Database
+
 The default database name is identical to the service hostname. The default encoding is set to `utf8mb4`.
+
 #### DB user
+
 Default user name is identical to the service hostname. Default user password is generated randomly. You will find the password in [Zerops GUI](/mariadb/how-to/connect#copy-access-details-from-zerops-gui) or you can use the [environment variable](/mariadb/how-to/connect#use-mariadb-environment-variables).
+
 :::info
 Zerops creates a second DB user: `zps` for maintenance reasons with full privileges. Do not delete, change the password or remove privileges from this user, it will disrupt Zerops ability to maintain the database cluster.
 :::
+
 ## How to install Adminer to Zerops
+
 [Adminer ↗](https://www.adminer.org) is a open source full-featured database management tool written in PHP.
+
 ### Single-click installation
+
 To install Adminer into your project, open your project in Zerops GUI and select **import services** in the left menu.
+
 Copy the following yaml file into the text area and start the import:
+
 ```yaml
 services:
   - # Service will be accessible through zCLI VPN under: http://adminer
@@ -14107,25 +20161,41 @@ services:
     # Link to Zerops repository that contains Adminer code with Zerops build and deploy instructions.
     buildFromGit: https://github.com/zeropsio/recipe-adminer@main
 ```
+
 When the import is finished, Adminer will be running as a PHP service in your project.
+
 ## How to access Adminer
+
 ### Use Zerops VPN
+
 By default Adminer service is private and is accessible from your local workstation over VPN.
+
 You can securely connect to MariaDB from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool. To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn)
 3. Type `http://adminer` into your browser
+
 :::caution
 Do not use https when connecting to Adminer via VPN.
 :::
+
 ### Enable public access
+
 You can enable the public access to the Adminer service via the [Zerops subdomain].
+
 Or you can configure the [Public routing] on the Adminer service to make it accessible on your own domain.
+
 ## How to install phpMyAdmin to Zerops
+
 [phpMyAdmin ↗](https://www.phpmyadmin.net) is a free software tool written in PHP, intended to handle the administration of MariaDB over the Web.
+
 ### Single-click installation
+
 To install phpMyAdmin into your project, open your project in Zerops GUI and select **import services** in the left menu.
+
 Copy the following yaml file into the text area and start the import:
+
 ```yaml
 services:
   - # Service will be accessible through zCLI VPN under: http://phpmyadmin
@@ -14141,240 +20211,393 @@ services:
     # Link to Zerops repository that contains Adminer code with Zerops build and deploy instructions.
     buildFromGit: https://github.com/zeropsio/recipe-phpmyadmin@main
 ```
+
 When the import is finished, phpMyAdmin will be running as a PHP service in your project.
+
 ## How to access phpMyAdmin
+
 ### Use Zerops VPN
+
 By default phpMyAdmin service is private and is accessible from your local workstation over VPN.
+
 You can securely connect to MariaDB from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool. To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn)
 3. Type `http://phpmyadmin` into your browser
+
 :::caution
 Do not use https when connecting to phpMyAdmin via VPN.
 :::
+
 ### Enable public access
+
 You can enable the public access to the phpMyAdmin service via the [Zerops subdomain].
+
 Or you can configure the [Public routing] on the phpMyAdmin service to make it accessible on your own domain.
+
 ## How to use a database management tool on your workstation
+
 Do you already use a database management tool that supports MariaDB on your workstation? Connect it securely to MariaDB from your local workspace via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to MariaDB remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely).
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 ## How to use mysql CLI on your workstation
+
 If you use the [mysql ↗](https://dev.mysql.com/doc/refman/8.1/en/mysql.html) command-line client to manage your MariaDB on your local workspace, you can connect it securely to MariaDB via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to MariaDB remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely).
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely) are available when connected through VPN. To connect to MariaDB in Zerops you have to copy the [access details](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely) manually from Zerops GUI.
+
 Use `mysql` command to connect to MariaDB in Zerops:
+
 ```sh
 mysql -h [hostname] -u [user] -p [password] [database_name]
 ```
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
 
+
 ----------------------------------------
 
 # Mariadb > How To > Scale
 
+
 Zerops automatically scales your MariaDB service based on actual database usage. When your database needs more power, resources increase. When demand drops, resources scale down to reduce costs.
+
 :::tip Read More
 For complete scaling details across all services, see [Automatic Scaling and High Availability](/features/scaling).
 :::
+
 ## How MariaDB scaling works
+
 MariaDB services use **vertical scaling** to adjust CPU, RAM, and disk resources within containers based on usage patterns. Unlike runtime services, MariaDB does not use horizontal scaling (adding/removing containers). Instead, MariaDB services use deployment modes for high availability.
+
 ## Configure scaling
+
 You can configure scaling settings:
+
 - **During service creation** - Set initial scaling parameters when [creating](/mariadb/how-to/create) your MariaDB service
 - **During import** - Define scaling configuration in your YAML import file using `verticalAutoscaling` parameters
 - **After service creation** - Navigate to your MariaDB service and select **Automatic scaling configuration** to modify settings
+
 ### Basic settings
-  
+
 **CPU Mode**: Choose between shared (cost-effective, variable performance) or dedicated (consistent performance, higher cost). You can change CPU mode once per hour. See [pricing](https://zerops.io/#pricing) for costs.
+
 **Resource limits**: Configure minimum and maximum resources for your MariaDB service:
+
 - **Lower the maximum** to control costs and prevent over-scaling
 - **Raise the minimum** when you need guaranteed baseline performance
 - **Set minimum = maximum** to disable automatic scaling for that specific resource
+
 **Deployment mode**: Choose the reliability configuration for your MariaDB service:
+
 - **Single Container**: One container with vertical scaling only. Suitable for development environments.
 - **Highly Available**: Multiple containers with built-in redundancy. Recommended for production environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 When a container fails in HA mode, Zerops automatically replaces it with a new container on a different physical machine and synchronizes data from healthy copies.
+
 ### Advanced settings
+
 **Start CPU cores**: Determines how many CPU cores are allocated during database startup. Increase this value if your MariaDB service starts slowly or requires more processing power during initialization.
+
 **RAM thresholds**: Help prevent out-of-memory crashes by maintaining buffer space:
+
 - **Absolute (GB)**: Maintains this amount of free RAM at all times
 - **Percentage**: Keeps this percentage of total RAM free
+
 Consider increasing these values if your database experiences memory-related issues.
-  
+
 :::info Read More
 For detailed technical parameters and scaling behavior, see [Automatic Scaling and High Availability](/features/scaling#resource-scaling-behavior).
 :::
+
 ## Monitor usage
+
 Navigate to your MariaDB service and select **Service containers & Overview** to view:
 - CPU, RAM, and disk usage over time
 - Historical scaling events
 - Container health status
+
 ## Technical details
+
 Zerops monitors database usage and automatically adjusts resources based on predefined thresholds and timing parameters. The scaling behavior follows the same principles as other services in the platform.
+
 For complete technical specifications including:
 - Resource monitoring intervals and thresholds
 - Scale-up and scale-down timing parameters
 - Scaling increments and steps
 - Detailed scaling behavior patterns
+
 See [Resource Scaling Behavior](/features/scaling#resource-scaling-behavior) in the general scaling documentation.
+
 ## Common issues
+
 **Out of memory errors**
 - Increase minimum free RAM settings in your scaling configuration
 - Consider raising the minimum RAM allocation
 - Check for memory-intensive queries or operations
+
 **Higher than expected costs**
 - Consider lowering your maximum resource limits
 - Review scaling patterns in the monitoring dashboard
+
 **Slow database startup**
 - Increase the "Start CPU cores" setting
 - Consider switching to dedicated CPU mode for consistent performance
+
 *Need help? Join our [Discord community](https://discord.gg/zerops) for assistance!*
 
 ----------------------------------------
 
 # Mariadb > Overview
 
+
 [MariaDB ↗](https://mariadb.org/) is one of the most popular open source relational databases. It’s made by the original developers of MySQL and guaranteed to stay open source.
+
 ## Feature Highlights
+
+- [Create MariaDB service](/mariadb/how-to/create) — Start with creating a MariaDB service using GUI or zCLI.
+- [Import config file](/mariadb/how-to/create#full-example) — Use an example config file to import your own app.
+
 ### Connect to MariaDB service
+
+- [Manage users and databases](/mariadb/how-to/manage)
+- [Connect from the same project](/mariadb/how-to/connect#connect-to-mariadb-from-runtime-services-of-the-same-project)
+- [Connect remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely)
+
 ### Others
+
+- [Scale MariaDB service](/mariadb/how-to/scale)
+- [Export and import data](/mariadb/how-to/export-import-data)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/mariadb/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Mariadb > Tech Details > Cluster
 
+
 The following description applies only to the [highly available mode](/features/scaling#highly-available-ha-mode) of the MariaDB service.
+
 ## Description of MariaDB cluster
+
 MariaDB cluster in highly available mode contains 3 database containers and 2 free database proxies.
+
 #### 1 write node + 2 read nodes
+
 Zerops always keeps the 3 database containers on different physical machines. A MariaDB cluster node is installed in each database container. First a writer node is started followed by 2 read nodes. All your data is stored redundantly in 3 identical copies.
+
 If the container with one of the reader nodes fails, Zerops disconnects it from the MariaDB cluster. Zerops then creates a new container with a MariaDB read node inside, connects it to the cluster and starts the synchronisation of the data to the new node. Finally the broken container is deleted.
+
 If the container with the writer node fails, Zerops disconnects it from the MariaDB cluster and one of the read nodes is automatically promoted to the writer node. Zerops creates a new container with a MariaDB read node inside, connects it to the cluster and starts the synchronisation of the data to the new node. Finally the broken container is deleted.
+
 #### 2 database proxies
+
 Zerops uses [MaxScale 2.5 ↗](https://mariadb.com/kb/en/maxscale/), this database proxy is optimised specifically for MariaDB. MaxScale database proxy understands the mysql protocol. It forwards all **write requests** to the writer node and all **read requests** to read nodes.
+
 Zerops creates 2 containers with MaxScale database proxy and connects them to the database cluster in the highly available infrastructure. Zerops always keep the 2 database proxies on different physical machines.
+
 If a container with the database proxy fails, Zerops starts a new container automatically. Database proxy doesn't contain any data therefore the start of the new database proxy is fast.
+
 ## Synchronous vs. Asynchronous replication
+
 #### Synchronous replication
+
 Synchronous replication guarantees that when a change happens on the write node, it is replicated on the read nodes synchronously. Synchronous replication uses a distributed locking which proved to be very slow. The data replication from the write node to the read nodes takes some time and the write transactions must wait until the changed data is successfully replicated to all database nodes. In case one of the database nodes is overloaded, the whole cluster becomes very slow.
+
 #### Asynchronous replication
+
 Asynchronous replication gives no guarantees about the delay between applying changes on the write node and the propagation of changes to all read nodes. The delay is usually very short but when one of the read containers is overloaded the delay can be longer. The main benefit of the asynchronous replication is the performance. Write transaction is completed when the write node successfully commits the transaction locally and writes it to the write-ahead log that prevents the loss of data.
+
 The downside of the asynchronous replication is no guarantee that the read nodes will always return the current data. In some cases a `SELECT` query that quickly follows the previous `COMMIT` may return old data. As mentioned above, the database proxy forwards all read requests to read nodes. When the read node processes the `SELECT` query before the replication of the previous transaction is finished, old data is returned.
+
 Zerops uses the asynchronous replication in MariaDB cluster.
+
 ## How to deal with situations when old data is returned
+
 #### Use explicit transactions
+
 MariaDB cluster returns old data most often when you use the `SELECT` query right after the `COMMIT` in the same algorithm. This problem can be solved by moving the `SELECT` query into the transaction. All queries inside a `BEGIN..COMMIT` transaction are always executed against the write node.
+
 #### Enable synchronous checks for SELECT queries
+
 For a critical read that must have the most up-to-date data use the `wsrep_sync_wait` option:
+
 ```sh
 SET SESSION wsrep_sync_wait=1;
 SELECT ...;
 SET SESSION wsrep_sync_wait=0;
 ```
+
 When the `wsrep_sync_wait=1` option is used, the read node will synchronise data from the write node before executing the query. The read node will wait until all updates from the write node that were committed before the `SELECT` query was received and only then executes the query.
 
+
 ----------------------------------------
 
 # Mariadb > Tech Details > Limitations
 
+
 The following description applies only to the [highly available mode](/features/scaling#highly-available-ha-mode) of the MariaDB service.
+
 #### InnoDB only
+
 Only the InnoDB storage engine is supported.
+
 #### Mandatory table primary key
+
 All database tables should have a primary key. A multi-column primary key can also be used. `DELETE` operations are unsupported on tables without a primary key. Also, rows in tables without a primary key may appear in a different order on different nodes.
+
 #### Limited locks support
+
 No support for explicit locks, including `LOCK TABLES`, `FLUSH TABLES {explicit table list} WITH READ LOCK`, `GET_LOCK`, `RELEASE_LOCK`. These limitations can be overcome using transactions. Global locking operators like `FLUSH TABLES WITH READ LOCK` are supported.
+
 #### Do not use local exports
+
 Do not use `SELECT INTO OUTFILE` or `SELECT INTO DUMPFILE` commands. It will create a file on one of the database containers that will receive the request. Zerops doesn't support direct access into the MariaDB database containers so you won't be able to access the file. Learn more about [how to export and import MariaDB data](/mariadb/how-to/export-import-data).
+
 [Full list of MariaDB cluster limitations ↗](https://mariadb.com/kb/en/mariadb-galera-cluster-known-limitations/)
 
+
 ----------------------------------------
 
 # Meilisearch > Overview
 
+
 Deploy and manage Meilisearch on a fully managed infrastructure. Get instant access to fast, typo-tolerant search with zero operational overhead.
+
 ## Supported Versions
+
 Currently supported Meilisearch versions:
+
 Import configuration version:
+
+- `meilisearch@1.20`
+- `meilisearch@1.10`
+
 ## Service Configuration
+
 Our Meilisearch implementation runs as a **single-node** setup, as Meilisearch does not currently support cluster configurations.
+
 ### Environment Modes
+
 :::note
 Environment mode affects the availability of certain features and can impact your application's security. Choose carefully based on your use case.
 :::
+
 #### Production Mode (Default)
 - Optimized for performance and security
 - Search Preview (Mini-dashboard) disabled
 - Recommended for production deployments
+
 #### Development Mode
 - Includes Search Preview (Mini-dashboard)
 - Enhanced debugging capabilities
 - Suitable for development and testing
+
 To switch between modes:
 1. Navigate to the **Environment variables** section in the Meilisearch service detail and scroll to the **Generated Variables**
 2. Set the `environment` variable to either:
    - `production` - for production mode (default)
    - `development` - for development mode with Mini-dashboard
 3. Restart the service to apply changes
+
 ### API Key Management
+
 The service provides three pre-configured API keys, each with specific access levels:
+
 #### `masterKey`
 - Root access to your Meilisearch instance
 - Use only for initial setup and key management
 - **Never expose in application code or frontend**
+
 #### `defaultSearchKey`
 - Read-only search operations across all indices
 - Safe for frontend implementations
 - **Can be exposed in client-side code**
+
 #### `defaultAdminKey`
 - Full administrative access to all indices
 - For backend operations and index management
 - **Keep secure in backend services only**
+
 [Custom API keys](https://www.meilisearch.com/docs/reference/api/keys) provide fine-grained access control for specific use cases. For example, you might create:
 - Search-only keys for specific indices
 - Temporary keys with expiration dates
 - Keys with restricted actions for third-party integrations
+
 ## Network Architecture & Access
+
 ### Access Methods
+
 #### Public HTTPS Access
 When enabled, access via [Zerops subdomain](/references/networking/public-access#zerops-subdomain-access).
+
 #### Internal Project Access
 Services within the same project can reach Meilisearch directly:
 ```
 http://{hostname}:7700
 ```
+
 ## Backup
+
 Meilisearch backups are created using native dump commands:
+
 - **Format**: `.dump` (standard Meilisearch dump)
 - **Tooling**: Native dump command
 - **Content**: Contains index data and settings
+
 For backup configuration, scheduling, retention policies, and management options, see the [Zerops Backups](/features/backup) documentation.
+
 ### Restoring Backups
+
 To restore a Meilisearch backup:
+
 1. **Download** the backup file (`.dump`) from the Zerops UI
 2. **Prepare** your target environment (clean existing indices or use a new instance)
 3. **Restore** using the Meilisearch API. Use the dump import endpoint to restore your data. Follow the [official Meilisearch documentation](https://www.meilisearch.com/docs/learn/data_backup/dumps#importing-a-dump-in-self-hosted-instances) for detailed restore procedures.
+
 For assistance with the restoration process, contact Zerops support.
+
 ## Quick Start Example
+
 Here's a minimal example of implementing search in a React application:
+
 ```javascript
+
 const MEILISEARCH_URL = process.env.zeropsSubdomain;
 const SEARCH_KEY = process.env.defaultSearchKey;
+
 function SearchComponent() {
   const [results, setResults] = useState([]);
+
   const handleSearch = async (query) => {
     const response = await fetch(`${MEILISEARCH_URL}/indexes/products/search`, {
       method: 'POST',
@@ -14387,55 +20610,73 @@ function SearchComponent() {
         limit: 10
       })
     });
+
     const data = await response.json();
     setResults(data.hits);
   };
+
   return (
-    
-       handleSearch(e.target.value)}
+    <div>
+      <input
+        type="search"
+        onChange={(e) => handleSearch(e.target.value)}
         placeholder="Search products..."
       />
-      
+      <ul>
         {results.map(hit => (
-          {hit.name}
+          <li key={hit.id}>{hit.name}</li>
         ))}
-      
+      </ul>
+    </div>
   );
 }
 ```
+
 ## Best Practices
+
 #### Security
 - Store sensitive keys (`masterKey`, `defaultAdminKey`) securely in backend services
 - Use `defaultSearchKey` or custom keys with minimal permissions for frontend
 - Rotate custom keys periodically
+
 #### Performance
 - Implement debouncing for search inputs
 - Cache frequently accessed search results
 - Monitor response times and adjust index settings
 - Use appropriate batch sizes for bulk operations
+
 #### Error Handling
 - Implement retry logic for temporary failures
 - Set appropriate timeout values for your use case
 - Handle rate limiting gracefully
+
 ## Troubleshooting
+
 ### Common Issues
+
 #### Connection Problems
 - Check if your instance is in the correct environment mode
 - Ensure your API keys have the necessary permissions
 - Confirm your service is running and healthy in the Zerops dashboard
+
 #### Search Performance
 - Review your index settings for optimal search performance
 - Monitor your instance's resource usage
 - Consider implementing client-side caching for frequent searches
+
 #### API Key Issues
 - Verify you're using the correct key type for your operation (search vs. admin)
 - Check key permissions match your intended operations
 - Ensure keys are properly formatted in your Authorization header
 - Remember that master and admin keys should never be used in frontend code
+
 ## Learn More
+
 - [Official Meilisearch Documentation](https://www.meilisearch.com/docs) - Comprehensive guide to all Meilisearch features and capabilities
 - [API Reference](https://www.meilisearch.com/docs/reference/api/overview) - Detailed API specifications and usage examples
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zeropsio)
 - Contact support via [email](mailto:support@zerops.io)
@@ -14444,90 +20685,141 @@ For advanced configurations or custom requirements:
 
 # Nats > Overview
 
+
 Zerops provides a fully managed [NATS](https://nats.io/) messaging system with automated scaling and zero infrastructure overhead, letting developers focus entirely on development.
+
 ## Supported Versions
+
 Currently supported NATS version:
+
 Import configuration version:
+
+- `nats@2.12`
+- `nats@2.10`
+
 ## Service Configuration
+
 Our NATS implementation features optimized default settings designed for common use cases.
+
 **Key configuration aspects** include:
 - Standard protocol port `4222` for client connections
 - HTTP monitoring interface `8222` for management
 - Secure authentication with automatically generated credentials
 - Optimized settings for performance and reliability
+
 You can fine-tune your NATS service by adjusting **environment variables**:
+
 ### Available Configuration Options
+
 :::note
 If certain variables are not visible in your configuration, they may have been introduced after your service was created. Simply add them as [secret variables](/features/env-variables#2-secret-variables) to access the functionality.
 :::
-  
-      Variable
-      Description
-    
-      MAX_PAYLOAD
-      Defines the maximum allowed message size for all NATS traffic. Default: 8MB, Maximum: 64MB. See NATS limits documentation for details.
-    
-      JET_STREAM_ENABLED
-      Controls whether JetStream functionality is enabled. Default: 1 (enabled), Set to 0 to disable. See JetStream Configuration section below for more details.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Variable</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><code>MAX_PAYLOAD</code></td>
+      <td className="w-fit">Defines the maximum allowed message size for all NATS traffic. Default: <code>8MB</code>, Maximum: <code>64MB</code>. See [NATS limits documentation](https://docs.nats.io/running-a-nats-service/configuration#limits) for details.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><code>JET_STREAM_ENABLED</code></td>
+      <td className="w-fit">Controls whether JetStream functionality is enabled. Default: <code>1</code> (enabled), Set to <code>0</code> to disable. See [JetStream Configuration](#jetstream-configuration) section below for more details.</td>
+    </tr>
+  </tbody>
+</table>
+
 :::important
 Configuration changes require a service **restart** to take effect. While NATS itself supports configuration hot-reload, this feature will be implemented in a future Zerops update.
 :::
+
 After restarting, check your service logs to confirm the changes were applied successfully.
+
 ### JetStream Configuration
+
 The service includes [JetStream](https://docs.nats.io/nats-concepts/jetstream) functionality **enabled by default**, providing persistent storage capabilities for your messaging workloads:
 - **Memory store**: Up to 40GB for high-performance message caching
 - **File store**: Up to 250GB for persistent storage
 - **Regular sync intervals**: Ensures data durability and consistency
+
 :::note
 In HA deployments, data persistence is further enhanced with 1-minute sync intervals across all nodes, ensuring robust data durability and high availability.
 :::
+
 This configuration provides a robust foundation for message persistence while balancing performance and reliability.
+
 :::tip
 Disabling JetStream can reduce resource utilization for applications that don't require message persistence.
 :::
+
 ### Deployment Modes
+
 :::warning
 Deployment mode is selected during service creation and cannot be changed later.
 :::
+
 #### Non-HA Mode
 - Suitable for development and testing
 - Data persistence not guaranteed during node failures
 - Lower resource requirements
+
 #### HA Mode
 - Creates a multi-node NATS cluster
 - Configures routes between cluster nodes automatically
 - Implements [NATS clustering](https://docs.nats.io/running-a-nats-service/configuration/clustering) for high availability
 - Provides improved reliability compared to non-HA deployments
+
 ### Authentication Management
+
 Authentication credentials are automatically generated and managed by the platform. The system creates a default user (`zerops`) with a secure 16-character password. You can access these credentials through:
 - The service access details in the Zerops GUI
 - Environment variables in your service configuration:
   - `user` - Username for authentication (default: "zerops")
   - `password` - Generated secure password
   - `connectionString` - Complete connection string in the format `nats://${dbUser}:${dbPassword}@${hostname}:${port}`
+
 ## Health Monitoring
+
 Zerops continuously monitors your NATS service health using built-in health checks:
+
 - **HTTP Health Check**: The system checks the `/healthz` endpoint at port 8222
 - **Self-Healing**: The platform automatically recovers unhealthy nodes when issues are detected
+
 ### Health Status
+
 You can check the health status of your NATS service:
+
 1. Through the Zerops GUI dashboard
 2. By accessing the management interface at port `8222`
+
 ## Backup and Recovery
+
 NATS backups are created using filesystem archival:
+
 - **Format**: `.tar.gz` (archive of queue state)
 - **Tooling**: Filesystem archival
 - **Content**: Captures persistent message state
+
 For backup configuration, scheduling, retention policies, and management options, see the [Zerops Backups](/features/backup) documentation.
+
 ### Restoring Backups
+
 To restore a NATS backup:
+
 1. **Download** the backup file (`.tar.gz`) from the Zerops UI
 2. **Extract** the archive to access the queue state data
 3. **Prepare** your target environment (clear existing data if needed)
 4. **Restore** using NATS CLI commands via Zerops VPN or during deployment. Follow the [official NATS documentation](https://docs.nats.io/running-a-nats-service/nats_admin/jetstream_admin/disaster_recovery) for detailed restore procedures.
+
 For assistance with the restoration process, contact Zerops support.
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zerops)
 - Contact support via [email](mailto:support@zerops.io)
@@ -14536,25 +20828,33 @@ For advanced configurations or custom requirements:
 
 # Nginx > Faq
 
-  Question: How do I enable SEO optimization with prerender.io?
-Answer: 
-    Zerops provides built-in prerender.io support. Simply set the `PRERENDER_TOKEN` environment variable with your prerender.io service token. See our [prerender.io documentation](/nginx/how-to/env-variables#prerenderio-support) for details.
-  
+
+  **Question: How do I enable SEO optimization with prerender.io?**
+
+Zerops provides built-in prerender.io support. Simply set the `PRERENDER_TOKEN` environment variable with your prerender.io service token. See our [prerender.io documentation](/nginx/how-to/env-variables#prerenderio-support) for details.
+
 
 ----------------------------------------
 
 # Nginx > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your static content.
+
 :::tip Two Deployment Approaches
 You can use the Nginx service in two ways:
 - **Runtime only**: Deploy pre-built static files directly (no build phase needed)
 - **Build + Runtime**: Use a frontend framework (Node.js, PHP, Python, etc.) to build your application, then serve it with Nginx
+
 The build phase is completely optional. If you already have built files, skip the build section and configure only the [runtime](#runtime-configuration).
+
 If you just need to deploy your static content, use the [manual deploy](/nginx/how-to/trigger-pipeline#manual-deploy-using-zerops-cli) via Zerops CLI.
 :::
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -14566,51 +20866,65 @@ zerops:
     build:
       # REQUIRED (if using build). Set the base technology for the build environment:
       base: nodejs@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
+
       # REQUIRED (if using build). Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: nginx@latest
+
       # OPTIONAL. Customize the runtime Nginx environment by installing additional
       # dependencies to the base Nginx runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Nginx application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # OPTIONAL. Customize the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx configuration. The file must be deployed in
       # the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -14621,6 +20935,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -14630,12 +20945,20 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Nginx version for your runtime.
+
 Following options are available for Nginx builds:
+
+- `nginx@1.22`, `nginx@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -14645,18 +20968,25 @@ zerops:
       # REQUIRED (if using build). Sets the base technology for the build environment:
       base: nodejs@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: nginx@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
-  selected major version of Nginx, Zerops command line tool and `composer`, `git` and `wget`.
+  selected major version of Nginx, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -14666,6 +20996,7 @@ zerops:
       # REQUIRED (if using build). Sets the base technology for the build environment:
       base: nodejs@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -14675,52 +21006,86 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 :::info
 If no ports are specified, Zerops adds the port TCP 80 automatically.
 :::
+
 :::caution
 If you want the web server to listen on other port(s) than `:80`, you must [customize](/nginx/how-to/customize-web-server) your web server configuration as well.
 :::
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Nginx static service with hostname = "app" and port = 80 from another service of the same project, simply use `app:80`. Read more about [how to access a Nginx static service](/references/networking/internal-access#basic-service-communication).
+
 :::info
 Do not use the port **:443**. All the incoming traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your Nginx static service as a **http://** on the port **:80**.
 :::
+
 Each port has following attributes:
-  
-    Parameter
-    Description
-  
-    port
-    Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-  
-    protocol
-    Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-  
-    httpSupport
-    Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-  
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit"><strong>Parameter</strong></th>
+    <th className="w-fit"><strong>Description</strong></th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit">port</td>
+    <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+  </tr>
+  <tr>
+    <td className="w-fit">protocol</td>
+    <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+  </tr>
+  <tr>
+    <td className="w-fit">httpSupport</td>
+    <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+  </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the Nginx runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Nginx environment contains {data.alpine.default}, the selected
-  major version of Nginx, Zerops command line tool and `composer`, `git` and `wget`. To install
+  major version of Nginx, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -14728,6 +21093,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -14737,28 +21103,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/nginx/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
-  
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances.
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Nginx, Zerops command line tool and `composer`, `git` and `wget`.
+  selected major version of Nginx, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the build section of your chosen technology.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -14767,6 +21150,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -14776,15 +21160,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -14793,48 +21182,71 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Nginx application is started.
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/nginx/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/nginx/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances.
+
 ### documentRoot
+
 _OPTIONAL._ Customizes the folder that will be used as the root of the publicly accessible web server content.
+
 :::info
 By default, the document root is configured to `/var/www`.
 :::
+
 Customize the folder that will be used as the root of the publicly accessible web server content. Enter the path relative to the `/var/www` folder.
 E.g. `documentRoot: public` will set the web server document root to `/var/www/public`.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
 ```
+
 ### siteConfigPath
+
 _OPTIONAL._ Sets the custom Nginx configuration.
+
 :::info
 If you don't set your custom configuratiin Zerops applies the [default](/nginx/how-to/customize-web-server#default-nginx-configuration) configuration.
 :::
+
 The file must be deployed in the runtime container. Enter the path to the file relative to the `/var/www` folder.
 Read more about the [web server customization](/nginx/how-to/customize-web-server).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -14848,44 +21260,66 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/nginx/how-to/env-variables) in Zerops.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-    Parameter
-    Description
-  
-    port
-    Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-  
-    path
-    Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-  
-    host
-    Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-  
-    scheme
-    Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-  
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit whitespace-nowrap">Parameter</th>
+    <th className="w-fit whitespace-nowrap">Description</th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">port</td>
+    <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">path</td>
+    <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">host</td>
+    <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+    <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+  </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -14893,31 +21327,48 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-    Parameter
-    Description
-  
-    command
-    
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit"><strong>Parameter</strong></th>
+    <th className="w-fit"><strong>Description</strong></th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit"><strong>command</strong></td>
+    <td className="w-fit">
       Defines a local command to be run.
-      The command has access to the same environment variables as your Nginx application.
+
+      The command has access to the same [environment variables](/nginx/how-to/create#set-secret-environment-variables) as your Nginx application.
+
       A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-    
+    </td>
+  </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -14926,39 +21377,60 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/nginx/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-    Parameter
-    Description
-  
-    port
-    Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-  
-    path
-    Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-  
-    host
-    Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-  
-    scheme
-    Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-  
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit whitespace-nowrap">Parameter</th>
+    <th className="w-fit whitespace-nowrap">Description</th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">port</td>
+    <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">path</td>
+    <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">host</td>
+    <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+    <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+  </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -14967,30 +21439,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/nginx/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-    Parameter
-    Description
-  
-    command
-    
-      Defines a local command to be run.
-      The command has access to the same environment variables as your Nginx application.
-      A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-    
-**Example:**
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit"><strong>Parameter</strong></th>
+    <th className="w-fit"><strong>Description</strong></th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit"><strong>command</strong></td>
+    <td className="w-fit">
+      Defines a local command to be run.
+
+      The command has access to the same [environment variables](/nginx/how-to/create#set-secret-environment-variables) as your Nginx application.
+
+      A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
+    </td>
+  </tr>
+  </tbody>
+</table>
+
+**Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -15002,6 +21492,7 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/nginx/how-to/deploy-process#readiness-checks) in Zerops.
 
 ----------------------------------------
@@ -15014,35 +21505,60 @@ Read more about how the [readiness check works](/nginx/how-to/deploy-process#rea
 
 # Nginx > How To > Create
 
+
 The Nginx static service contains the Nginx web server optimized for your static content. Nginx static service is highly scalable and customisable to suit both development and production.
+
 ## Create Nginx static service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Nginx static service:
+
+[Video: /vids/services/nginx-static.webm](/vids/services/nginx-static.webm)
+
 ### Choose Nginx version
+
 Following Nginx versions are currently supported:
+
 :::info
 You can [change](/nginx/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/nginx/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Nginx static service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Nginx static service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/nginx/how-to/create#create-a-project-description-file)
 3. [Create a project with a Nginx and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -15063,13 +21579,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Nginx version 8.1 service with default [auto scaling](/nginx/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/nginx/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -15108,110 +21629,187 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain an Nginx static service with `app` hostname. The internal port(s) the service listens on will be defined later in the [zerops.yaml](/nginx/how-to/build-pipeline#ports). Nginx static service will run on version 1.22 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains an Nginx static service but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [nginx service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/nginx/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/nginx/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/nginx/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/nginx/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Nginx static service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -15232,98 +21830,146 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Nginx static service version 1.22 with default [auto scaling](/nginx/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Nginx > How To > Customize Runtime
 
+
 ## Build Custom Runtime Images
+
 Zerops allows you to build custom runtime images (CRI) when the default base runtime images don't meet your Nginx Static application's requirements. This is an optional phase in the [build and deploy pipeline](/features/pipeline#runtime-prepare-phase-optional).
+
 :::important
 You should not include your application code in the custom runtime image, as your built/packaged code is deployed automatically into fresh containers.
 :::
+
 ## Configuration
+
 ### Default Nginx Static Runtime Environment
+
 The default Nginx Static runtime environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - Selected version of Nginx when the runtime service was created
 - [zCLI](/references/cli)
 - Git
+
 ### When You Need a Custom Runtime Image
+
 If your Nginx Static service needs additional tools beyond the default environment (SSL management, monitoring, security tools, etc.), you'll need to build a custom runtime image.
+
 Here are Nginx Static-specific examples of configuring custom runtime images in your `zerops.yml`:
+
 ### Basic Nginx Static Setup
-    
+
 For complete configuration details, see the [runtime prepare phase configuration guide](/features/pipeline#configuration).
+
 ## Process and Caching
+
 ### How Runtime Prepare Works
 The runtime prepare process follows the same steps for all runtimes. See [how runtime prepare works](/features/pipeline#how-it-works) for the complete process details.
+
 ### Caching Behavior
 Zerops caches custom runtime images to optimize deployment times. Learn about [custom runtime image caching](/features/pipeline#custom-runtime-image-caching) including when images are cached and reused.
+
 ### Build Management
 For information about managing builds and deployments, see [managing builds and deployments](/features/pipeline#manage-builds-and-deployments).
+
 :::warning
 Shared storage mounts are not available during the runtime prepare phase.
 :::
+
 ## Troubleshooting
+
 If your `prepareCommands` fail, check the [prepare runtime log](/nginx/how-to/logs#prepare-runtime-log) for specific error messages.
 
 ----------------------------------------
 
 # Nginx > How To > Customize Web Server
 
+
 ## Default Nginx configuration
+
 The default Nginx static service has following configuration:
+
 ```
 server {
     listen 80 default_server;
     listen [::]:80 default_server;
+
     server_name _;
     root {{.DocumentRoot}};
+
     location / {
         try_files $uri $uri/ /index.html;
     }
+
     access_log syslog:server=unix:/dev/log,facility=local1,tag=nginx,severity=info default_short;
     error_log syslog:server=unix:/dev/log,facility=local1,tag=nginx,severity=error;
 }
 ```
+
 The configuration contains 2 variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/nginx/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 ## Customize Nginx configuration
+
 Follow these steps to customize the Nginx configuration in Nginx static service:
+
 1. Create a **.tmpl** file with the Nginx configuration in your repository.
+
 2. Optionally use following variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/nginx/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 Example:
+
 ```
 root {{.DocumentRoot}};
 ```
+
 - **`{{.Environment.ENV_NAME}}`** is replaced by the [env variable](/nginx/how-to/env-variables) value. The env variable must be either defined in [run.envVariables](/nginx/how-to/build-pipeline#envvariables) in `zerops.yaml` or set as a [secret](/nginx/how-to/env-variables#set-secret-env-variables-in-zerops-gui) or [generated](/nginx/how-to/env-variables#generated-env-variables) env variable in Zerops GUI.
+
 :::caution
 Use the **.tmpl** file extension to make Zerops interpret the file as a template. Zerops will replace the supported variables listed above.
 :::
+
 3. Check that your Nginx configuration is consistent with Zerops requirements:
+
 - Do not use IP addresses in the `listen` directive
-- If you use other ports than `:80` in the `listen` directive, add them to the `run.ports` in your `zerops.yaml` as well.
+- If you use other ports than `:80` in the `listen` directive, add them to the [`run.ports`](/nginx/how-to/build-pipeline#ports) in your `zerops.yaml` as well.
 - Do not use the port **:443**. All the incoming `https://` traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your Nginx static service as a **http://** on the port **:80**.
-4. Add the `siteConfigPath` to the run section of your `zerops.yaml`
+
+4. Add the [`siteConfigPath`](/nginx/how-to/build-pipeline#siteconfigpath) to the run section of your `zerops.yaml`
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -15332,27 +21978,40 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: nodejs@latest
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - vendor
         - public
+
     # ==== how to run your application ====
     run:
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx or Apache configuration. The file must be deployed in the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
-5. Ensure that the `build.deployFiles` contains the folder with the `siteConfigPath` or add the path to the Nginx config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
+5. Ensure that the [`build.deployFiles`](/nginx/how-to/build-pipeline#deployfiles) contains the folder with the `siteConfigPath` or add the path to the Nginx config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
 6. [Trigger](/nginx/how-to/trigger-pipeline) the build & deploy pipeline.
+
 ## SEO & Prerender Support
+
 Single Page Applications and JavaScript-heavy sites render content client-side, which most crawlers can't process—they see an empty page instead of your content. This affects traditional search engines, social media platforms, and AI tools like ChatGPT, Perplexity, and Claude.
+
 ### Built-in Prerender.io Integration
+
 The default Nginx configuration includes automatic [Prerender.io](https://prerender.io) support. When enabled, it detects crawler requests (including AI crawlers) and serves them pre-rendered HTML while your users get the full interactive experience.
+
 ### Setup
+
 To enable prerender support:
+
 1. Set the `PRERENDER_TOKEN` environment variable with your Prerender.io token (see [environment variables](/nginx/how-to/env-variables#prerenderio-support))
 2. Optionally set `PRERENDER_HOST` if using a custom prerender server
+
 The Nginx configuration will automatically handle the rest—no additional configuration needed.
 
 ----------------------------------------
@@ -15365,27 +22024,40 @@ The Nginx configuration will automatically handle the rest—no additional confi
 
 # Nginx > How To > Env Variables
 
+
 ## Prerender.io Support
+
 Zerops provides built-in prerender.io support for SEO optimization. Configure it using these environment variables:
-  
-      Variable
-      Required
-      Description
-      Default
-    
-      PRERENDER_TOKEN
-      Yes
-      Your prerender.io service token
-      -
-    
-      PRERENDER_HOST
-      No
-      Prerender service host
-      service.prerender.io
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>Variable</strong></th>
+      <th className="w-fit"><strong>Required</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Default</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr className="text-center">
+      <td className="w-fit">PRERENDER_TOKEN</td>
+      <td className="w-fit">Yes</td>
+      <td className="w-fit">Your prerender.io service token</td>
+      <td className="w-fit">-</td>
+    </tr>
+    <tr className="text-center">
+      <td className="w-fit">PRERENDER_HOST</td>
+      <td className="w-fit">No</td>
+      <td className="w-fit">Prerender service host</td>
+      <td className="w-fit">service.prerender.io</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip
 Set `PRERENDER_TOKEN` as a secret environment variable in Zerops GUI for security.
 :::
+
 Example in zerops.yaml:
 ```yaml
 zerops:
@@ -15435,36 +22107,68 @@ zerops:
 
 # Nginx > Overview
 
+
 The Nginx static service contains the [Nginx ↗](https://nginx.org/) web server optimized for your static content.
+
 ## How to start
+
+- [Care for details?](/nginx/how-to/create) — Dive in all Zerops has to offer for your Nginx application.
+
 ## Feature Highlights
+
+- [Create Nginx static service](/nginx/how-to/create) — Start with creating a Nginx static service using GUI or zCLI.
+- [zerops.yaml](/nginx/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/nginx/how-to/scaling) — Set up scaling of your Nginx application so that it runs smoothly while using only necessary resources.
+- [SEO Optimization](/nginx/how-to/env-variables#prerenderio-support) — Built-in prerender.io support for better SEO.
+
 {" "}
+
+- [Customize build environment](/nginx/how-to/create)
+- [Customize runtime environment](/nginx/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/nginx/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Nodejs > Faq
 
-  Question: Why is my Node.js build timing out or hanging on interactive prompts?
-Answer: 
-    If your build process seems to be hanging or timing out, check your logs for interactive prompts that are waiting for input, such as:
+
+  **Question: Why is my Node.js build timing out or hanging on interactive prompts?**
+
+If your build process seems to be hanging or timing out, check your logs for interactive prompts that are waiting for input, such as:
     ```
     ? The modules directory at "/build/source/node_modules" will be removed and reinstalled from scratch. Proceed? (Y/n) ‣ true
     ```
+
     Set the environment variable `CI: true` to resolve the problem. This allows the installation to proceed automatically without requiring manual confirmation.
-  
+
 
 ----------------------------------------
 
 # Nodejs > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Node.js application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -15473,51 +22177,65 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: nodejs@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: nodejs@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customize the runtime Node.js environment by installing additional
       # dependencies to the base Node.js runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Node.js application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Node.js application start command
       start: npm start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -15528,6 +22246,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -15537,11 +22256,22 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Node.js builds:
+
+- `nodejs@24`, `nodejs@latest`
+- `nodejs@22`
+- `nodejs@20`
+- `nodejs@18`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15552,12 +22282,18 @@ zerops:
       base: nodejs@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Node.js, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+  major version of Node.js, [Zerops command line tool](/references/cli), `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15571,34 +22307,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Node.js defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15607,6 +22361,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: nodejs@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -15614,20 +22369,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/nodejs/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15636,42 +22402,59 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: nodejs@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     npm i
     npm run build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - npm i
   - npm run build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/nodejs/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - npm i --verbose
   - npm run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -15680,56 +22463,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -15741,22 +22549,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -15765,6 +22584,7 @@ zerops:
     build:
       base: nodejs@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -15773,12 +22593,23 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/nodejs/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Node.js version for your runtime.
+
 Following options are available for Node.js builds:
+
+- `nodejs@24`, `nodejs@latest`
+- `nodejs@22`
+- `nodejs@20`
+- `nodejs@18`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15788,18 +22619,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: nodejs@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: nodejs@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Node.js, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15809,6 +22647,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: nodejs@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -15818,43 +22657,74 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Node.js service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Node.js service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Node.js runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Node.js environment contains {data.alpine.current} the selected
-  major version of Node.js, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Node.js, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15862,6 +22732,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -15871,27 +22742,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/nodejs/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.current}, the
-  selected major version of Node.js, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Node.js, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15900,6 +22789,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -15909,15 +22799,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -15926,22 +22821,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Node.js application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/nodejs/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/nodejs/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -15956,57 +22864,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/nodejs/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Node.js application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Node.js application start command
       start: npm start
 ```
+
 We recommend starting your Node.js application using `npm start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Node.js application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -16014,30 +22949,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Node.js application.
+
+        The command has access to the same [environment variables](/nodejs/how-to/create#set-secret-environment-variables) as your Node.js application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Node.js application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -16046,13 +22998,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -16061,72 +23018,112 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/nodejs/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
-**Example:**
-```yaml
-zerops:
-  # hostname of your service
-  - setup: app
-    # ==== how to build your application ====
-    build: ...
-    # ==== how to deploy your application ====
-    deploy:
-      # OPTIONAL. Define a readiness check with a HTTP GET request option.
-      # Configures the check on http://127.0.0.1:80/status
-      readinessCheck:
-        httpGet:
-          port: 80
-          path: /status
-    # ==== how to run your application ====
-    run: ...
-```
-Read more about how the [readiness check works](/nodejs/how-to/deploy-process#readiness-checks) in Zerops.
-#### exec
-Configures the readiness check to run a local command.
-Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
-        Defines a local command to be run.
-        The command has access to the same environment variables as your Node.js application.
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
+**Example:**
+
+```yaml
+zerops:
+  # hostname of your service
+  - setup: app
+    # ==== how to build your application ====
+    build: ...
+
+    # ==== how to deploy your application ====
+    deploy:
+      # OPTIONAL. Define a readiness check with a HTTP GET request option.
+      # Configures the check on http://127.0.0.1:80/status
+      readinessCheck:
+        httpGet:
+          port: 80
+          path: /status
+
+    # ==== how to run your application ====
+    run: ...
+```
+
+Read more about how the [readiness check works](/nodejs/how-to/deploy-process#readiness-checks) in Zerops.
+
+#### exec
+
+Configures the readiness check to run a local command.
+Following attributes are available:
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
+        Defines a local command to be run.
+
+        The command has access to the same [environment variables](/nodejs/how-to/create#set-secret-environment-variables) as your Node.js application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -16138,8 +23135,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/nodejs/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Nodejs > How To > Build Process
@@ -16156,34 +23155,58 @@ Read more about how the [readiness check works](/nodejs/how-to/deploy-process#re
 
 # Nodejs > How To > Create
 
+
 Zerops provides a powerful Node.js runtime service with extensive build support. The Node.js runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Node.js environment up and running in no time.
+
 ## Create a Node.js service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Node.js service:
+
+[Video: /vids/services/nodejs.webm](/vids/services/nodejs.webm)
+
 ### Choose a Node.js version
+
 Zerops supports the following Node.js versions:
+
 :::info
 You can easily [upgrade](/nodejs/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](/nodejs/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create a Node.js service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Node.js service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/nodejs/how-to/create#create-a-project-description-file)
 3. [Create a project with a Node.js and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -16205,13 +23228,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Node.js version 20 service with default [auto scaling](/nodejs/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/nodejs/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -16256,114 +23284,172 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Node.js service and a [PostgreSQL](/postgresql/overview) service.
+
 Node.js service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/nodejs/how-to/build-pipeline#ports). Node.js service will run on version 20 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Node.js and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Node.js service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/nodejs/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/nodejs/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/nodejs/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/nodejs/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Node.js service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -16384,33 +23470,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Node.js service version 20 with default [auto scaling](/nodejs/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Nodejs > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick, sudo apk add ffmpeg)',
-  'Global Node.js tools: When you need CLI tools or utilities available system-wide (like pm2 for process management)',
-  'Native dependencies: When your npm packages require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -16464,123 +23555,213 @@ System packages for processing: When your app processes images, videos, or files
 
 # Nodejs > Overview
 
+
 [Node.js ↗](https://nodejs.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-nodejs), a **_recipe_**, containing the most simple Node.js web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Node.js app running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Node.js app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "node-js" recipe on Zerops](https://app.zerops.io/recipe/?lf=node-js)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-nodejs/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-nodejs
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: nodejs@20
     enableSubdomainAccess: true
     buildFromGit: https://github.com/zeropsio/recipe-nodejs
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/nodejs/how-to/create) — Dive in all Zerops has to offer for your Node.js application.
+- [Node.js recipes](https://github.com/zeropsio?q=nodejs&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Node.js service](/nodejs/how-to/create) — Start with creating a Node.js service using GUI or zCLI.
+- [zerops.yaml](/nodejs/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/nodejs/how-to/scaling) — Set up scaling of your Node.js application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/nodejs/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/nodejs/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/nodejs/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Object Storage > How To > Access
 
+
 Zerops Object storage is powered by [MinIO](https://min,io), a high-performance, S3 compatible object store. Object storage services are operated on an independent infrastructure separated from your other project services. You can access the object storage from any service hosted in Zerops or remotely over the internet.
+
 ## Object storage bucket
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 #### Name
+
 Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket cannot be changed later.
+
 #### Access policy
+
 The bucket's access policy was defined when the Object storage service was created. You can [change it] later in Zerops GUI.
+
 #### Quota
+
 The bucket quota size was defined when the Object storage service was created. You can [change it] later in Zerops GUI.
+
 ## Copy access details from Zerops GUI
+
 You will find the Object storage access details under the **Access details** button in the project dashboard page.
+
 The same information is available in the service detail page under the **Access & bucket details** menu.
-  
+
 ### Object storage access parameters
-  
-      Parameter
-      Description
-    
-      API URL
-      URL of the Object storage service
-    
-      Bucket Name
-      Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket is fixed and cannot be changed later.
-    
-      Access Key ID
-      The S3 Access Key ID
-    
-      Secret Key
-      The S3 Secret Key
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">API URL</td>
+      <td>URL of the Object storage service</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">Bucket Name</td>
+      <td>Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket is fixed and cannot be changed later.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">Access Key ID</td>
+      <td>The S3 Access Key ID</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">Secret Key</td>
+      <td>The S3 Secret Key</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Use Object storage environment variables
+
 Zerops creates default environment variables for each Object storage service to help you with connection from any runtime services in the same project. To avoid the need to copy Object storage access parameters manually, use environment variables in your runtime service.
+
 ### Prefix the environment variable key
+
 All services of the same project can reference environment variables from other services. To use an environment variable from one service in another service in the same project, you must prefix the environment variable key with the service name and underscore.
+
 #### Example
+
 To access the `bucketName` env variable of the `upload` service, use `upload_bucketName` as the env variable key. To access the `secretAccessKey` env variable of the `storage` service, use `storage_secretAccessKey` as the env variable key.
+
 ### Object storage environment variables
+
 List of service environment variables is available in Zerops GUI. Go to an Object storage service detail and choose **Environment variables** in the left menu.
-  
+
 Zerops creates following environment variables when the Object storage service is created:
-  
-      Variable
-      Description
-    
-      apiUrl
-      URL of the Object storage service
-    
-      accessKeyId
-      The S3 Access Key ID
-    
-      secretAccessKey
-      The S3 Secret Key
-    
-      bucketName
-      Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket is fixed and cannot be changed later.
-    
-      quotaGBytes
-      The bucket quota in GB.
-    
-      projectId
-      ID of the project. Generated by Zerops.
-    
-      serviceId
-      ID of the Object storage service. Generated by Zerops.
-    
-      hostname
-      The name of the Object storage service.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Variable</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">apiUrl</td>
+      <td>URL of the Object storage service</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">accessKeyId</td>
+      <td>The S3 Access Key ID</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">secretAccessKey</td>
+      <td>The S3 Secret Key</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">bucketName</td>
+      <td>Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket is fixed and cannot be changed later.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">quotaGBytes</td>
+      <td>The bucket quota in GB.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">projectId</td>
+      <td>ID of the project. Generated by Zerops.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">serviceId</td>
+      <td>ID of the Object storage service. Generated by Zerops.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">hostname</td>
+      <td>The name of the Object storage service.</td>
+    </tr>
+  </tbody>
+</table>
+
 
 ----------------------------------------
 
@@ -16592,63 +23773,101 @@ Zerops creates following environment variables when the Object storage service i
 
 # Object Storage > How To > Create
 
+
 Zerops provides a S3 compatible Object storage service to store your files. Zerops Object storage is powered by [MinIO](https://min.io), a high-performance, S3 compatible object store. MinIO is built for large scale AI/ML, data lake and database workloads.
+
 ## Create Object storage service using Zerops GUI
+
 First, set up a project in Zerops GUI and add a runtime service. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Object storage service:
+
+[Video: /vids/services/object-storage.webm](/vids/services/object-storage.webm)
+
 ### Set a name
+
 Enter a unique service identifier like `storage`,`s3` etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 maximum 25 characters
 must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::note
 The name is fixed after the service is created. It can't be changed later.
 :::
+
 ### Object storage bucket
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 #### Name
+
 Bucket will be created with a name based on the given service name and a random prefix. The name of the bucket cannot be changed later.
+
 #### Access policy
+
 Select one of the basic policy templates:
-  
-      Template
-      Description
-    
-      Public read
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Template</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>Public read</strong></td>
+      <td className="w-fit">
         Allows anyone:
-        
-          to read the bucket's location `(s3:GetBucketLocation)`
-          to list all bucket's objects `(s3:ListBucket)`
-          to get any object of the bucket `(s3:GetObject)`
-        
-      Public objects read
-      
+        <ul>
+          <li>to read the bucket's location `(s3:GetBucketLocation)`</li>
+          <li>to list all bucket's objects `(s3:ListBucket)`</li>
+          <li>to get any object of the bucket `(s3:GetObject)`</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>Public objects read</strong></td>
+      <td className="w-fit">
         Allows anyone:
-        
-          to read the bucket's location `(s3:GetBucketLocation)`
-          to get any object of the bucket `(s3:GetObject)`
-        
-      Public read write
-      
+        <ul>
+          <li>to read the bucket's location `(s3:GetBucketLocation)`</li>
+          <li>to get any object of the bucket `(s3:GetObject)`</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>Public read write</strong></td>
+      <td className="w-fit">
         Allows anyone:
-        
-          to read the bucket's location `(s3:GetBucketLocation)`
-          to list all bucket's objects `(s3:ListBucket)`
-          to get any object of the bucket `(s3:GetObject)`
-          to create a new object in the bucket `(s3:PutObject,s3:ListMultipartUploadParts, s3:AbortMultipartUpload, s3:ListBucketMultipartUploads)`
-          to delete any object of the bucket `(s3:DeleteObject)`
-        
-      Public write
-      Allows anyone to create objects in the bucket `(PutObject action)`
-    
-      Private
-      Denies the access to unauthenticated users.
-    
+        <ul>
+          <li>to read the bucket's location `(s3:GetBucketLocation)`</li>
+          <li>to list all bucket's objects `(s3:ListBucket)`</li>
+          <li>to get any object of the bucket `(s3:GetObject)`</li>
+          <li>to create a new object in the bucket `(s3:PutObject,s3:ListMultipartUploadParts, s3:AbortMultipartUpload, s3:ListBucketMultipartUploads)`</li>
+          <li>to delete any object of the bucket `(s3:DeleteObject)`</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>Public write</strong></td>
+      <td className="w-fit">Allows anyone to create objects in the bucket `(PutObject action)`</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>Private</strong></td>
+      <td className="w-fit">Denies the access to unauthenticated users.</td>
+    </tr>
+  </tbody>
+</table>
+
 Or you can set your own access policy in the [IAM Policy JSON format](https://min.io/docs/minio/linux/administration/identity-access-management/policy-based-access-control.html#policy-document-structure).
+
 #### Example:
+
 ```yaml
 {
   'Version': '2012-10-17',
@@ -16669,171 +23888,250 @@ Or you can set your own access policy in the [IAM Policy JSON format](https://mi
     ],
 }
 ```
+
 :::tip
 The `{{ .BucketName }}` variable will be replaced by the bucket name.
 :::
+
 The bucket's policy can be changed later in Zerops GUI.
+
 #### Quota
+
 Set the bucket quota size in GB. The quota must be set manually. It can be changed later in Zerops GUI. Zerops doesn't support Object storage autoscaling. You can set the bucket quota from 1 to 100 GB.
-  
+
 ## Create Object storage using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Object storage service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](#create-a-project-description-file)
 3. Create a project and an Object storage service
+
 ### Create a project description file
+
 Zerops uses a yaml format file to describe the project infrastructure.
+
 #### Example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
   # project name
   name: my-project
+
   # optional: project description
   description: A project with an Object storage
+
   # optional: project tags
   tags:
     - DEMO
     - ZEROPS
+
 # array of project services
 services:
   - # service name
     hostname: upload
+
     # service type
     type: objectstorage
+
     # Object storage size in GB
     objectStorageSize: 73
+
     # Choose object storage policy from a predefined list
     objectStoragePolicy: public-write
+
     # Or define a custom policy
     objectStorageRawPolicy:
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Object storage service named `upload`. The bucket quota will be set to 73 GB and the bucket access policy will be set to `public-write`.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      Maximum 255 characters
-    
-      description
-      Optional. Description of the new project.
-      
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit">Maximum 255 characters</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains only Object storage service but you can create a description.yaml with different types of services.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the Object storage type objectstorage and version.
-        
+
         Set type: `objectstorage`
-         
-        Limitations:
-        
+
+        <strong>Limitations:</strong>
+
         Currently `objectstorage` or `object-storage` is available.
-      
-      objectStorageSize
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>objectStorageSize</strong></td>
+      <td className="w-fit">
         The size of the bucket quota in GB.
-         
-        Limitations:
-        
+
+        <strong>Limitations:</strong>
+
         Set a whole number between 1 and 100.
-      
-      objectStoragePolicy
-      
-        Optional. Either `objectStoragePolicy` or `objectStorageRawPolicy` is required.
-         
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>objectStoragePolicy</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Either `objectStoragePolicy` or `objectStorageRawPolicy` is required.
+
         Set one of allowed values:
-        
-          `public-read`
-          `public-objects-read`
-          `public-read-write`
-          `public-write`
-          `private`
-        
-        Read more about the basic policy templates.
-      
-      objectStorageRawPolicy
-      
-        Optional. Either `objectStoragePolicy` or `objectStorageRawPolicy` is required.
-         
-        Set your own access policy in the IAM Policy JSON format.
-         
+        <ul>
+          <li>`public-read`</li>
+          <li>`public-objects-read`</li>
+          <li>`public-read-write`</li>
+          <li>`public-write`</li>
+          <li>`private`</li>
+        </ul>
+        Read more about [the basic policy templates](#access-policy).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>objectStorageRawPolicy</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Either `objectStoragePolicy` or `objectStorageRawPolicy` is required.
+
+        Set your own access policy in the [IAM Policy JSON format](https://min.io/docs/minio/linux/administration/identity-access-management/policy-based-access-control.html#policy-document-structure).
+
         The `{{ .BucketName }}` variable will be replaced by the bucket name.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 Bucket will be created with a name based on the given service name and a random prefix. The name of the bucket cannot be changed later.
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Object service to an existing project
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # array of project services
 services:
   - # service name
     hostname: upload
+
     # service type
     type: objectstorage
+
     # Object storage size in GB
     objectStorageSize: 73
+
     # Choose object storage policy from a predefined list
     objectStoragePolicy: public-write
+
     # Or define a custom policy
     objectStorageRawPolicy:
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Object storage service named upload will be created. The bucket quota will be set to 73 GB and the bucket access policy will be set to `public-write`.
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file]. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the `import.yaml` file is 100 kB.
+
 #### Example
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```bash
 # array of project services
 services:
@@ -16843,55 +24141,76 @@ services:
     # service type
     type: objectstorage
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Object storage service in the single container mode with default auto scaling configuration will be added to your project. Hostname of the new service will be set to `storage`.
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file](#create-a-project-description-file). The `import.yaml` never contains the `project:` section because the project already exists.
 
+
 ----------------------------------------
 
 # Object Storage > How To > Curl File
 
+
 This guide explains how to download a single file from a private Object Storage bucket using cURL and a bash script with Zerops object storage.
+
 ## Prerequisites
+
 - Access to Zerops Object Storage
 - Storage credentials (`ACCESS_KEY_ID` and `SECRET_ACCESS_KEY`)
 - Bash environment
 - OpenSSL and cURL installed
+
 :::caution
 Store your storage credentials securely and never commit them to version control.
 :::
+
 ## Script
+
 Save this script as `download-storage.sh`:
+
 ```bash
 #!/bin/bash
+
 server="${3:-storage-prg1.zerops.io}"
 file_path=$2
 bucket=$1
 set -eu pipefail
+
 contentType="application/octet-stream"
 dateValue=`date -R`
 signature_string="GET\n\n${contentType}\n${dateValue}\n/${bucket}/${file_path}"
+
 signature_hash=`echo -en ${signature_string} | openssl sha1 -hmac ${SECRET_ACCESS_KEY} -binary | base64`
+
 curl -sSo ${file_path} \
   -H "Date: ${dateValue}" \
   -H "Content-Type: ${contentType}" \
   -H "Authorization: AWS ${ACCESS_KEY_ID}:${signature_hash}" \
   "https://${server}/${bucket}/${file_path}"
+
 ```
+
 ## Usage
+
 1. Make the script executable:
 ```bash
 chmod +x download-storage.sh
 ```
+
 2. Set your storage credentials as environment variables:
 ```bash
 export ACCESS_KEY_ID=your-access-key
 export SECRET_ACCESS_KEY=your-secret-key
 ```
+
 3. Run the script:
 ```bash
 ./download-storage.sh my-bucket file.pdf
 ```
+
 ## Troubleshooting
+
 - **Permission Denied**: Check your `ACCESS_KEY_ID` and `SECRET_ACCESS_KEY`
 - **File Not Found**: Verify bucket name and file path
 - **Script Error**: Ensure the script has execute permissions
@@ -16900,23 +24219,35 @@ export SECRET_ACCESS_KEY=your-secret-key
 
 # Object Storage > How To > Update Bucket
 
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 To change the bucket size or the access policy, go to the **Access & bucket details** in the Object service detail in Zerops GUI, scroll down and click on the **Configure bucket quota size and access policy** button.
-  
+
 ### Quota
+
 Set the bucket quota size in GB. The quota must be set manually. It can be changed later in Zerops GUI. Zerops doesn't support Object storage autoscaling. You can set the bucket quota from 1 to 100 GB.
+
 ### Access policy
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 #### Name
+
 Bucket will be created with a name based on the given service name and a random prefix. The name of the bucket cannot be changed later.
+
 #### Access policy
+
 Select one of the basic policy templates:
+
 | Template                   | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
 | -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
 | <b>Public read</b>         | Allows anyone:<ul><li>to read the bucket's location `(s3:GetBucketLocation)`</li><li>to list all bucket's objects `(s3:ListBucket)`</li><li>to get any object of the bucket `(s3:GetObject)`</li></ul>                                                                                                                                                                                                                                        |
@@ -16925,8 +24256,11 @@ Select one of the basic policy templates:
 | <b>Public write</b>        | Allows anyone to create objects in the bucket `(PutObject action)`                                                                                                                                                                                                                                                                                                                                                                                                  |
 | <b>Private</b>             | Denies the access to unauthenticated users.                                                                                                                                                                                                                                                                                                                                                                                                                                    |
 | <b>Private</b>             | Denies the access to unauthenticated users.                                                                                                                                                                                                                                                                                                                                                                                                                                    |
+
 Or you can set your own access policy in the [IAM Policy JSON format](https://min.io/docs/minio/linux/administration/identity-access-management/policy-based-access-control.html#policy-document-structure).
+
 #### Example:
+
 ```yaml
 {
   'Version': '2012-10-17',
@@ -16947,29 +24281,53 @@ Or you can set your own access policy in the [IAM Policy JSON format](https://mi
     ],
 }
 ```
+
 :::tip
 The `{{ .BucketName }}` variable will be replaced by the bucket name.
 :::
 
+
 ----------------------------------------
 
 # Object Storage > Overview
 
+
 Zerops Object storage is powered by [MinIO ↗](https://min.io/), a high-performance, open-source S3 compatible object store. MinIO is built for large scale AI/ML, data lake and database workloads.
+
 ## Feature Highlights
+
+- [Create Object Storage](/object-storage/how-to/create) — Create your first storage bucket with our step-by-step guide.
+- [Customize Object Storage buckets](/object-storage/how-to/update-bucket) — Configure Object Storage to meet your application needs.
+- [Access Object storage](/object-storage/how-to/access#copy-access-details-from-zerops-gui) — Simplify configuration with environment variables.
+
 ## Popular Guides
+
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
 
+- [FAQ](/nodejs/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
+
 ----------------------------------------
 
 # Php > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your PHP application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -16978,49 +24336,63 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-apache@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - composer install
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - vendor
         - public
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: vendor
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: php-apache@latest
+
       # OPTIONAL. Customize the runtime PHP environment by installing additional
       # dependencies to the base PHP runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your PHP application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # OPTIONAL. Customize the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx or Apache configuration. The file must be deployed in
       # the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -17031,6 +24403,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -17040,11 +24413,22 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for PHP builds:
+
+- `php@8.5`, `php@latest`
+- `php@8.4`
+- `php@8.3`
+- `php@8.1`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17055,12 +24439,18 @@ zerops:
       base: php-apache@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of PHP, Zerops command line tool, `composer`, `git` and `wget`.
+  major version of PHP, [Zerops command line tool](/references/cli), `composer`, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17074,34 +24464,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of PHP defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `composer`, `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17110,6 +24518,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-apache@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -17117,20 +24526,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/php/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17139,40 +24559,57 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-apache@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - composer install
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     composer install --optimize-autoloader --no-dev
     php artisan env
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - composer install --optimize-autoloader --no-dev
   - php artisan env
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/php/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the verbose option.
+
 ```yaml
 buildCommands:
   - composer install -v
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -17180,56 +24617,81 @@ deployFiles:
   - vendor
   - public
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - public
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -17241,22 +24703,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -17265,6 +24738,7 @@ zerops:
     build:
       base: php-apache@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         PHP_ENV: production
@@ -17273,12 +24747,28 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/php/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current PHP version for your runtime.
+
 Following options are available for PHP builds:
+
+- `php-apache@8.5`, `php-apache@latest`
+- `php-apache@8.4`
+- `php-apache@8.3`
+- `php-apache@8.1`
+
+- `php-nginx@8.5`, `php-nginx@latest`
+- `php-nginx@8.4`
+- `php-nginx@8.3`
+- `php-nginx@8.1`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17288,18 +24778,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: php-apache@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: php-apache@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
-  selected major version of PHP, Zerops command line tool and `composer`, `git` and `wget`.
+  selected major version of PHP, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17309,6 +24806,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: php-apache@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -17318,52 +24816,86 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 :::info
 If no ports are specified, Zerops adds the port TCP 80 automatically.
 :::
+
 :::caution
 If you want the web server to listen on other port(s) than `:80`, you must [customize](/php/how-to/customize-web-server) your web server configuration as well.
 :::
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a PHP service with hostname = "app" and port = 80 from another service of the same project, simply use `app:80`. Read more about [how to access a PHP service](/references/networking/internal-access#basic-service-communication).
+
 :::info
 Do not use the port **:443**. All the incoming traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your PHP+Nginx / PHP+Apache service as a **http://** on the port **:80**.
 :::
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the PHP runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base PHP environment contains {data.alpine.default}, the selected
-  major version of PHP, Zerops command line tool and `composer`, `git` and `wget`. To install
+  major version of PHP, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17371,6 +24903,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -17380,28 +24913,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/php/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
-  
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of PHP, Zerops command line tool and `composer`, `git` and `wget`.
+  selected major version of PHP, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17410,6 +24960,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -17419,15 +24970,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -17436,48 +24992,71 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your PHP application is started.
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/php/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/php/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### documentRoot
+
 _OPTIONAL._ Customizes the folder that will be used as the root of the publicly accessible web server content.
+
 :::info
 By default, the document root is configured to `/var/www`.
 :::
+
 Customize the folder that will be used as the root of the publicly accessible web server content. Enter the path relative to the `/var/www` folder.
 E.g. `documentRoot: public` will set the web server document root to `/var/www/public`.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
 ```
+
 ### siteConfigPath
+
 _OPTIONAL._ Sets the custom Nginx or Apache configuration.
+
 :::info
 By default, the default [nginx](/php/how-to/customize-web-server#default-nginx-configuration) or [Apache](/php/how-to/customize-web-server#default-apache-configuration) web server configuration is set.
 :::
+
 The file must be deployed in the runtime container. Enter the path to the file relative to the `/var/www` folder.
 Read more about the [web server customization](/php/how-to/customize-web-server).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -17492,44 +25071,66 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/php/how-to/env-variables) in Zerops.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -17537,31 +25138,48 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your PHP application.
+
+        The command has access to the same [environment variables](/php/how-to/create#set-secret-environment-variables) as your PHP application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -17570,13 +25188,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -17585,40 +25208,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/php/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
-**Example:**
-```yaml
-zerops:
-  # hostname of your service
-  - setup: app
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
+**Example:**
+
+```yaml
+zerops:
+  # hostname of your service
+  - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -17627,30 +25272,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/php/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your PHP application.
+
+        The command has access to the same [environment variables](/php/how-to/create#set-secret-environment-variables) as your PHP application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -17662,8 +25325,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/php/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Php > How To > Build Process
@@ -17680,35 +25345,58 @@ Read more about how the [readiness check works](/php/how-to/deploy-process#readi
 
 # Php > How To > Create
 
+
 Zerops provides 2 PHP services with an included web server: **PHP+Nginx** and **PHP+Apache**. PHP runtime is highly scalable and customisable to suit both development and production.
+
 ## Create PHP service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new PHP service:
+
 ### Choose PHP version
+
 Following PHP versions are currently supported:
+
 :::info
 You can [change](/php/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/php/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create PHP service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new PHP service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/php/how-to/create#create-a-project-description-file)
 3. [Create a project with a PHP and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -17729,13 +25417,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one PHP version 8.1 service with default [auto scaling](/php/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/php/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -17780,114 +25473,172 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a PHP service and a [PostgreSQL](/postgresql/overview) service.
+
 PHP service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/php/how-to/build-pipeline#ports). PHP service will run on version 8.1 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains PHP and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new service will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [PHP service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/php/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/php/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/php/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/php/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add PHP service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -17908,35 +25659,42 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one PHP service version 8.1 with default [auto scaling](/php/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Php > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add --no-cache imagemagick)',
-  'PHP extensions: When you need additional PHP extensions not included by default',
-  'Native dependencies: When your Composer packages require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 ## Overwrite php.ini files
+
 You can override PHP configuration directives by setting environment variables in your `zerops.yaml` file.
+
 Here's an example of how to adjust PHP's `post_max_size` directive:
 ```yaml
 zerops:
@@ -17946,17 +25704,24 @@ zerops:
     run:
       # REQUIRED. Sets the base technology for the runtime environment:
       base: php-nginx@8.3
+
       # OPTIONAL. Defines the env variables for the runtime:
       envVariables:
         PHP_INI_post_max_size: 10M
 ```
+
 :::info
 After updating PHP-FPM configuration in your `zerops.yaml` file, you need to restart or reload the app for the changes to take effect.
 :::
+
 ## PHP-FPM
+
 ### Default PHP-FPM configuration
+
 PHP-FPM (FastCGI Process Manager) uses the **dynamic** process management mode by default. In this mode, the system automatically adjusts the number of PHP processes based on current load.
+
 The default PHP-FPM configuration uses these values:
+
 - `PHP_FPM_PM` = `dynamic`
 - `PHP_FPM_PM_MAX_CHILDREN` = `20`
 - `PHP_FPM_PM_START_SERVERS` = `2`
@@ -17964,7 +25729,9 @@ The default PHP-FPM configuration uses these values:
 - `PHP_FPM_PM_MAX_SPARE_SERVERS` = `3`
 - `PHP_FPM_PM_MAX_SPAWN_RATE` = `32`
 - `PHP_FPM_PM_MAX_REQUESTS` = `500`
+
 ### Dynamic mode
+
 To adjust the dynamic mode settings, add the desired environment variables to the run section:
 ```yaml
 zerops:
@@ -17980,7 +25747,9 @@ zerops:
         PHP_FPM_PM_MAX_SPARE_SERVERS: 10
         PHP_FPM_PM_MAX_REQUESTS: 1000
 ```
+
 ### Ondemand mode
+
 The **ondemand** mode is ideal for applications with lower traffic, where processes are created only when requests arrive. To enable ondemand mode:
 ```yaml
 zerops:
@@ -17995,10 +25764,13 @@ zerops:
         PHP_FPM_PM_PROCESS_IDLE_TIMEOUT: 60s
         PHP_FPM_PM_MAX_REQUESTS: 500
 ```
+
 **Available parameters for ondemand mode:**
+
 - `PHP_FPM_PM_MAX_CHILDREN` – maximum number of child processes
 - `PHP_FPM_PM_PROCESS_IDLE_TIMEOUT` – time after which idle processes are terminated (default: `60s`)
 - `PHP_FPM_PM_MAX_REQUESTS` – number of requests each process handles before being recycled (default: `500`)
+
 :::info
 After updating PHP-FPM configuration in your `zerops.yaml` file, you need to restart or reload the app for the changes to take effect.
 :::
@@ -18007,61 +25779,91 @@ After updating PHP-FPM configuration in your `zerops.yaml` file, you need to res
 
 # Php > How To > Customize Web Server
 
+
 ## PHP + Nginx
+
 ### Default Nginx configuration
+
 The default PHP+Nginx service has following Nginx configuration:
+
 ```
 server {
     listen 80;
     listen [::]:80;
+
     server_name _;
+
     # Be sure that you set up the correct document root!
     root {{.DocumentRoot}};
+
     location ~ \.php {
         try_files _ @backend;
     }
+
     location / {
         # use this for pretty url
         try_files $uri /$uri /index.html /index.php$is_args$args;
     }
+
     location @backend {
         fastcgi_pass unix:{{.PhpSocket}};
         fastcgi_split_path_info ^(.+\.php)(/.*)$;
         include fastcgi_params;
+
         fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
         fastcgi_param DOCUMENT_ROOT $realpath_root;
         internal;
     }
+
     access_log syslog:server=unix:/dev/log,facility=local1,tag=nginx,severity=info default_short;
     error_log syslog:server=unix:/dev/log,facility=local1,tag=nginx,severity=error;
 }
 ```
+
 The configuration contains 2 variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/php/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 - **`{{.PhpSocket}}`** is replaced by a path to the PHP socket based on the PHP version.
+
 ### Customize Nginx configuration
+
 Follow these steps to customize the Nginx configuration in PHP+Nginx service:
+
 1. Create a **.tmpl** file with the Apache configuration in your repository.
+
 2. Optionally use following variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/php/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 Example:
+
 ```
 root {{.DocumentRoot}};
 ```
+
 - **`{{.PhpSocket}}`** is replaced by a path to the PHP socket based on the PHP version.
+
 Example:
+
 ```
 fastcgi_pass unix:{{.PhpSocket}};
 ```
+
 - **`{{.Environment.ENV_NAME}}`** is replaced by the [env variable](/php/how-to/env-variables) value. The env variable must be either defined in [run.envVariables](/php/how-to/build-pipeline#envvariables-1) in `zerops.yaml` or set as a [secret](/php/how-to/env-variables#set-secret-env-variables-in-zerops-gui) or [generated](/php/how-to/env-variables#generated-env-variables) env variable in Zerops GUI.
+
 :::caution
 Use the **.tmpl** file extension to make Zerops interpret the file as a template. Zerops will replace the supported variables listed above.
 :::
+
 3. Check that your Nginx configuration is consistent with Zerops requirements:
+
 - Do not use IP addresses in the `listen` directive
-- If you use other ports than `:80` in the `listen` directive, add them to the `run.ports` in your `zerops.yaml` as well.
+- If you use other ports than `:80` in the `listen` directive, add them to the [`run.ports`](/php/how-to/build-pipeline#ports) in your `zerops.yaml` as well.
 - Do not use the port **:443**. All the incoming `https://` traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your PHP+Nginx service as a **http://** on the port **:80**.
-4. Add the `siteConfigPath` to the run section of your `zerops.yaml`
+
+4. Add the [`siteConfigPath`](/php/how-to/build-pipeline#siteconfigpath) to the run section of your `zerops.yaml`
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -18070,63 +25872,84 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-nginx@latest
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - vendor
         - public
+
     # ==== how to run your application ====
     run:
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx or Apache configuration. The file must be deployed in the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
-5. Ensure that the `build.deployFiles` contains the folder with the `siteConfigPath` or add the path to the Nginx config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
+5. Ensure that the [`build.deployFiles`](/php/how-to/build-pipeline#deployfiles) contains the folder with the `siteConfigPath` or add the path to the Nginx config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
 6. [Trigger](/php/how-to/trigger-pipeline) the build & deploy pipeline.
+
 ## PHP + Apache
+
 ### Default Apache configuration
+
 The default PHP+Apache service has following Apache configuration:
+
 ```
-    ServerName localhost
-    DocumentRoot {{.DocumentRoot}}
-    DirectoryIndex index.htm index.html index.shtml index.php index.phtml
-    
-        Options -Indexes
-        Options FollowSymLinks
-        AllowOverride All
-        Require all granted
-    
-            SetHandler "proxy:unix:{{.PhpSocket}}|fcgi://localhost/"
-        
+
+    </FilesMatch>
+
     ErrorLog  "| /usr/bin/logger -tapache -plocal1.err"
     CustomLog "| /usr/bin/logger -tapache -plocal1.notice" combined
+</VirtualHost>
 ```
+
 The configuration contains 2 variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/php/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 - **`{{.PhpSocket}}`** is replaced by a path to the PHP socket based on the PHP version.
+
 ### Customize Apache configuration
+
 Follow these steps to customize the Apache configuration in PHP+Apache service:
+
 1. Create a **.tmpl** file with the Nginx configuration in your repository.
+
 2. Optionally use following variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/php/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 Example:
+
 ```
 DocumentRoot {{.DocumentRoot}};
 ```
+
 - **`{{.PhpSocket}}`** is replaced by a path to the PHP socket based on the PHP version.
+
 Example:
+
 ```
-    SetHandler "proxy:unix:{{.PhpSocket}}|fcgi://localhost/"
+
 ```
+
 - **`{{.Environment.ENV_NAME}}`** is replaced by the [env variable](/php/how-to/env-variables) value. The env variable must be either defined in [run.envVariables](/php/how-to/build-pipeline#envvariables-1) in `zerops.yaml` or set as a [secret](/php/how-to/env-variables#set-secret-env-variables-in-zerops-gui) or [generated](/php/how-to/env-variables#generated-env-variables) env variable in Zerops GUI.
+
 :::caution
 Use the **.tmpl** file extension to make Zerops interpret the file as a template. Zerops will replace the supported variables listed above.
 :::
+
 3. Check that your Apache configuration is consistent with Zerops requirements:
-- Do not use IP addresses in the `` directive
-- If you use other ports than `:80` in the `` directive, add them to the `run.ports` in your `zerops.yaml` as well.
+
+- Do not use IP addresses in the `<VirtualHost>` directive
+- If you use other ports than `:80` in the `<VirtualHost>` directive, add them to the [`run.ports`](/php/how-to/build-pipeline#ports) in your `zerops.yaml` as well.
   Do not use the port **:443**. All the incoming `https://` traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your PHP+Apache service as a **http://** on the port **:80**.
-4. Add the `siteConfigPath` to the run section of your `zerops.yaml`.
+
+4. Add the [`siteConfigPath`](/php/how-to/build-pipeline#siteconfigpath) to the run section of your `zerops.yaml`.
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -18135,20 +25958,26 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-apache@latest
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - vendor
         - public
+
     # ==== how to run your application ====
     run:
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx or Apache configuration. The file must be deployed in the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
-5. Ensure that the `build.deployFiles` contains the folder with the `siteConfigPath` or add the path to the Apache config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
+5. Ensure that the [`build.deployFiles`](/php/how-to/build-pipeline#deployfiles) contains the folder with the `siteConfigPath` or add the path to the Apache config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
 6. [Trigger](/php/how-to/trigger-pipeline) the build & deploy pipeline.
 
+
 ----------------------------------------
 
 # Php > How To > Deploy Process
@@ -18201,13 +26030,21 @@ zerops:
 
 # Php > Overview
 
+
 [PHP ↗](https://www.php.net/), a popular general-purpose scripting language that is especially suited to web development.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-php-hello-world), a **_recipe_**, containing the most simple PHP web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of PHP running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of PHP running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "php" recipe on Zerops](https://app.zerops.io/recipe/?lf=php)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-php-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -18219,195 +26056,293 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-php-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/php/how-to/create) — Dive in all Zerops has to offer for your PHP application.
+
 ## Feature Highlights
+
+- [Create PHP service](/php/how-to/create) — Start with creating a PHP service using GUI or zCLI.
+- [zerops.yaml](/php/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/php/how-to/scaling) — Set up scaling of your PHP application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/php/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/php/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/php/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Postgresql > Faq
 
-  Question: How do I properly use PostgreSQL in HA mode?
-Answer: 
-    In High Availability (HA) mode, PostgreSQL runs on multiple containers with a primary node and replicas. To get the most out of this setup:
+
+  **Question: How do I properly use PostgreSQL in HA mode?**
+
+In High Availability (HA) mode, PostgreSQL runs on multiple containers with a primary node and replicas. To get the most out of this setup:
+
     - Use port `5432` for all write operations (INSERT, UPDATE, DELETE) — this always routes to the primary node
     - Use port `5433` for read operations (SELECT) — this distributes queries across all replicas, improving performance
+
     The read replica port (`5433`) is only available in HA mode. If you're running PostgreSQL in single container (NON_HA) mode, only port `5432` is available.
+
     See [Connection Parameters](/postgresql/how-to/connect#connection-parameters) for all available ports and environment variables.
-  
-  Question: Why is my connection to PostgreSQL from third-party software failing?
-Answer: 
-    *One possible cause:* 
+
+  **Question: Why is my connection to PostgreSQL from third-party software failing?**
+
+*One possible cause:*
+
     The connection string in Zerops always starts with `postgresql://`. While the official PostgreSQL documentation
     states that both `postgresql://` and `postgres://` URIs are valid, some software requires the shorter `postgres://`
     version.
-    
+
     To resolve this, create your own environment variable with the correct URI. For example, if your PostgreSQL service is named `db`, use the following format:
-    
+
     ```
     postgres://${db_user}:${db_password}@${db_hostname}:${db_port}
     ```
-  
+
 
 ----------------------------------------
 
 # Postgresql > How To > Backup
 
+
 Zerops provides automated data backup for PostgreSQL services with full encryption and flexible management options.
+
 For general backup information including configuration, scheduling, and management options, see the [Zerops Backups](/features/backup) documentation, which covers:
 - Backup scheduling and retention policies
 - Tagging system and storage quotas
 - Manual backup creation and CLI tools
 - Security and encryption details
+
 This page focuses on PostgreSQL-specific backup details.
+
 ## PostgreSQL Backup Format
+
 PostgreSQL backups are created using `pg_dump` and stored in `.zip` format:
+
 - **Format**: `.zip` (containing per-schema `.dump` files)
 - **Tooling**: `pg_dump`
 - **Compression**: Custom format (`-Fc`), schema files named `schemaName.dump`
 - **Storage**: Encrypted and stored in isolated object storage
+
 ## Restoring PostgreSQL Backups
+
 To restore a PostgreSQL backup:
+
 1. **Download** the backup file (`.zip`) from the Zerops UI
 2. **Extract** the zip file to access the individual schema dump files
 3. **Prepare** your target environment (clean existing data or use a new instance)
 4. **Restore** using PostgreSQL native tools. Follow the [official PostgreSQL backup documentation](https://www.postgresql.org/docs/current/backup-dump.html) for detailed restore procedures, or use web-based management tools like phpMyAdmin or Adminer as described in [PostgreSQL Management](/postgresql/how-to/manage).
+
 For assistance with the restoration process, contact Zerops support.
+
 ## High Availability
+
 For PostgreSQL services running in High Availability mode:
 - Backups are created on a randomly selected healthy node
 - Other nodes remain operational during the backup process
 - Manual backups typically run on the primary node
+
 ## Best Practices
+
 - Always create a manual backup with a protected tag before database migrations or major schema changes
 - Test your restore process periodically in a non-production environment
 - Monitor your backup storage usage in the Project Overview
 - Use descriptive tags like `pre-migration-v2` for important snapshots
 - Consider the order of schema restoration if you have dependencies between schemas
+
 For additional best practices and troubleshooting, refer to the [main backup documentation](/features/backup).
 
 ----------------------------------------
 
 # Postgresql > How To > Connect
 
+
 This guide covers how to connect to your PostgreSQL database in Zerops, both from services within the same project and from outside the Zerops environment.
+
 ## Connection Options Overview
+
 Zerops provides several ways to connect to PostgreSQL:
+
 1. **Internal connections** - Between services in the same Zerops project (via private network)
 2. **Remote connections**:
    - **VPN access** - From your local machine via Zerops VPN
    - **Direct IP access** - Enables external applications to connect using TLS encryption by opening public ports on IPv6 (available by default) or IPv4 (requires add-on activation if not already enabled)
+
 ## Connection Details
+
 You'll find PostgreSQL connection details in the service detail page under the **Peek access details** button (shows hostname, port, user, password, and connection string).
+
 The full list of connection-related environment variables is available in the service detail under **Environment variables**.
+
 ### Connection Parameters
-  
-      Parameter
-      Internal
-      External (TLS)
-      Env Variable
-    
-      Hostname
-      Service hostname
-      Public IP address
-      `hostname`
-    
-      Port (primary)
-      5432
-      6432 (via pgBouncer)
-      `port` / `portTls`
-    
-      Port (replicas, HA only)
-      5433
-      N/A
-      `portReplicas`
-    
-      User
-      Identical to hostname
-      Same as internal
-      `user`
-    
-      Password
-      Generated at creation
-      Same as internal
-      `password`
-    
-      Connection string (primary)
-      `postgresql://${user}:${password}@${hostname}:5432/${dbName}`
-      Same format with TLS port
-      `connectionString` / `connectionTlsString`
-    
-      Connection string (replicas, HA only)
-      `postgresql://${user}:${password}@${hostname}:5433/${dbName}`
-      N/A
-      `connectionStringReplicas`
-    
-      Database name
-      db
-      Same as internal
-      `dbName`
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Internal</th>
+      <th className="w-fit">External (TLS)</th>
+      <th className="w-fit">Env Variable</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Hostname</td>
+      <td className="w-fit">Service hostname</td>
+      <td className="w-fit">Public IP address</td>
+      <td className="w-fit">`hostname`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Port (primary)</td>
+      <td className="w-fit">5432</td>
+      <td className="w-fit">6432 (via pgBouncer)</td>
+      <td className="w-fit">`port` / `portTls`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Port (replicas, HA only)</td>
+      <td className="w-fit">5433</td>
+      <td className="w-fit">N/A</td>
+      <td className="w-fit">`portReplicas`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">User</td>
+      <td className="w-fit">Identical to hostname</td>
+      <td className="w-fit">Same as internal</td>
+      <td className="w-fit">`user`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Password</td>
+      <td className="w-fit">Generated at creation</td>
+      <td className="w-fit">Same as internal</td>
+      <td className="w-fit">`password`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Connection string (primary)</td>
+      <td className="w-fit">`postgresql://${user}:${password}@${hostname}:5432/${dbName}`</td>
+      <td className="w-fit">Same format with TLS port</td>
+      <td className="w-fit">`connectionString` / `connectionTlsString`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Connection string (replicas, HA only)</td>
+      <td className="w-fit">`postgresql://${user}:${password}@${hostname}:5433/${dbName}`</td>
+      <td className="w-fit">N/A</td>
+      <td className="w-fit">`connectionStringReplicas`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Database name</td>
+      <td className="w-fit">db</td>
+      <td className="w-fit">Same as internal</td>
+      <td className="w-fit">`dbName`</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip
 If you're running PostgreSQL in High Availability (HA) mode, configure your application to route read queries to port **5433**. This distributes the load across all replicas, reducing pressure on the primary node and improving overall throughput.
 :::
+
 :::warning
 Zerops creates a system user named `zps` with full privileges for maintenance purposes. Do not delete, change the password, or remove privileges from this user, as it will disrupt Zerops' ability to maintain the database cluster.
 :::
+
 :::info
 For more information about default PostgreSQL setup, users, and databases, see [Manage PostgreSQL Users and Databases](/postgresql/how-to/manage).
 :::
+
 ## Connect from Services in the Same Project
+
 All services within a Zerops project share a dedicated private network. There are two ways to implement connections between services in the same project:
+
 ### Method 1: Direct Connection Parameters
+
 You can directly use the connection parameters from Peek Access Details:
+
 ```
 host = database1
 port = 5432
 user = database1
 password = ********** (find under Peek Access Details)
 ```
+
 For read operations in HA mode, use port `5433` instead of `5432` with the same credentials.
+
 ### Method 2: Environment Variables (Recommended)
+
 For better maintainability, Zerops creates environment variables for each PostgreSQL service that you can use in your application configuration. List of service environment variables is available in Zerops GUI. Go to a PostgreSQL service detail and choose **Environment variables**.
+
 To use variables from one service in another, prefix the variable name with the service hostname and underscore - to access the `connectionString` variable of `postgresql1`, use `postgresql1_connectionString`.
+
 For read-only connections (HA mode only), use the `connectionStringReplicas` variable instead.
+
 For more details on how to use environment variables, and instructions for adding your own custom variables, see the [Environment Variables](/features/env-variables) documentation.
+
 :::caution Important notes
 - When changing passwords, update both the database user password and the environment variable separately - they don't automatically synchronize.
 - While both `postgresql://` and `postgres://` URI formats are valid, Zerops uses the `postgresql://` format. If your software requires `postgres://`, create a custom environment variable with this format.
 - Do not use SSL/TLS protocols for internal connections. Security is assured by the project's private network.
 :::
+
 ## Connect Remotely
+
 Zerops offers two methods for connecting to your PostgreSQL database from outside the Zerops environment:
+
 ### Method 1: Connect via Zerops VPN
+
 You can securely connect to PostgreSQL from your local workstation via Zerops VPN:
+
 1. [Install & set up zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn#start-vpn)
 3. Use the connection details from Access Details in the PostgreSQL service detail in Zerops GUI
 4. When finished, [stop the Zerops VPN](/references/networking/vpn#stop-vpn)
+
 :::warning Important notes
 * Do not use SSL/TLS protocols when connecting over VPN. Security is provided by the VPN tunnel.
 * If your connection over VPN doesn't work, try adding `.zerops` suffix to the service hostname (e.g., `database1.zerops`). For additional help, check the [VPN troubleshooting page](/references/networking/vpn#troubleshooting).
 :::
+
 ### Method 2: Connect via Direct IP Access
+
 Direct IP Access uses [pgBouncer](https://www.pgbouncer.org/) for connection pooling and TLS termination.
+
 Internally, port `5432` is available without SSL (and port `5433` for reads in HA mode). Externally, connections are secured with TLS through pgBouncer (port `6432`) before being routed to your PostgreSQL service. The read replica port is not available for external connections.
+
 #### Enable external access
+
 1. Navigate to your PostgreSQL service in the Zerops GUI and choose the **Public Access through IP Addresses** section
 2. Choose either IPv6 (available by default) or IPv4 (requires the [unique IPv4](/references/networking/public-access#ipv4-configuration) add-on)
 3. Open one or more ports and point them to your PostgreSQL service (the system will direct them through pgBouncer)
@@ -18418,6 +26353,7 @@ Internally, port `5432` is available without SSL (and port `5433` for reads in H
    - Port configurations can be set independently for IPv4 and IPv6
 4. Optionally enable firewall protection for additional security
 5. Click the **Publish X IP access change(s)** button to apply your settings
+
 For database management tools and how to manage users and databases, see [Manage PostgreSQL Users and Databases](/postgresql/how-to/manage).
 
 ----------------------------------------
@@ -18430,43 +26366,70 @@ For database management tools and how to manage users and databases, see [Manage
 
 # Postgresql > How To > Create
 
+
 ## Create PostgreSQL using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new PostgreSQL service:
+
+[Video: /vids/services/postgres.webm](/vids/services/postgres.webm)
+
 ### Choose PostgreSQL version
+
 Following PostgreSQL versions are currently supported:
+
 ### Set a hostname
+
 Enter a unique service identifier like `postgresql`, `sql`, `db` etc.
+
 #### Limitations:
+
 - Duplicate services with the same name within the same project are not allowed
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Configure auto scaling
+
 Zerops automatically scales PostgreSQL services based on actual database usage. Configure the scaling parameters to match your database needs and control costs.
+
 **CPU Mode**: Choose between shared (cost-effective) or dedicated (consistent performance).
+
 **Resource Limits**: Set minimum and maximum resources for CPU, RAM, and disk to control costs and ensure performance.
+
 **Deployment Mode**: Choose the reliability configuration for your PostgreSQL service:
+
 - **Highly Available**: Multiple containers with redundancy across different physical machines. Recommended for production environments.
 - **Single Container**: One container suitable for development and non-critical environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 :::tip Learn More
 For detailed scaling configuration, deployment mode details, and troubleshooting, see:
 - [How Zerops scales PostgreSQL](/postgresql/how-to/scale) - Database-specific scaling guide
 - [Automatic Scaling and High Availability](/features/scaling) - Complete technical details
 :::
+
 ## Create PostgreSQL using zCLI
+
 zCLI is the Zerops command-line tool. To create a new PostgreSQL service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](#create-a-project-description-file)
 3. Create a project and a PostgreSQL service
+
 ### Create a project description file
+
 Zerops uses a YAML format file to describe the project infrastructure.
+
 #### Basic example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # Basic project data
 project:
@@ -18481,9 +26444,13 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The YAML file describes your future project infrastructure. The project will contain one PostgreSQL service in the single container mode with default [auto scaling](/postgresql/how-to/scale) configuration. The hostname will be set to `postgresql1`.
+
 #### Full example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # Basic project data
 project:
@@ -18522,124 +26489,194 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The YAML file describes your future project infrastructure. The project will contain two PostgreSQL services.
+
 The hostname of the first service will be set to `postgresql1`. The [high availability](/features/scaling#highly-available-ha-mode) mode will be chosen and the custom [auto scaling configuration](/postgresql/how-to/scale) will be set.
+
 The hostname of the second service will be set to `postgresql2`. The [single container](/features/scaling#single-container-mode) mode will be chosen and the default [auto scaling configuration](/postgresql/how-to/scale) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in the `services:` section is required. You can create a project with multiple services. The example above contains only PostgreSQL services but you can create a `description.yaml` with [different types] of services.
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        The hostname of the new database will be set to the `hostname` value. 
-        
-        Limitations:
-        
+
+        The hostname of the new database will be set to the `hostname` value.
+
+        <b>Limitations:</b>
+
 - duplicate services with the same name in the same project are
         forbidden
-        
+
         - maximum 25 characters
-        
+
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-      
-        type
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [PostgreSQL service types](/references/import-yaml/type-list#database-services) are currently supported.
-      
-    mode
-  
+      </td>
+    </tr>
+<tr>
+  <td className="w-fit">
+    <b>mode</b>
+  </td>
+  <td className="w-fit">
     Defines the operation mode of the PostgreSQL service.
-    
-    HA
-    
+
+    <b>HA</b>
+
     Creates a PostgreSQL cluster with 3 database containers and 2 free
     database proxies. This mode is suited for production.
-    
+
     Zerops always keeps the 3 database containers on different physical
     machines. All your data is stored redundantly in 3 identical copies. In
     case of a failure of a container or the underlying physical machine,
     Zerops automatically disconnects the failed container from the cluster,
     creates a new container and syncs all data from the remaining 2 copies.
     Finally, the broken container is automatically deleted.
-    
-    In HA mode, a dedicated read replica port (5433) is available, allowing you to route read queries to replicas for better performance. See Connection Parameters for details.
-    
-    NON_HA
-    
+
+    In HA mode, a dedicated read replica port (<code>5433</code>) is available, allowing you to route read queries to replicas for better performance. See [Connection Parameters](/postgresql/how-to/connect#connection-parameters) for details.
+
+    <b>NON_HA</b>
+
     Zerops will create a PostgreSQL database installed in a single
     container. Useful for non-essential data or dev environments.
-    
+
     Your data is stored only in a single container. If the container or the
     the underlying physical machine fails, your data since the last backup are
     lost. Zerops doesn't provide any automatic repairs of a single node
     PostgreSQL services.
-  
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto-scaling parameters.
+  </td>
+</tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto-scaling parameters](/postgresql/how-to/scale#configure-scaling).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 :::caution
 The PostgreSQL service **hostname** and **mode** are fixed after the service is created. They can't be changed later.
 :::
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project will be created.
       --working-dir string   Sets a custom working directory. The default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 The maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add PostgreSQL service to an existing project
+
 #### Example
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```bash
 # array of project services
 services:
@@ -18651,97 +26688,145 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The YAML file describes the list of one or more services that you want to add to your existing project. In the example above, one PostgreSQL service in the [single container](/features/scaling#single-container-mode) with default [auto scaling](/postgresql/how-to/scale) configuration will be added to your project. The hostname of the new service will be set to `postgresql1`.
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file](#create-a-project-description-file). The `import.yaml` never contains the `project:` section because the project already exists.
+
 When your `import.yaml` is ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command will be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 The maximum size of the `import.yaml` file is 100 kB.
 
 ----------------------------------------
 
 # Postgresql > How To > Export Import Data
 
+
 ## Use Adminer or phpMyAdmin to export or import data
 * [Adminer ↗](https://www.adminer.org) - an open source full-featured database management tool written in PHP
 * [phpMyAdmin ↗](https://www.phpmyadmin.net) - a free software tool written in PHP, intended to handle the administration of PostgreSQL over the Web
+
 1. [Install the tools to Zerops](/postgresql/how-to/manage#installing-management-tools)
 2. Use their standard export or import functions
+
 ## Use a database management tool on your workstation to export or import data
+
 Do you already use a database management tool that supports PostgreSQL on your workstation? Connect it securely to PostgreSQL from your local workspace via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to PostgreSQL remotely](/postgresql/how-to/connect#connect-remotely).
 :::caution
 Do not use SSL/TLS protocols when connecting to PostgreSQL over VPN. Zerops PostgreSQL is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 Once the connection to PostgreSQL is established, use the standard export or import functions of your favourite management tool.
+
 ## Use psql CLI to export or import data
+
 If you are using the [psql ↗](https://www.postgresql.org/docs/current/app-psql.html) command-line client to manage your PostgreSQL on your local workspace, you can connect it securely to PostgreSQL via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to PostgreSQL remotely](/postgresql/how-to/connect#connect-remotely).
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](/postgresql/how-to/connect#method-2-environment-variables-recommended) are available when connected through VPN. To connect to PostgreSQL in Zerops you have to copy the [access details](/postgresql/how-to/connect#connection-details) manually from Zerops GUI.
+
 Use [psql ↗](https://www.postgresql.org/docs/current/app-psql.html) command to connect to PostgreSQL in Zerops:
+
 ```sh
 psql -h [hostname] -U [user] -p [password] -d [database_name]
 ```
+
 :::caution
 Do not use SSL/TLS protocols when connecting to PostgreSQL over VPN. Zerops PostgreSQL is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 To export your database data and structure, use the [pg_dump ↗](https://www.postgresql.org/docs/current/backup-dump.html) command.
+
 ```sh
 pg_dump [database_name] > dumpfilename.sql
 ```
+
 To import your database data and structure, use the `mysql` command.
+
 ```sh
 mysql [database_name] < dumpfilename.sql
 ```
 
+
 ----------------------------------------
 
 # Postgresql > How To > Manage
 
+
 This guide covers how to manage your PostgreSQL databases in Zerops, including default setup, database management tools, plugins, and best practices.
+
 ## Default Database and User
+
 Zerops creates a default database and user automatically when a new PostgreSQL service is [created](/postgresql/how-to/create).
+
 ### Database
+
 - **Name**: Identical to the service hostname
 - **Encoding**: `utf8mb4`
+
 ### DB User
+
 - **Username**: Identical to the service hostname
 - **Password**: Generated randomly
+
 :::info
 For connection methods and environment variables, see the [Connect to PostgreSQL in Zerops](/postgresql/how-to/connect) page.
 :::
+
 :::caution Important notes
 - When changing passwords, update both the database user password and the environment variable separately - they don't automatically synchronize.
 - While both `postgresql://` and `postgres://` URI formats are valid, Zerops uses the `postgresql://` format. If your software requires `postgres://`, create a custom environment variable with this format.
 - Do not use SSL/TLS protocols for internal connections. Security is assured by the project's private network.
 :::
+
 ## Database Management Tools
+
 You can use any PostgreSQL management tool of your choice to administer your databases in Zerops. For convenience, Zerops provides ready-to-use recipes for two popular web-based database management tools:
+
 * [Adminer](https://www.adminer.org) - a lightweight database management tool by Jakub Vrána
 * [phpMyAdmin](https://www.phpmyadmin.net) - a popular free database administration tool that works with both MySQL and PostgreSQL databases
+
 ### Installing Management Tools
+
 You can install these tools with a simple one-click import in Zerops:
+
 1. In Zerops GUI, open your project and select **Import services** from the left menu
 2. Copy and paste one of the following YAML configurations:
+
 ### Accessing Management Tools
+
 After installation, you can access these tools via VPN:
+
 1. [Start the Zerops VPN](/references/networking/vpn)
 2. Type `http://adminer` or `http://phpmyadmin` in your browser
+
 :::tip
 Try `http://adminer.zerops` or `http://phpmyadmin.zerops` if you encounter any connection issues.
 :::
+
 :::caution
 Do not use https when connecting to management tools via VPN.
 :::
+
 ## Database Tools on Your Workstation
+
 You can use various database management tools from your local workstation to connect to your PostgreSQL database in Zerops:
+
 1. **Establish a secure tunnel** using the [Zerops VPN](/references/networking/vpn) to create an encrypted connection to your Zerops project
 2. **Obtain the [connection details](/postgresql/how-to/connect#connection-details)** from Zerops GUI
     - Environment variables are not available through VPN connections
@@ -18752,31 +26837,45 @@ You can use various database management tools from your local workstation to con
         ```sh
         psql -h [hostname] -U [user] -d [database_name]
         ```
+
 :::tip
     Try `{hostname}.zerops` instead of just `{hostname}` if you encounter any connection issues.
 :::
+
 ## How to install and manage PostgreSQL plugins
+
 ### Viewing available plugins
 You can list all available PostgreSQL plugins by running the following query *(superuser privileges not required)*:
+
 ```sql
 SELECT * FROM pg_available_extensions ORDER BY name;
 ```
+
 ### Installing plugins (requires superuser)
+
 1. **Connect with superuser credentials**:
    - Use the `superUser` (user `postgres`) and `superUserPassword` environment variables from your PostgreSQL service
+
 2. **Switch to your service database**:
    When logging in as the superuser, you're initially in the `postgres` database, not your service database.
+
 3. **Install required extensions**:
    ```sql
    CREATE EXTENSION pg_stat_statements;
    CREATE EXTENSION vector;
    CREATE EXTENSION postgis;
    ```
+
 :::warning
 Currently, it is not possible to add new plugins that are not already listed in `pg_available_extensions`.
 :::
+
 When working with text search functionality, you'll need to reference the correct `stop`, `dict`, and `affix` files when creating dictionaries in your database. These files are essential for proper text search configuration.
+
 Zerops PostgreSQL includes the following dictionary files:
+
+#### Available dictionary files
+
 **Stop word files** - used to remove common words that don't add significant meaning:
 ```
 czech.stop
@@ -18813,101 +26912,165 @@ sk_SK.dict
 ```
 unaccent.rules
 ```
+
 For more information on text search dictionaries, refer to the [PostgreSQL documentation](https://www.postgresql.org/docs/16/textsearch-dictionaries.html).
 
 ----------------------------------------
 
 # Postgresql > How To > Scale
 
+
 Zerops automatically scales your PostgreSQL service based on actual database usage. When your database needs more power, resources increase. When demand drops, resources scale down to reduce costs.
+
 :::tip Read More
 For complete scaling details across all services, see [Automatic Scaling and High Availability](/features/scaling).
 :::
+
 ## How PostgreSQL scaling works
+
 PostgreSQL services use **vertical scaling** to adjust CPU, RAM, and disk resources within containers based on usage patterns. Unlike runtime services, PostgreSQL does not use horizontal scaling (adding/removing containers). Instead, PostgreSQL services use deployment modes for high availability.
+
 ## Configure scaling
+
 You can configure scaling settings:
+
 - **During service creation** - Set initial scaling parameters when [creating](/postgresql/how-to/create) your PostgreSQL service
 - **During import** - Define scaling configuration in your YAML import file using `verticalAutoscaling` parameters
 - **After service creation** - Navigate to your PostgreSQL service and select **Automatic scaling configuration** to modify settings
+
 ### Basic settings
-  
+
 **CPU Mode**: Choose between shared (cost-effective, variable performance) or dedicated (consistent performance, higher cost). You can change CPU mode once per hour. See [pricing](https://zerops.io/#pricing) for costs.
+
 **Resource limits**: Configure minimum and maximum resources for your PostgreSQL service:
+
 - **Lower the maximum** to control costs and prevent over-scaling
 - **Raise the minimum** when you need guaranteed baseline performance
 - **Set minimum = maximum** to disable automatic scaling for that specific resource
+
 **Deployment mode**: Choose the reliability configuration for your PostgreSQL service:
+
 - **Single Container**: One container with vertical scaling only. Suitable for development environments.
 - **Highly Available**: Multiple containers with built-in redundancy. Recommended for production environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 :::tip HA Mode
 In HA mode, a dedicated read replica port (`5433`) is available for routing read queries to replicas. This improves performance by distributing load across all database containers. See [Connection Parameters](/postgresql/how-to/connect#connection-parameters) for details.
 :::
+
 When a container fails in HA mode, Zerops automatically replaces it with a new container on a different physical machine and synchronizes data from healthy copies.
+
 ### Advanced settings
+
 **Start CPU cores**: Determines how many CPU cores are allocated during database startup. Increase this value if your PostgreSQL service starts slowly or requires more processing power during initialization.
+
 **RAM thresholds**: Help prevent out-of-memory crashes by maintaining buffer space:
+
 - **Absolute (GB)**: Maintains this amount of free RAM at all times
 - **Percentage**: Keeps this percentage of total RAM free
+
 Consider increasing these values if your database experiences memory-related issues.
-  
+
 :::info Read More
 For detailed technical parameters and scaling behavior, see [Automatic Scaling and High Availability](/features/scaling#resource-scaling-behavior).
 :::
+
 ## Monitor usage
+
 Navigate to your PostgreSQL service and select **Service containers & Overview** to view:
 - CPU, RAM, and disk usage over time
 - Historical scaling events
 - Container health status
+
 ## Technical details
+
 Zerops monitors database usage and automatically adjusts resources based on predefined thresholds and timing parameters. The scaling behavior follows the same principles as other services in the platform.
+
 For complete technical specifications including:
 - Resource monitoring intervals and thresholds
 - Scale-up and scale-down timing parameters
 - Scaling increments and steps
 - Detailed scaling behavior patterns
+
 See [Resource Scaling Behavior](/features/scaling#resource-scaling-behavior) in the general scaling documentation.
+
 ## Common issues
+
 **Out of memory errors**
 - Increase minimum free RAM settings in your scaling configuration
 - Consider raising the minimum RAM allocation
 - Check for memory-intensive queries or operations
+
 **Higher than expected costs**
 - Consider lowering your maximum resource limits
 - Review scaling patterns in the monitoring dashboard
+
 **Slow database startup**
 - Increase the "Start CPU cores" setting
 - Consider switching to dedicated CPU mode for consistent performance
+
 **Not utilizing HA mode effectively**
 - Use port `5432` for write operations (INSERT, UPDATE, DELETE)
 - Use port `5433` for read operations (SELECT) to distribute load across replicas
 - See [Connection Parameters](/postgresql/how-to/connect#connection-parameters) for details
+
 *Need help? Join our [Discord community](https://discord.gg/zerops) for assistance!*
 
+
 ----------------------------------------
 
 # Postgresql > Overview
 
+
 [PostgreSQL ↗](https://www.postgresql.org/) is a powerful, open source object-relational database system with over 35 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance.
+
 ## Feature Highlights
+
+- [Create PostgreSQL service](/postgresql/how-to/create) — Start with creating a PostgreSQL service using GUI or zCLI.
+- [Import config file](/postgresql/how-to/create#full-example) — Use an example config file to import your own app.
+
 ### Connect to PostgreSQL service
+
+- [Manage users and databases](/postgresql/how-to/manage)
+- [Connect from the same project](/postgresql/how-to/connect#connect-from-services-in-the-same-project)
+- [Connect remotely](/postgresql/how-to/connect#connect-remotely)
+
 ### Others
+
+- [Scale postgresql service](/postgresql/how-to/scale)
+- [Export and import data](/postgresql/how-to/export-import-data)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/postgresql/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Python > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Python application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -18916,47 +27079,61 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: python@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - app.py
+
       # OPTIONAL. Copy files from build container to runtime container.
       addToRunPrepare:
         - requirements.txt
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: file.txt
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: python@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8000
+
       # OPTIONAL. Customize the runtime Python environment by installing additional
       # dependencies to the base Python runtime environment.
       # prepareCommands:
       #   - python3 -m pip install --ignore-installed -r requirements.txt
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Python application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Python application start command
       start: python3 app.py
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -18967,6 +27144,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -18976,11 +27154,21 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Python builds:
+
+- `python@3.14 (Ubuntu only)`, `python@latest`
+- `python@3.12`
+- `python@3.11`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -18991,12 +27179,18 @@ zerops:
       base: python@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Python, Zerops command line tool, `pip` and `git`.
+  major version of Python, [Zerops command line tool](/references/cli), `pip` and `git`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19010,34 +27204,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Python defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `pip` and `git`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19046,94 +27258,136 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: python@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
         - sudo apt install python3-pip # already installed for Python services
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/python/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Run prepare commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 prepareCommands:
   - |
     sudo apt update
     sudo apt install python3-pip # already installed for Python services
 ```
+
 #### Run prepare commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 prepareCommands:
   - sudo apt update
   - sudo apt install python3-pip # already installed for Python services
 ```
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app.py
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app.py
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -19145,22 +27399,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -19169,6 +27434,7 @@ zerops:
     build:
       base: python@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         PYTHON_ENV: production
@@ -19177,12 +27443,22 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/python/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Python version for your runtime.
+
 Following options are available for Python builds:
+
+- `python@3.14 (Ubuntu only)`, `python@latest`
+- `python@3.12`
+- `python@3.11`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19192,18 +27468,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: python@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: python@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
-  selected major version of Python, Zerops command line tool, `pip` and `git`.
+  selected major version of Python, [Zerops command line tool](/references/cli), `pip` and `git`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19213,6 +27496,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: python@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -19222,43 +27506,74 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Python service with hostname = "app" and port = 8000 from another service of the same project, simply use `app:8000`. Read more about [how to access a Python service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Python runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Python environment contains {data.alpine.default}, the selected
-  major version of Python, Zerops command line tool, `pip` and `git`. To install additional packages or tools add one or more
+  major version of Python, [Zerops command line tool](/references/cli), `pip` and `git`. To install additional packages or tools add one or more
   prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19266,6 +27581,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -19274,27 +27590,45 @@ zerops:
         - python3 -m pip install --ignore-installed -r requirements.txt
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/python/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build:prepareCommands](#preparecommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default} the
-  selected major version of Python, Zerops command line tool, `pip` and `git`.
+  selected major version of Python, [Zerops command line tool](/references/cli), `pip` and `git`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19304,6 +27638,7 @@ zerops:
       ...
       addToRunPrepare:
         - requirements.txt
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -19312,15 +27647,20 @@ zerops:
         - python3 -m pip install --ignore-installed -r requirements.txt
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -19329,22 +27669,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Python application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/python/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/python/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build:prepareCommands](#preparecommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -19359,56 +27712,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/python/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Python application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Python application start command
       start: app.py
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Python application start command
       start: app.py
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -19416,30 +27795,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Python application.
+
+        The command has access to the same [environment variables](/python/how-to/create#set-secret-environment-variables) as your Python application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Python application start command
       start: app.py
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -19448,13 +27844,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -19463,40 +27864,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/python/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -19505,30 +27928,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/python/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Python application.
+
+        The command has access to the same [environment variables](/python/how-to/create#set-secret-environment-variables) as your Python application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -19540,8 +27981,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/python/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Python > How To > Build Process
@@ -19558,35 +28001,60 @@ Read more about how the [readiness check works](/python/how-to/deploy-process#re
 
 # Python > How To > Create
 
+
 Zerops provides a Python runtime service with extensive build support. Python runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Python service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Python service:
+
+[Video: /vids/services/python.webm](/vids/services/python.webm)
+
 ### Choose Python version
+
 Following Python versions are currently supported:
+
 :::info
 You can [change](/python/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/python/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Python service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Python service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/python/how-to/create#create-a-project-description-file)
 3. [Create a project with a Python and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -19607,13 +28075,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Python version 3.12 service with default [auto scaling](/python/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/python/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -19658,114 +28131,172 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Python service and a [PostgreSQL](/postgresql/overview) service.
+
 Python service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Python service will run on version 3.12 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Python and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new service will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Python service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/python/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/python/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/python/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/python/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Python service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -19786,33 +28317,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Python service version 3.12 with default [auto scaling](/python/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Python > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add --no-cache imagemagick)',
-  'Python build tools: When you need setuptools, or other tools not included by default',
-  'Scientific libraries: When you need NumPy, SciPy, or other packages requiring system dependencies',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -19866,13 +28402,21 @@ System packages for processing: When your app processes images, videos, or files
 
 # Python > Overview
 
+
 [Python ↗](https://www.python.org/) is a programming language that lets you work quickly and integrate systems more effectively..
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-python-hello-world), a **_recipe_**, containing the most simple Python web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Python running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Python running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "python" recipe on Zerops](https://app.zerops.io/recipe/?lf=python)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-python-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -19884,37 +28428,76 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-python-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/python/how-to/create) — Dive in all Zerops has to offer for your Python application.
+
 ## Feature Highlights
+
+- [Create Python service](/python/how-to/create) — Start with creating a Python service using GUI or zCLI.
+- [zerops.yaml](/python/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/python/how-to/scaling) — Set up scaling of your Python application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/python/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/python/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/python/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Qdrant > Overview
 
+
 [Qdrant](https://qdrant.tech/) in Zerops provides a fully managed vector database solution designed for AI applications. Focus on building vector search features while we handle infrastructure maintenance, high availability, and data protection.
+
 ## Supported Versions
+
 Currently supported Qdrant versions:
+
 Import configuration version:
+
+- `qdrant@1.12`
+- `qdrant@1.10`
+
 ## Deployment Modes
+
 #### Non-HA Mode
 - Single node setup ideal for development and non-production projects
 - Simple deployment and management
+
 #### HA Cluster
 - Automatically configured with 3 nodes
 - Recommended for production environments
@@ -19922,31 +28505,47 @@ Import configuration version:
 - By default (`automaticClusterReplication=true`), automatically creates replicas of all shards across all three nodes
   - Can be disabled by setting `automaticClusterReplication` to `false`
 - Automatic cluster recovery and node replacement in case of failures
+
 ## Data Backup
+
 Qdrant backups are created using native snapshotting:
+
 - **Format**: `.snapshot` (compressed)
 - **Tooling**: Native snapshotting
 - **Source**: Taken from the primary node (leader in HA clusters)
+
 For backup configuration, scheduling, retention policies, and management options, see the [Zerops Backups](/features/backup) documentation.
+
 ### Restoring Backups
+
 To restore a Qdrant backup:
+
 1. **Download** the backup file (`.snapshot`) from the Zerops UI
 2. **Prepare** your target environment (clean existing collections or use a new instance)
 3. **Restore** using the Qdrant API. Use the snapshot restore endpoint to import the snapshot file. Follow the [official Qdrant documentation](https://qdrant.tech/documentation/database-tutorials/create-snapshot/#restore-from-snapshot) for detailed snapshot restore procedures.
+
 For assistance with the restoration process, contact Zerops support.
+
 ## Network Architecture & Access
+
 Qdrant can be accessed only from services within the same project, public access is not available.
+
 ### API Keys
 API key authentication is required for both HTTP and gRPC API calls. Include the key in your request headers. The keys are automatically generated when the Qdrant service is created and can be found in the service's environment variables:
+
 - **`apiKey`:** Full access API key for administrative operations (creating collections, indexing)
 - **`readOnlyApiKey`:** Restricted API key for search operations
+
 #### HTTP API
 - **Port:** `6333`
 - **Connection String:** Available as `connectionString` environment variable or construct using `http://${hostname}:${port}`
+
 #### gRPC API
 - **Port:** `6334`
 - **gRPC Connection String:** Available as `grpcConnectionString` environment variable or construct using `tcp://${hostname}:${grpcPort}`
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zeropsio)
 - Contact support via [email](mailto:support@zerops.io)
@@ -19955,295 +28554,436 @@ For advanced configurations or custom requirements:
 
 # References > Api
 
+
 The Zerops REST API allows you to programmatically interact with Zerops platform by providing access to resources like projects, services, users, billing, and configurations.
+
 ## Base URL
+
 All API requests should be made to:
 ```
 https://api.app-prg1.zerops.io/api/rest/public
 ```
+
 ## Authentication
+
 The API uses Bearer token authentication. You can obtain your Personal access token from the **Access Token management** section in the Zerops GUI.
+
 Include the token in the Authorization header:
 ```
-Authorization: Bearer 
+Authorization: Bearer <your-token>
 ```
+
 ## API Resources
+
 :::note
 Some resource groups have non-obvious naming:
 - `/service-stack` endpoints handle services management
 - `/user-data` endpoints handle environment variables management
 :::
+
 View the [full Swagger documentation](https://api.app-prg1.zerops.io/api/rest/public/swagger) or jump to a specific resource group:
-  
-      Group
-      Description
-    
-      /app-version
-      Manage application versions, builds, and deployments
-    
-      /auth
-      Authentication and token management
-    
-      /billing
-      Billing operations and payment management
-    
-      /client
-      Client account management
-    
-      /client-user
-      User management within client accounts
-    
-      /github
-      GitHub repository connections and authorization
-    
-      /gitlab
-      GitLab repository connections and authorization
-    
-      /project
-      Project management operations
-    
-      /project-env
-      Project environment variables management
-    
-      /public-http-routing
-      HTTP routing configuration
-    
-      /public-port-routing
-      Port routing and firewall rules configuration
-    
-      /service-stack
-      Service stack operations and configuration
-    
-      /settings
-      System settings and configurations
-    
-      /user
-      User account management
-    
-      /user-data
-      Environment variables management
-    
-      /user-notification
-      User notifications management
-    
-      /user-token
-      Personal access tokens management
-    
+
+<table className="w-full">
+  <thead className="rounded-lg">
+    <tr>
+      <th className="w-auto"><strong>Group</strong></th>
+      <th className="w-full"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/app-version](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicAppVersion)</strong></td>
+      <td className="w-fit">Manage application versions, builds, and deployments</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/auth](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicAuth)</strong></td>
+      <td className="w-fit">Authentication and token management</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/billing](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicBilling)</strong></td>
+      <td className="w-fit">Billing operations and payment management</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/client](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicClient)</strong></td>
+      <td className="w-fit">Client account management</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/client-user](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicClientUser)</strong></td>
+      <td className="w-fit">User management within client accounts</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/github](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicGithub)</strong></td>
+      <td className="w-fit">GitHub repository connections and authorization</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/gitlab](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicGitlab)</strong></td>
+      <td className="w-fit">GitLab repository connections and authorization</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/project](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicProject)</strong></td>
+      <td className="w-fit">Project management operations</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/project-env](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicProjectEnv)</strong></td>
+      <td className="w-fit">Project environment variables management</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/public-http-routing](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicPublicHttpRouting)</strong></td>
+      <td className="w-fit">HTTP routing configuration</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/public-port-routing](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicPublicPortRouting)</strong></td>
+      <td className="w-fit">Port routing and firewall rules configuration</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/service-stack](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStack)</strong></td>
+      <td className="w-fit">Service stack operations and configuration</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>[/settings](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicSettings)</strong></td>
+      <td className="w-fit">System settings and configurations</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/user](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicUser)</strong></td>
+      <td className="w-fit">User account management</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/user-data](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicUserData)</strong></td>
+      <td className="w-fit">Environment variables management</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/user-notification](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicUserNotification)</strong></td>
+      <td className="w-fit">User notifications management</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><strong>[/user-token](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicUserToken)</strong></td>
+      <td className="w-fit">Personal access tokens management</td>
+    </tr>
+  </tbody>
+</table>
 
 ----------------------------------------
 
 # References > Cli
 
+
 zCLI is the command-line tool for Zerops that allows users to manage services, simplify interactions, and configure infrastructure directly from the terminal.
+
 For detailed information, see the [Configuration](/references/zcli/configuration) and [Commands Reference](/references/zcli/commands) pages.
+
 ## Platforms
+
 zCLI currently supports:
+
 - Linux (x86 & x64)
 - macOS (x86-64 & ARM64)
 - Windows (x64)
+
 ## Get started
+
 ### Manual Installation
+
 To download the zCLI directly, get the [latest release](https://github.com/zeropsio/zcli/releases) from GitHub.
+
 ### Linux/MacOS
+
 ```sh
 curl -L https://zerops.io/zcli/install.sh | sh
 ```
+
 zCLI will be installed inside `/usr/bin` or `/usr/local/bin`.
+
 ### Windows
+
 Execute following command in PowerShell:
+
 ```powershell
 irm https://zerops.io/zcli/install.ps1 | iex
 ```
+
 zCLI will be installed inside `C:\Program Files\` or `C:\Program Files (x86)\`
+
 ### Using Package Managers
+
 You can also install zCLI using package managers:
+
 ```sh
 npm i -g @zerops/zcli
 ```
+
 ```sh
 yarn global add @zerops/zcli
 ```
+
 ### NixOS
+
 :::note
 Make sure `nix-command` and flakes are enabled, if not. You can also use `--extra-experimental-features 'nix-command flakes'` with `nix`.
 :::
+
 Clone the [zCLI repository](https://github.com/zeropsio/zcli) and build the binary.
+
 ```
 git clone https://github.com/zeropsio/zcli
 ```
+
 ```
 cd zcli
 ```
+
 ```
 nix develop
 ```
+
 ```
 nix build
 ```
+
 You can find zCLI binary inside `result/bin`.
+
 ## Personal access tokens
+
 Personal tokens allow you to securely access Zerops directly. You can create one or more personal tokens and manage them in [Zerops GUI](https://app.zerops.io).
+
 ### Managing your access tokens
+
 To create a new personal access token, go to [Access Tokens management](https://app.zerops.io/settings/token-management) and click "Generate a new access token".
-  
+
 You may delete an access token anytime.
+
 ### Using access tokens
+
 You may use an access token to access Zerops using this command:
+
 ```sh
-zcli login 
+zcli login <token>
 ```
 
 ----------------------------------------
 
 # References > Github Integration
 
+
 Discover how to seamlessly integrate your GitHub repository with Zerops for automated builds and deployments.
+
 You can choose between two powerful integration approaches: direct integration through the Zerops GUI for straightforward setup, or GitHub Actions for more customized deployment workflows.
+
 This guide walks you through both integration methods, helping you choose and implement the approach that best fits your team's needs.
+
 ---
+
 ## Prerequisites
+
 Before starting the integration process, ensure your repository contains a valid `zerops.yaml` configuration file located in the root directory. This file is essential for defining the build, deploy, and run processes.
 For detailed information on how to create or modify this file, refer to the [Zerops YAML configuration](/zerops-yaml/specification) guide.
+
 ---
+
 ## Integration via Zerops GUI
+
 Follow these steps to connect your GitHub repository directly with Zerops:
+
 1. **Access Service Settings**
+
    - Log into the [**Zerops GUI**](https://app.zerops.io/)
    - Select the relevant service from your dashboard.
    - In the left-hand menu, navigate to **Build, Deploy, Run Pipeline Settings**.
+
 2. **Connect to GitHub**
+
    - Click **Connect with a GitHub repository**
    - You'll be prompted to authorize Zerops to access your GitHub account.
    - Grant the necessary permissions for Zerops to manage webhooks and fetch your code.
+
 :::note
 Zerops requires full access to your repository in order to configure webhooks and pull the latest code changes. However, Zerops does not store your source code unless explicitly specified by you.
 :::
+
 3. **Select Repository and Trigger**
+
    - Choose the GitHub repository you'd like to integrate with Zerops.
    - Configure the trigger that will initiate a build:
      - **New tag**: Builds are triggered whenever a new tag is created. This is the recommended option for production deployments.
        - You can optionally add a regular expression (regex) to filter specific tags.
      - **Push to branch**: Builds are triggered on every push to a specified branch, such as `main` or `develop`.
+
 4. **Finalize Setup**
+
    - Review and confirm your settings to complete the integration process.
    - Your GitHub repository is now connected, and builds will be triggered based on the configured triggers.
-  
+
 ---
+
 ### Skip the automatic pipeline once
+
 To ensure that a pipeline is not triggered by a specific commit, add `[ci skip]` or `[skip ci]` to the commit message. It is case insensitive.
+
 :::note
 You will still see a successful delivery of a webhook in your GitHub repository as a webhook is actually triggered, but with no action.
 :::
+
 ---
+
 ### Disconnecting Your Repository
+
 To disconnect your GitHub repository from Zerops:
+
 1. Navigate to the **Service Details** page for the relevant service
 1. Select **Build, Deploy, Run Pipeline Settings** from the menu.
 1. Click **Stop automatic build trigger**
+
 **This action will remove the GitHub webhook and delete the associated integration configuration, effectively halting automated builds from this repository.**
-  
+
 ### Authorizing Access to Organizations
+
 If you want to authorize Zerops to access a specific organization, you can do so by clicking on the **Grant** from [GitHub Applications Settings](https://github.com/settings/connections/applications/4408deded6c1fed7193c).
+
 ---
+
 ## GitHub Workflow Integration
+
 As an alternative to direct integration, you can use GitHub Actions to manage your deployments. This approach gives you more control over your deployment workflow and allows integration with other CI/CD processes.
+
 ### GitHub Workflow using Zerops Actions
+
 1. **Create Workflow Configuration**
+
    Create a new file at `.github/workflows/deploy.yaml` in your repository:
+
    ```yaml
    name: Deploy to Zerops
-   
+
    on:
      push:
        branches:
          - main
-   
+
    jobs:
      deploy:
        runs-on: ubuntu-latest
-   
+
        steps:
          - name: Checkout code
            uses: actions/checkout@v3
-   
+
          - name: Deploy with Zerops
            uses: zeropsio/actions@main
            with:
              access-token: ${{ secrets.ZEROPS_TOKEN }}
              service-id: your-service-id
    ```
+
 2. **Generate Access Token**
+
    - Navigate to [**Settings > Access Token Management**](https://app.zerops.io/settings/token-management) in your Zerops dashboard
    - Generate a new access token with appropriate permissions
    - Copy this token for use in GitHub secrets
+
 3. **Locate Service ID**
+
    - Go to your service dashboard and click the three dots menu → **Copy Service ID**
-   - Alternatively, find it in your service URL: `https://app.zerops.io/service-stack//dashboard`
+   - Alternatively, find it in your service URL: `https://app.zerops.io/service-stack/<your-service-id>/dashboard`
+
 4. **Configure GitHub Secrets**
+
    - Go to your GitHub repository settings
    - Navigate to **Settings** > **Secrets and variables** > **Actions** > **Repository secrets**
    - Add a new secret named `ZEROPS_TOKEN` with your access token value
+
 :::note
 Keep your access token secure and never commit it directly to your repository. The token provides administrative access to your Zerops resources.
 :::
+
 For more information about GitHub Actions, refer to the [official GitHub Actions documentation](https://docs.github.com/en/actions).
 
+
 ----------------------------------------
 
 # References > Gitlab Integration
 
+
 Discover how to seamlessly integrate your GitLab repository with Zerops for automated builds and deployments.
+
 This guide walks you through the step-by-step process to link your repository, configure triggers, and manage your integrations efficiently.
+
 ---
+
 ## Prerequisites
+
 Before starting the integration process, ensure your repository contains a valid `zerops.yaml` configuration file located in the root directory. This file is essential for defining the build, deploy, and run processes.
 For detailed information on how to create or modify this file, refer to the [Zerops YAML configuration](/zerops-yaml/specification) guide.
+
 ---
+
 ## Integration Steps
+
 Follow these steps to connect your Gitlab repository with Zerops:
+
 1. **Access Service Settings**
+
    - Log into the [**Zerops GUI**](https://app.zerops.io/)
    - Select the relevant service from your dashboard.
    - In the left-hand menu, navigate to **Build, Deploy, Run Pipeline Settings**.
+
 2. **Connect to GitLab**
+
    - Click **Connect with a GitLab repository**
    - You'll be prompted to authorize Zerops to access your GitLab account.
    - Grant the necessary permissions for Zerops to manage webhooks and fetch your code.
+
 :::note
 Zerops requires full access to configure webhooks and download your code. Your source code is not stored after the build process.
 :::
+
 3. **Select Repository and Trigger**
+
    - Choose the repository to integrate
    - Select a trigger method:
      - **New tag**: Builds trigger on new tags
        - Optionally add a regex to filter tags
      - **Push to branch**: Builds trigger on pushes to a specific branch
+
 4. **Finalize Setup**
    - Confirm your settings to complete the integration
+
 -->
+
 ---
+
 ### Skip the automatic pipeline once
+
 To ensure that a pipeline is not triggered by a specific commit, add `[ci skip]` or `[skip ci]` to the commit message. It is case insensitive.
+
 :::note
 You will still see a successful delivery of a webhook in your GitLab repository as a webhook is actually triggered, but with no action.
 :::
+
 ---
+
 ## Disconnecting Your Repository
+
 To disconnect your GitLab repository from Zerops:
+
 1. Navigate to the **Service Details** page for the relevant service
 1. Select **Build, Deploy, Run Pipeline Settings** from the menu.
 1. Click **Stop automatic build trigger**
+
 **This action will remove the GitLab webhook and delete the associated integration configuration, effectively halting automated builds from this repository.**
-  
+
 
 ----------------------------------------
 
 # References > Import Yaml > Pre Processor
 
+
 The `yamlPreprocessor` option in your project & service import YAML allows you to generate random secret values, passwords, and public/private key pairs for your secret environment variables.
+
 ---
+
 ## How does it work?
+
 The `yamlPreprocessor=on` is required as the first line in your import YAML to enable the preprocessor.
+
 ```yaml
 #yamlPreprocessor=on
 project:
@@ -20255,103 +28995,145 @@ services:
     enableSubdomainAccess: true
     envSecrets:
       # yamlPreprocessor feat: generates a random 64 char and stores it
-      SECRET_KEY: )>
-    
+      SECRET_KEY: <@generateRandomString(<64>)>
+
   - hostname: db
     type: postgresql@16
     mode: HA
 ```
+
 After you've added the `yamlPreprocessor=on` line, the preprocessor will be enabled and you can now utilize the functions.
+
 ---
+
 ### How Preprocessing Works
+
 The YAML script processing happens in two sequential steps. During the first turn (preprocessing), the system scans for Zerops import functions and modifiers, evaluates them, and replaces function calls with their results. All this data is stored in memory.
+
 The second turn handles standard processing, where the system creates the imported project, instantiates all required services, and handles environment variables, including setting up any new ones as needed.
+
 ### Syntax Reference
-  
-      Sequence
-      Description
-    
-      `
-      The identifier of the beginning of a function expression syntax.
-    
-      `(`
-      The identifier of the beginning of the function parameters.
-    
-      `)`
-      The identifier of the end of the function parameters.
-    
-      `,`
-      A function parameters delimiter.
-    
-      `
-      Identifier of the beginning of a string expression (without @).
-    
-      `>`
-      The identifier of the end of a string expression or a function expression syntax.
-    
-      `|`
-      The separator between a string or a function expression content and a modifier name.
-    
-      `\`
-      Escaping character.
-    
-      `\<>|`
-      Characters that need to be escaped to print them out.
-    
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr className="">
+      <th className="w-fit">Sequence</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody className="">
+    <tr>
+      <td className="w-fit">`<@`</td>
+      <td className="w-fit ">The identifier of the beginning of a function expression syntax.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">`(`</td>
+      <td className="w-fit">The identifier of the beginning of the function parameters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">`)`</td>
+      <td className="w-fit">The identifier of the end of the function parameters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">`,`</td>
+      <td className="w-fit">A function parameters delimiter.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">`<`</td>
+      <td className="w-fit">Identifier of the beginning of a string expression (without @).</td>
+    </tr>
+    <tr>
+      <td className="w-fit">`>`</td>
+      <td className="w-fit">The identifier of the end of a string expression or a function expression syntax.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">`|`</td>
+      <td className="w-fit">The separator between a string or a function expression content and a modifier name.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">`\`</td>
+      <td className="w-fit">Escaping character.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">`\<>|`</td>
+      <td className="w-fit">Characters that need to be escaped to print them out.</td>
+    </tr>
+  </tbody>
+</table>
+
 :::note
 All functions in the preprocessor return values as strings, regardless of the operation performed. This includes numeric operations, random generation, and variable manipulation.
 :::
+
 ---
+
 ## Parameter Data Types
+
 Functions generally support 2 types of parameters.
+
 ### String expressions
-- Value is enclosed in `` characters.
-- Spaces between `` are NOT trimmed.
+
+- Value is enclosed in `<` and `>` characters.
+- Spaces between `<` and `>` are NOT trimmed.
 - When the value is passed as a function parameter, it's always a string.
+
 ```yaml
-# String expression: 
-SECRET_KEY: )>
-# String expressions:  and 
-RANDOM_RANGE: , )>
-# String expressions: , , 
-PICK_VALUE: , , )>
+# String expression: <16>
+SECRET_KEY: <@generateRandomString(<16>)>
+# String expressions: <1> and <100>
+RANDOM_RANGE: <@generateRandomInt(<1>, <100>)>
+# String expressions: <red>, <green>, <blue>
+PICK_VALUE: <@pickRandom(<red>, <green>, <blue>)>
 ```
+
 ### Variable reference names
+
 Variables are used to store and reuse values across your configuration. They can be created using functions like `setVar` and retrieved using `getVar`.
-- Variable references are NOT enclosed in `` when used with `getVar`
+
+- Variable references are NOT enclosed in `<` and `>` when used with `getVar`
 - Variable names are case-sensitive
 - Spaces before and after the reference name are trimmed
 - Returns an error if the variable doesn't exist
+
 ```yaml
 # Stores a value in myPassword variable
-PASSWORD: , )>)>
+PASSWORD: <@setVar(<myPassword>, <@generateRandomString(<30>)>)>
+
 # Retrieves the stored value (myPassword)
-HASHED_PASSWORD: 
+HASHED_PASSWORD: <@getVar(myPassword)|sha256>
 # Reuses the stored value (myPassword)
-SAME_PASSWORD_AGAIN: 
+SAME_PASSWORD_AGAIN: <@getVar(myPassword)>
 ```
+
 :::tip Internal processing of function parameters
 All parameters are handled as strings internally. For functions that expect numbers (like `generateRandomString`), the string values are automatically converted to numbers during processing.
 :::
+
 ---
+
 ## Nested Expressions
+
 The preprocessor supports nested function and string expressions, allowing you to:
 - Combine multiple functions
 - Use function outputs as inputs for other functions
 - Nest string expressions within other strings
 - Create complex, multi-level expressions
+
 ### Examples of Nesting with Environment Variables
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    NESTED_STRINGS:  content>
-    NESTED_FUNCTIONS: , )>)>
-    EVEN_MORE_NESTING: , , )>)>)>
+    NESTED_STRINGS: <Base and <Nested> content>
+    NESTED_FUNCTIONS: <@generateRandomString(<@generateRandomInt(<20>, <50>)>)>
+    EVEN_MORE_NESTING: <@setVar(<refVarName>, <@generateRandomString(<@generateRandomInt(<20>, <30>)>)>)>
 ```
+
 ### Outputs of Nesting with Environment Variables
+
 ```yaml
 #yamlPreprocessor=on
 services:
@@ -20362,291 +29144,450 @@ services:
     NESTED_FUNCTIONS: "58580f0ad377a8e4c0dccc1622e2d3812b90"
     EVEN_MORE_NESTING: "73bcd2b647293dd04674cdecc"
 ```
+
 ### Escaping to Print Reserved Characters
+
 Reserved characters `\<>|` have to be escaped using the `\` backslash to print them out. It's mandatory to escape the `\` character itself.
+
 :::caution
 The YAML processing happens in two sequential phases:
 1. **Preprocessing Phase**: Evaluates functions, modifiers, and replaces them with results
 2. **YAML Processing Phase**: Creates project, services, and handles environment variables
+
 Each phase processes escape characters, so backslashes need to be escaped twice:
+
 - If you want to output a single backslash `\`, you need to use four backslashes `\\\\`
 - Example:
+
 Input: `FILE_PATH: value\\\\with\\\\backslashes`
+
 Output: `FILE_PATH: value\with\backslashes`
-It means that if `DIR: ` is used, the final value stored in the environment variable will be just `\`. The same is true for any value with backslashes, like `SERVER: True\\\\False`, where the stored result will be `True\False`.
+
+It means that if `DIR: <\\\\>` is used, the final value stored in the environment variable will be just `\`. The same is true for any value with backslashes, like `SERVER: True\\\\False`, where the stored result will be `True\False`.
 :::
+
 ### Examples of Correct Function Expressions
+
 ```yaml
 # Function will receive one parameter as the string constant value of: 30
-)>
+<@generateRandomString(<30>)>
 # Function will receive two parameters as the string constant values of: 200 and 1000
-, )>
+<@generateRandomInt(<200>, <1000>)>
 # It's possible to nest functions one into the other.
-, )>)>
+<@generateRandomString(<@generateRandomInt(<200>, <1000>)>)>
 # Using commas inside a string constant passed as the parameter is possible.
 # The passed value is stored as internal variable under the name: commentValue
-, )>
+<@setVar(<commentValue>, <By the way, this is the text passed over as a value.>)>
 # Function will receive one parameter as the internal variable reference: commentValue
 # Its value is returned as a string if such an internal variable exists. If not, an error returns.
+<@getVar(commentValue)>
 # Examples of function expressions with escaped characters:
-\               # Output: 
-\)\>           # Output: )>
-\, \)\>      # Output: , )>
-\\, \)\>     # Output: , )>
-\, )\>          # Output: 
+\<@generateRandomString(30)\>               # Output: <@generateRandomString(30)>
+\<@generateRandomString(\<30\>)\>           # Output: <@generateRandomString(<30>)>
+\<@generateRandomInt(\<30\>, \<80\>)\>      # Output: <@generateRandomInt(<30>, <80>)>
+\<@generateRandomInt(\<30\>\, \<80\>)\>     # Output: <@generateRandomInt(<30>, <80>)>
+\<@generateRandomInt(<30>, <80>)\>          # Output: <@generateRandomInt(30, 80)>
 ```
+
 ---
+
 :::tip What happens with environment variable references
 Environment variable reference might need to be used as a part of string expressions. From the parsing point of view on the pre-processing level, they have not been recognized as something special but just a regular string, and they will be transparently passed without any modification. The second standard parsing turn only evaluates them.
 :::
+
 ```yaml
+
 # The part ` {ITEM_VALUE` is taken as a regular text when storing a string value as an internal variable.
-, )>
+<@setVar(<commentValue>, <By the way, this ${ITEM_VALUE} is text passed over as a value.>)>
 # The returned value will be exactly the same when retrieving the previously stored value.
-)>
+<@getVar(<commentValue>)>
 # The returned value will be: By the way, this  {ITEM_VALUE} is text passed over as a value.
+
 ```
+
 ---
+
 ## List of import functions
+
 :::caution Important reminder
 If you don't use the `yamlPreprocessor=on` line at the beginning of your import YAML script, the preprocessor will not be enabled and the functions will not work.
+
 The `type: nodejs@latest` is just an example. The functions are available for all runtime types.
 :::
+
 ---
+
 ### generateRandomString (length)
+
 This function generates a random string of specified length using alphanumeric characters and some special characters (`_`, `-`, `.`). It's useful for creating random passwords, API keys, or any other secret values that needs to be unique and unpredictable.
-  
-      Field
-      Details
-    
-      Syntax:
-      `)>`
-    
-      Limitation:
-      Length of the string should be an *integer* between `1` and `1024` characters. eg. ``, ``, ``.
-    
-      Output:
-      hR5hS79H4p
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@generateRandomString(<10>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Limitation:</td>
+      <td className="w-fit">Length of the string should be an *integer* between `1` and `1024` characters. eg. `<10>`, `<512>`, `<1024>`.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">hR5hS79H4p</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    RANDOM_STRING: )>
+    RANDOM_STRING: <@generateRandomString(<10>)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 RANDOM_STRING: 58580f0ad377a8e4c0dccc1622e2d3812b90
 ```
+
 ---
+
 ### generateRandomBytes (length)
+
 This function generates requested amount of cryptographically random bytes. It is useful for creating random passwords, API keys, or any other secret values that needs to be unique and unpredictable.
-  
-      Field
-      Details
-    
-      Syntax:
-      `)>`
-    
-      Limitation:
-      Length of the string should be an *integer* between `1` and `1024` characters. eg. ``, ``, ``.
-    
-      Output:
-      hR5hS79H4p
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@generateRandomBytes(<10>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Limitation:</td>
+      <td className="w-fit">Length of the string should be an *integer* between `1` and `1024` characters. eg. `<10>`, `<512>`, `<1024>`.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">hR5hS79H4p</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    RANDOM_STRING: )>
+    RANDOM_STRING: <@generateRandomString(<10>)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 RANDOM_STRING: 58580f0ad377a8e4c0dccc1622e2d3812b90
 ```
+
 ---
+
 ### generateRandomInt (min, max)
+
 This function generates a random integer within a specified range (inclusive). It's particularly useful when you need random numeric values, like ports, timeouts, or any other configuration that requires random numbers within specific bounds.
-  
-      Field
-      Details
-    
-      Syntax:
-      `, )>`
-    
-      Minimum:
-      Required minimum (inclusive) as a signed integer (from -4,611,686,018,427,387,903 to 4,611,686,018,427,387,903).
-    
-      Maximum:
-      Required maximum (inclusive) as a signed integer (from -4,611,686,018,427,387,903 to 4,611,686,018,427,387,903).
-    
-      Output:
-      823
-    
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@generateRandomInt(<200>, <1000>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Minimum:</td>
+      <td className="w-fit">Required minimum (inclusive) as a signed integer (from -4,611,686,018,427,387,903 to 4,611,686,018,427,387,903).</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Maximum:</td>
+      <td className="w-fit">Required maximum (inclusive) as a signed integer (from -4,611,686,018,427,387,903 to 4,611,686,018,427,387,903).</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">823</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    RANDOM_INT: , )>
+    RANDOM_INT: <@generateRandomInt(<200>, <1000>)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 RANDOM_INT: 823
 ```
+
 ---
+
 ### pickRandom (...param)
-  
-      Field
-      Details
-    
-      Syntax:
-      `, , , , , )>`
-    
-      Parameters:
-      The required parameters from which the selection will be made. eg. ``, ``, ``, etc.
-    
-      Output:
-      1024
-    
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-full">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@pickRandom(<640>, <800>, <1024>, <1280>, <1440>, <1920>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Parameters:</td>
+      <td className="w-fit">The required parameters from which the selection will be made. eg. `<1101>`, `<800>`, `<1920>`, etc.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">1024</td>
+    </tr>
+  </tbody>
+</table>
+
 This function randomly selects one value from a list of provided options. It's helpful when you want to randomly assign values from a predefined set, such as screen resolutions, configuration options, or any other scenario where you need random selection from specific choices.
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    PICK_RANDOM: , , , , , )>
+    PICK_RANDOM: <@pickRandom(<640>, <800>, <1024>, <1280>, <1440>, <1920>)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 PICK_RANDOM: 1024
 ```
+
 ---
+
 ### setVar (name, content)
+
 This function stores a value in memory for later use and returns the stored value. It's particularly useful when you need to reuse the same generated value multiple times in your configuration, ensuring consistency across different environment variables.
-  
-      Field
-      Details
-    
-      Syntax:
-      `, )>)>`
-    
-      Variable:
-      The required parameter of the internal variable name under which the provided content can be retrieved later using getVar function. The chosen name is case-sensitive. eg. ``, ``, etc
-    
-      Content:
-      Any text you want to be stored, including composition using functions. Already existing variable with the same name is overwritten.
-    
-      Output:
-      N4KdtM41WskS74wx
-    
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@setVar(<plainPassword>, <@generateRandomString(<16>)>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Variable:</td>
+      <td className="w-fit">The required parameter of the internal variable name under which the provided content can be retrieved later using [getVar](#getvar) function. The chosen name is case-sensitive. eg. `<varName>`, `<plainPassword>`, etc</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Content:</td>
+      <td className="w-fit">Any text you want to be stored, including composition using functions. Already existing variable with the same name is overwritten.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">N4KdtM41WskS74wx</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    SET_VAR: , )>)>
+    SET_VAR: <@setVar(<plainPassword>, <@generateRandomString(<16>)>)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 SET_VAR: N4KdtM41WskS74wx
 ```
+
 ---
+
 ### getVar (name)
+
 This function retrieves a previously stored value from memory. It works in conjunction with setVar and other storage functions to access values that were generated or stored earlier in the configuration process. eg. `plainPassword`
-  
-      Field
-      Details
-    
-      Syntax:
-      ``
-    
-      Variable:
-      The required parameter of the internal variable name that is case-sensitive. The parameter is used as a reference, so it MUST NOT be enclosed in &lt; and &gt;. eg. `(plainPassword)`, `(varName)`, etc
-    
-      Output:
-      N4KdtM41WskS74wx
-    
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@getVar(plainPassword)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Variable:</td>
+      <td className="w-fit">The required parameter of the internal variable name that is case-sensitive. The parameter is used as a reference, so it MUST NOT be enclosed in &lt; and &gt;. eg. `(plainPassword)`, `(varName)`, etc</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">N4KdtM41WskS74wx</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    GET_VAR: 
+    GET_VAR: <@getVar(plainPassword)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 GET_VAR: N4KdtM41WskS74wx
 ```
+
 ---
+
 ### generateRandomStringVar (name, length)
+
 This function combines the functionality of `generateRandomString` and `setVar`. It generates a random string and automatically stores it under a specified variable name for later use.
+
 The output contains only a random combination of alphanumeric characters (`a-zA-Z0-9`) and select special characters (`_`, `-`, `.`).
-  
-      Field
-      Details
-    
-      Syntax:
-      `, )>`
-    
-      Variable:
-      The required parameter of the internal variable name under which the provided content can be retrieved later using getVar function. The chosen name is case-sensitive. eg. ``, ``, etc
-    
-      Limitation:
-      Required length of the string to be generated in characters (maximum allowed value is 1024).
-    
-      Output:
-      hR5hS79H4p
-    
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@generateRandomStringVar(<plainPassword>, <10>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Variable:</td>
+      <td className="w-fit">The required parameter of the internal variable name under which the provided content can be retrieved later using [getVar](#getvar) function. The chosen name is case-sensitive. eg. `<plainPassword>`, `<varName>`, etc</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Limitation:</td>
+      <td className="w-fit">Required length of the string to be generated in characters (maximum allowed value is 1024).</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">hR5hS79H4p</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    GENERATE_RANDOM_STRING_VAR: , )>
+    GENERATE_RANDOM_STRING_VAR: <@generateRandomStringVar(<plainPassword>, <10>)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 GENERATE_RANDOM_STRING_VAR: hR5hS79H4p
 ```
+
 ---
+
 ### generateJWT (tokenSecret, jsonPayload)
+
 This function generates a JWT (JSON Web Token) signed by HS256 algorithm using provided secret and payload. The payload MUST be a valid JSON value. Default values for `iss` and `iat` are set to `zerops` and current timestamp respectively.
-  
-      Field
-      Details
-    
-      Syntax:
-      `, )>`
-    
-      Token Secret:
-      The required secret (`string`) used to sign your JWT.
-    
-      JSON Payload:
-      The required payload part of the JWT (`string`) in JSON format.
-    
-      Output:
-      eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiYWRtaW4iLCJpYXQiOjE3Mjkw
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@generateJWT(<tokenSecret>, <jsonPayload>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Token Secret:</td>
+      <td className="w-fit">The required secret (`string`) used to sign your JWT.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">JSON Payload:</td>
+      <td className="w-fit">The required payload part of the JWT (`string`) in JSON format.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiYWRtaW4iLCJpYXQiOjE3Mjkw
       Njk4NTcsImlzcyI6Inplcm9wcyJ9.xPrqHDtGhK5c7WMJliguwBeKI29qzAoD7KXrtACb
-      jio
-    
+      jio</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
@@ -20654,79 +29595,114 @@ services:
   type: nodejs@20
   envSecrets:
     # Using a fixed secret string
-    JWT_FIXED: , )>
-    
+    JWT_FIXED: <@generateJWT(<fixedSecretString>, <{"role":"admin","exp":1798761600}>)>
+
     # Using an empty payload
-    JWT_EMPTY: , )>
-    
+    JWT_EMPTY: <@generateJWT(<fixedSecretString>, <{}>)>
+
     # Generate and store a random secret, then use it
-    JWT_RANDOM: , )>, )>
-    
+    JWT_RANDOM: <@generateJWT(<@generateRandomStringVar(<jwtSecretKey>, <32>)>, <{"role":"admin","exp":1798761600}>)>
+
     # Use a previously stored secret
-    JWT_STORED: , )>
+    JWT_STORED: <@generateJWT(<@getVar(jwtSecretKeyVar)>, <{"role":"admin","exp":1798761600}>)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 JWT_FIXED: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiYWRtaW4iLCJleHAiOjE3OTg3NjE2MDAsImlhdCI6MTcyOTA2OTYzMiwiaXNzIjoiemVyb3BzIn0.xPrqHDtGhK5c7WMJliguwBeKI29qzAoD7KXrtACbjio
+
 JWT_EMPTY: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MjkwNjk4NTcsImlzcyI6Inplcm9wcyJ9.xPrqHDtGhK5c7WMJliguwBeKI29qzAoD7KXrtACbjio
+
 JWT_RANDOM: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiYWRtaW4iLCJleHAiOjE3OTg3NjE2MDAsImlhdCI6MTcyOTA2OTYzMiwiaXNzIjoiemVyb3BzIn0.ksbck_HQv44YXbqJk6lDrGFYTq3nmLydFIe0Xlejk5Q
+
 JWT_STORED: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyb2xlIjoiYWRtaW4iLCJleHAiOjE3OTg3NjE2MDAsImlhdCI6MTcyOTA2OTYzMiwiaXNzIjoiemVyb3BzIn0.O0RaXzGFwj2t8P2kc4nU4PfuI43-dAuAl2d0T1uUlEE
 ```
+
 ---
+
 ### getDateTime (format, [timezone])
+
 This function returns the current date and time formatted according to your specifications. It's useful for timestamps, logging, and any scenario where you need the current time in a specific format and timezone.
-Returns the current date and time in a specified mask pattern and a chosen timezone.
-  
-      Field
-      Details
-    
-      Syntax:
-      `, )>`
-    
-      Mask:
-      The required parameter of the chosen timezone.
-      eg. ``
-    
-      Timezone:
-      
+
+Returns the current date and time in a [specified mask pattern](#masking) and a chosen timezone.
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@getDatetime(<DD.MM.YYYY HH:mm:ss>, <CET>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Mask:</td>
+      <td className="w-fit">The required parameter of the chosen timezone.
+      eg. `<DD.MM.YYYY HH:mm:ss>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Timezone:</td>
+      <td className="w-fit">
         The optional parameter of the chosen timezone. It's possible to select from three different formats: Abbreviation, Location, and POSIX. If not specified, the GMT timezone is set by default.
-        You can see the complete listing of all possible values. POSIX format uses the opposite sign. Times to the west are positive, to the east negative.
+
+        You can see the complete listing of [all possible values](https://nodatime.org/TimeZones). POSIX format uses the opposite sign. Times to the west are positive, to the east negative.
+
         For Central European Time, you can use `CET`, `Europe/Prague`, `Etc/GMT-2` (summer), `Etc/GMT-1` (winter). Abbreviated and location formats return values with the currently valid DST.
-        eg. ``, ``, ``
-      
-      Output:
-      11.12.2022 18:06:13
-    
+
+        eg. `<CET>`, `<Europe/Prague>`, `<Etc/GMT-2>`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Output:</td>
+      <td className="w-fit">11.12.2022 18:06:13</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 ```yaml
 #yamlPreprocessor=on
 services:
 - hostname: app
   type: nodejs@20
   envSecrets:
-    GET_DATETIME: , )>
+    GET_DATETIME: <@getDatetime(<DD.MM.YYYY HH:mm:ss>, <CET>)>
 ```
+
 #### Output of import YAML
+
 ```yaml
 GET_DATETIME: 11.12.2022 18:06:13
 ```
+
 #### Masking
-  
-    When using the `getDateTime` function, you can customize the output format using various masks. Here's a comprehensive list of available format patterns:
+
+#### Date and Time Format
+
+When using the `getDateTime` function, you can customize the output format using various masks. Here's a comprehensive list of available format patterns:
+
     #### Year
     - `YYYY` - Full year (e.g., 2024)
     - `YY` - Two-digit year (e.g., 24)
+
     #### Month
     - `MMMM` - Full month name (e.g., January)
     - `MMM` - Short month name (e.g., Jan)
     - `MM` - Two-digit month (e.g., 01)
     - `M` - Single-digit month (e.g., 1)
+
     #### Day
     - `DDDD` - Day of year with leading zeros (e.g., 001, 002, ..., 365)
     - `DD` - Day of month with leading zeros (e.g., 01, 02, ..., 31)
     - `D` - Day of month without leading zeros (e.g., 1, 2, ..., 31)
     - `dddd` - Full weekday name (e.g., Monday)
     - `ddd` - Short weekday name (e.g., Mon)
+
     #### Time
     - `HH` - 24-hour format with leading zeros (e.g., 00, 01, ..., 23)
     - `hh` - 12-hour format with leading zeros (e.g., 01, 02, ..., 12)
@@ -20736,75 +29712,108 @@ GET_DATETIME: 11.12.2022 18:06:13
     - `ss` - Seconds with leading zeros (e.g., 00, 01, ..., 59)
     - `s` - Seconds without leading zeros (e.g., 0, 1, ..., 59)
     - `S` - Microseconds (e.g., 000000...999999)
+
     #### Period
     - `A` - Uppercase meridiem (AM, PM)
     - `a` - Lowercase meridiem (am, pm)
+
     #### Timezone
     - `ZZZ` - Timezone abbreviation (e.g., UTC, CET)
     - `zz` - Timezone offset with colon (e.g., +00:00, +01:00)
     - `Z` - Timezone offset without colon (e.g., +0000, +0100)
+
     #### Usage of different masks
+
     ```yaml
     #yamlPreprocessor=on
     services:
       - hostname: app
         type: nodejs@20
         envSecrets:
-          TIMESTAMP: , )>
-          FRIENDLY_DATE: , )>
+          TIMESTAMP: <@getDateTime(<YYYY-MM-DD HH:mm:ss>, <UTC>)>
+          FRIENDLY_DATE: <@getDateTime(<dddd, MMM D, YYYY 'at' h:mma>, <UTC>)>
     ```
-  
+
 ---
+
 :::tip Example Usage for Environment Variables
 - For Multiline Generation use:
 ```yaml
 APP_PUBLIC_KEY: |
-      
+      <@getVar(KeyPublic)>
 ```
+
 - For Single Value Generation use:
 ```yaml
-APP_PUBLIC_KEY_SSH: 
+APP_PUBLIC_KEY_SSH: <@getVar(KeyPublicSsh)>
 ```
 :::
+
 ---
+
 ### generateED25519Key (name)
-Generates public and private ED25519 key pairs (including SSH) and stores them for later use as internal variables with names using the base name and variants.
-  
-      Field
-      Details
-    
-      Syntax:
-      `)>`
-    
-      Variants:
-      The base name parameter stores all generated key versions as internal variables, combined with the Available Variants.
-    
-#### Available Variants
-  
-      Variant
-      Description
-      Retrieving the value
-    
-      Public
-      Public key version. This value is also returned by the called function.
-      ``
-    
-      PublicSsh
-      SSH formatted public key version. For use as the authorized key file.
-      ``
-    
-      Private
-      Private key version in the standard format. Not usable for OpenSSH.
-      ``
-    
-      PrivateSsh
-      Private key version in the OpenSSH format.
-      ``
-    
-#### Usage in import YAML
-:::caution
-  These Generated keys are formatted as multiline strings. That means using the `|` syntax is necessary in import YAML.
-:::
+
+Generates public and private [ED25519](https://en.wikipedia.org/wiki/EdDSA) key pairs (including SSH) and stores them for later use as internal variables with names using the base name and variants.
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@generateED25519Key(<Key>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Variants:</td>
+      <td className="w-fit">The base name parameter stores all generated key versions as internal variables, combined with the [Available Variants](#available-variants).</td>
+    </tr>
+  </tbody>
+</table>
+
+#### Available Variants
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Variant</th>
+      <th className="w-fit">Description</th>
+      <th className="w-fit">Retrieving the value</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Public</td>
+      <td className="w-fit">Public key version. This value is also returned by the called function.</td>
+      <td className="w-fit">`<@getVar(KeyPublic)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit">PublicSsh</td>
+      <td className="w-fit">SSH formatted public key version. For use as the authorized key file.</td>
+      <td className="w-fit">`<@getVar(KeyPublicSsh)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Private</td>
+      <td className="w-fit">Private key version in the standard format. Not usable for OpenSSH.</td>
+      <td className="w-fit">`<@getVar(KeyPrivate)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit">PrivateSsh</td>
+      <td className="w-fit">Private key version in the OpenSSH format.</td>
+      <td className="w-fit">`<@getVar(KeyPrivateSsh)>`</td>
+    </tr>
+  </tbody>
+</table>
+
+#### Usage in import YAML
+
+:::caution
+  These Generated keys are formatted as multiline strings. That means using the `|` syntax is necessary in import YAML.
+:::
+
 ```yaml
 #yamlPreprocessor=on
 services:
@@ -20812,52 +29821,69 @@ services:
   type: nodejs@20
   envSecrets:
     GENERATED_PUBLIC_KEY: |
-      )>
+      <@generateED25519Key(<Key>)>
     APP_PUBLIC_KEY: |
-      
-    APP_PUBLIC_KEY_SSH: 
+      <@getVar(KeyPublic)>
+    APP_PUBLIC_KEY_SSH: <@getVar(KeyPublicSsh)>
     APP_PRIVATE_KEY: |
-      
+      <@getVar(KeyPrivate)>
     APP_PRIVATE_KEY_SSH: |
-      
+      <@getVar(KeyPrivateSsh)>
 ```
+
 #### Output of import YAML
+
 :::info
   You can clearly see the multiline strings and the `|` syntax in Output.
 :::
-  
-    - Generated as a multiline value
+
+#### GENERATED_PUBLIC_KEY
+
+- Generated as a multiline value
     - The same value as in APP_PUBLIC_KEY.
+
     ```yaml
     GENERATED_PUBLIC_KEY: |
       -----BEGIN PUBLIC KEY-----
       MCowBQYDK2VwAyEAu0/gEIpNUbVdqA20lVl+ZD+5/zzfVK4exrgGLxgQQRU=
       -----END PUBLIC KEY-----
     ```
-  
-    - Generated as a multiline value.
+
+#### APP_PUBLIC_KEY
+
+- Generated as a multiline value.
     - The same value as in GENERATED_PUBLIC_KEY.
+
     ```yaml
     APP_PUBLIC_KEY: |
       -----BEGIN PUBLIC KEY-----
       MCowBQYDK2VwAyEAu0/gEIpNUbVdqA20lVl+ZD+5/zzfVK4exrgGLxgQQRU=
       -----END PUBLIC KEY-----
     ```
-  
-    - Generated as a single value
+
+#### APP_PUBLIC_KEY_SSH
+
+- Generated as a single value
+
     ```yaml
     APP_PUBLIC_KEY_SSH: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILtP4BCKTVG1XagNtJVZfmQ/uf8831SuHsa4Bi8YEEEV
     ```
-  
-    - Generated as a multiline value
+
+#### APP_PRIVATE_KEY
+
+- Generated as a multiline value
+
     ```yaml
     APP_PRIVATE_KEY: |
       -----BEGIN PRIVATE KEY-----
       MC4CAQAwBQYDK2VwBCIEIFzW6uPLlMnse2Hqg4hlyTwtlWaPKHjyoaaBi/FfVxBQ
       -----END PRIVATE KEY-----
     ```
-  
-    - Generated as a multiline value
+
+#### APP_PRIVATE_KEY_SSH
+
+- Generated as a multiline value
+
     ```yaml
     APP_PRIVATE_KEY_SSH: |
       -----BEGIN OPENSSH PRIVATE KEY-----
@@ -20868,42 +29894,67 @@ services:
       ULtP4BCKTVG1XagNtJVZfmQ/uf8831SuHsa4Bi8YEEEVAAAAAAECAwQF
       -----END OPENSSH PRIVATE KEY-----
     ```
-  
+
 ---
+
 ### generateRSA2048Key (name)
-This Generates public and private RSA 2048bit key pairs (including SSH) and stores them for later use as internal variables with names using the base name and variants.
-  
-      Field
-      Details
-    
-      Syntax:
-      `)>`
-    
-      Variants:
-      The base name parameter stores all generated key versions as internal variables, combined with the Available Variants.
-    
+
+This Generates public and private [RSA 2048bit](https://en.wikipedia.org/wiki/RSA_(cryptosystem)) key pairs (including SSH) and stores them for later use as internal variables with names using the base name and variants.
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@generateRSA2048Key(<Key>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Variants:</td>
+      <td className="w-fit">The base name parameter stores all generated key versions as internal variables, combined with the [Available Variants](#available-variants).</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Available Variants
-  
-      Variant
-      Description
-      How to use with: `)>`
-    
-      Public
-      Public key version. This value is also returned by the called function.
-      ``
-    
-      PublicSsh
-      SSH formatted public key version. For use as the authorized key file.
-      ``
-    
-      Private
-      Private key version in the standard format.
-      ``
-    
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Variant</th>
+      <th className="w-fit">Description</th>
+      <th className="w-fit">How to use with: `<@generateRSA2048Key(<Key>)>`</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Public</td>
+      <td className="w-fit">Public key version. This value is also returned by the called function.</td>
+      <td className="w-fit">`<@getVar(KeyPublic)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit">PublicSsh</td>
+      <td className="w-fit">SSH formatted public key version. For use as the authorized key file.</td>
+      <td className="w-fit">`<@getVar(KeyPublicSsh)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Private</td>
+      <td className="w-fit">Private key version in the standard format.</td>
+      <td className="w-fit">`<@getVar(KeyPrivate)>`</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 :::caution
   These Generated keys are formatted as multiline strings. That means using the `|` syntax is necessary in import YAML.
 :::
+
 ```yaml
 #yamlPreprocessor=on
 services:
@@ -20912,20 +29963,25 @@ services:
   minContainers: 1
   envSecrets:
     GENERATED_PUBLIC_KEY: |
-      )>
+      <@generateRSA2048Key(<Key>)>
     APP_PUBLIC_KEY: |
-      
-    APP_PUBLIC_KEY_SSH: 
+      <@getVar(KeyPublic)>
+    APP_PUBLIC_KEY_SSH: <@getVar(KeyPublicSsh)>
     APP_PRIVATE_KEY: |
-      
+      <@getVar(KeyPrivate)>
 ```
+
 #### Output of import YAML
+
 :::info
   You can clearly see the multiline strings and the `|` syntax in Output.
 :::
-  
-    - Generated as a multiline value
+
+#### GENERATED_PUBLIC_KEY
+
+- Generated as a multiline value
     - The same value as in APP_PUBLIC_KEY.
+
     ```yaml
     GENERATED_PUBLIC_KEY: |
       -----BEGIN PUBLIC KEY-----
@@ -20938,9 +29994,12 @@ services:
       UwIDAQAB
       -----END PUBLIC KEY-----
     ```
-  
-    - Generated as a multiline value.
+
+#### APP_PUBLIC_KEY
+
+- Generated as a multiline value.
     - The same value as in GENERATED_PUBLIC_KEY.
+
     ```yaml
     APP_PUBLIC_KEY: |
       -----BEGIN PUBLIC KEY-----
@@ -20953,13 +30012,19 @@ services:
       UwIDAQAB
       -----END PUBLIC KEY-----
     ```
-  
-    - Generated as a single value
+
+#### APP_PUBLIC_KEY_SSH
+
+- Generated as a single value
+
     ```yaml
     APP_PUBLIC_KEY_SSH: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDJYwrH690Rv9bDX22tX0OiDvHp3gwIvi7nvp9V0OMEWFeNdisrRjSai+9g17vaq2mCBbwWcCIpsU1YwuvuZXXa7QkR0/NqpI5f9cpEpararvDJmMZTS5UsndF3ZjjIXKODrNu8DQeHkdGBufvGhExRtPea3WUE/4N4ciL17FO+2I1+k7RnVuJ2Ysu/MudqSDV6LxhacQAUmLzf8y5EyEhY4DfaHXhZVu+DhIDv75JMcXe4cv6Qcns/8p6oAIME9uBxz1LPtaxJMA7o92vLeysoI/rQAxpPY97AHnUC268VHyc/TlayQyB3zzsoddmOT02ENTkTTq/Pid/tre36K3RT
     ```
-  
-    - Generated as a multiline value
+
+#### APP_PRIVATE_KEY
+
+- Generated as a multiline value
+
     ```yaml
     APP_PRIVATE_KEY: |
       -----BEGIN PRIVATE KEY-----
@@ -21015,42 +30080,67 @@ services:
       A0bX/JM8kHjLlJNrtioxcT+dX4lL6/zT
       -----END PRIVATE KEY-----
     ```
-  
+
 ---
+
 ### generateRSA4096Key (name)
-This Function Generates public and private RSA 4096bit key pairs (including SSH) and stores them for later use as internal variables with names using the base name and variants.
-  
-      Field
-      Details
-    
-      Syntax:
-      `)>`
-    
-      Variants:
-      The base name parameter stores all generated key versions as internal variables, combined with the Available Variants.
-    
+
+This Function Generates public and private [RSA 4096bit](https://en.wikipedia.org/wiki/RSA_(cryptosystem)) key pairs (including SSH) and stores them for later use as internal variables with names using the base name and variants.
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Details</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Syntax:</td>
+      <td className="w-fit">`<@generateRSA4096Key(<Key>)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Variants:</td>
+      <td className="w-fit">The base name parameter stores all generated key versions as internal variables, combined with the [Available Variants](#available-variants).</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Available Variants
-  
-      Variant
-      Description
-      How to use with: `)>`
-    
-      Public
-      Public key version. This value is also returned by the called function.
-      ``
-    
-      PublicSsh
-      SSH formatted public key version. For use as the authorized key file.
-      ``
-    
-      Private
-      Private key version in the standard format.
-      ``
-    
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Variant</th>
+      <th className="w-fit">Description</th>
+      <th className="w-fit">How to use with: `<@generateRSA4096Key(<Key>)>`</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Public</td>
+      <td className="w-fit">Public key version. This value is also returned by the called function.</td>
+      <td className="w-fit">`<@getVar(KeyPublic)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit">PublicSsh</td>
+      <td className="w-fit">SSH formatted public key version. For use as the authorized key file.</td>
+      <td className="w-fit">`<@getVar(KeyPublicSsh)>`</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Private</td>
+      <td className="w-fit">Private key version in the standard format.</td>
+      <td className="w-fit">`<@getVar(KeyPrivate)>`</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Usage in import YAML
+
 :::caution
   These Generated keys are formatted as multiline strings. That means using the `|` syntax is necessary in import YAML.
 :::
+
 ```yaml
 #yamlPreprocessor=on
 services:
@@ -21058,20 +30148,25 @@ services:
   type: nodejs@16
   envSecrets:
     GENERATED_PUBLIC_KEY: |
-      )>
+      <@generateRSA4096Key(<Key>)>
     APP_PUBLIC_KEY: |
-      
-    APP_PUBLIC_KEY_SSH: 
+      <@getVar(KeyPublic)>
+    APP_PUBLIC_KEY_SSH: <@getVar(KeyPublicSsh)>
     APP_PRIVATE_KEY: |
-      
+      <@getVar(KeyPrivate)>
 ```
+
 #### Output of import YAML
+
 :::info
   You can clearly see the multiline strings and the `|` syntax in Output.
 :::
-  
-    - Generated as a multiline value
+
+#### GENERATED_PUBLIC_KEY
+
+- Generated as a multiline value
     - The same value as in APP_PUBLIC_KEY.
+
     ```yaml
     GENERATED_PUBLIC_KEY: |
       -----BEGIN PUBLIC KEY-----
@@ -21089,9 +30184,12 @@ services:
       LdzErIs9vEaox5Qe6l4lhAUCAwEAAQ==
       -----END PUBLIC KEY-----
       ```
-  
-    - Generated as a multiline value.
+
+#### APP_PUBLIC_KEY
+
+- Generated as a multiline value.
     - The same value as in GENERATED_PUBLIC_KEY.
+
     ```yaml
     APP_PUBLIC_KEY: |
       -----BEGIN PUBLIC KEY-----
@@ -21109,13 +30207,19 @@ services:
       LdzErIs9vEaox5Qe6l4lhAUCAwEAAQ==
       -----END PUBLIC KEY-----
     ```
-  
-    - Generated as a single value
+
+#### APP_PUBLIC_KEY_SSH
+
+- Generated as a single value
+
     ```yaml
     APP_PUBLIC_KEY_SSH: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWRgQntuMGJfMEwj9wLrBqNyUd13k1nRuzHZ3x5VJodRrPjX19M9gFXuY95zTJti6VOG+pZftzuTkf+MlW9NwFEe/g0OomY6UwfKfPj4/ib3MPiASg2o4Ixqu0mv3IrLOsGmU25J38gAVQI3oohW4+B7Vp+2+RnLQCx1FsweWpa8wR0ffQwl0LsWSEWyutfSxi+5pbYwWORBOKyESmGFqGBhMfl0KutBqNAGLt9IYS61bYIqnvfzHqE1uIH3/+ViNzMAr56xt8Lr5a+Y84Mmer1h1wnh6OHnOE6y2sw+876RO8OjMTnHq6v1HDnKHQyCNHxDvpqihy7hlyRtCpC9fuCJC94lB0Gf65xgJC55Jx7gGRSbdLUhN2XZdQeAGPtdidz5KqC8S02fhiDKe0C78hpUGD8MZU4GqvqlyiHoouBhKugkba7F0NeSOLVC9GPLdKNjt5AyCi72pQz8vXaBk8TIb7F+WeQ3NtLw8sgZj0XjXRtx/S6SSoTIOkIKB6hKsPV0k+Z7VaVJ+FpXPsr2CbwcH0iyCJC6A6hLQWnDnts26PLcFck7hE6UjE4BsBhXQhcyMTe5Yai3y4V5NWoHinkLO9NX2N2hBcpQWSSCbr0wSg33xAHROzcG1w5/n1fq46723CbWW3GcsfnaL/hPIt3MSsiz28RqjHlB7qXiWEBQ==
     ```
-  
-    - Generated as a multiline value
+
+#### APP_PRIVATE_KEY
+
+- Generated as a multiline value
+
     ```yaml
     APP_PRIVATE_KEY: |
       -----BEGIN PRIVATE KEY-----
@@ -21171,230 +30275,490 @@ services:
       A0bX/JM8kHjLlJNrtioxcT+dX4lL6/zT
       -----END PRIVATE KEY-----
     ```
-  
+
 ## Import modifiers
-Modifiers provide a simpler way to transform values compared to using functions alone. You can chain multiple modifiers together using the `|` symbol, making it easy to apply several transformations in sequence. They work with both string and function expressions - just add them between the `` markers, right before the closing `>`.
+
+Modifiers provide a simpler way to transform values compared to using functions alone. You can chain multiple modifiers together using the `|` symbol, making it easy to apply several transformations in sequence. They work with both string and function expressions - just add them between the `<` and `>` markers, right before the closing `>`.
+
 ---
+
 ### List of import modifiers
-  
-      Name
-      Description
-    
-      sha256
-      Generate a hash of the incoming string using sha256 algorithm.
-    
-      sha512
-      Generate a hash of the incoming string using sha512 algorithm.
-    
-      bcrypt
-      
-        Generate a hash of the incoming string using bcrypt algorithm.
+
+<table className="w-full my-1.5 ">
+  <thead>
+    <tr>
+      <th className="w-fit">Name</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">sha256</td>
+      <td className="w-fit">Generate a hash of the incoming string using [sha256](https://en.wikipedia.org/wiki/SHA-2) algorithm.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">sha512</td>
+      <td className="w-fit">Generate a hash of the incoming string using [sha512](https://en.wikipedia.org/wiki/SHA-2) algorithm.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">bcrypt</td>
+      <td className="w-fit">
+        Generate a hash of the incoming string using [bcrypt](https://en.wikipedia.org/wiki/Bcrypt) algorithm.
+
         Fixed configuration: Number of cycles = 11
-      
-      argon2id
-      
-        Generate a hash of the incoming string using argon2id algorithm.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">argon2id</td>
+      <td className="w-fit">
+        Generate a hash of the incoming string using [argon2id](https://en.wikipedia.org/wiki/Argon2) algorithm.
+
         Fixed configuration: Memory = 64MiB, Iterations = 4, Parallelism = 4, SaltLen = 16B, KeyLength = 32B
-      
-      toHex
-      Encodes provided string/bytes into hexadecimal
-    
-      toString
-      Encodes provided string/bytes into string comprised of [a-zA-Z0-9_-.]
-    
-      upper
-      Maps all unicode letters to their upper case
-    
-      lower
-      Maps all unicode letters to their lower case
-    
-      title
-      Maps all words to title case (first letter upper case, rest lower case)
-    
-      noop
-      Does nothing - used in tests
-    
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">toHex</td>
+      <td className="w-fit">Encodes provided string/bytes into hexadecimal</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">toString</td>
+      <td className="w-fit">Encodes provided string/bytes into string comprised of [a-zA-Z0-9_-.]</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">upper</td>
+      <td className="w-fit">Maps all unicode letters to their upper case</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">lower</td>
+      <td className="w-fit">Maps all unicode letters to their lower case</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">title</td>
+      <td className="w-fit">Maps all words to title case (first letter upper case, rest lower case)</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">noop</td>
+      <td className="w-fit">Does nothing - used in tests</td>
+    </tr>
+  </tbody>
+</table>
+
 ---
+
 ### Examples of correctly using import modifiers
-    
-    - `, )>` will output a random string of 30 characters:
+
+#### Generating a plain password and related hashes
+
+- `<@generateRandomStringVar(<myPassword>, <30>)>` will output a random string of 30 characters:
     ```yaml
     7a14c8e74bc98a0d74253b1d1a4ef6
     ```
-    - `)| sha256>` will output the sha256 hash of the `` variable:
+
+    - `<@getVar(<myPassword>)| sha256>` will output the sha256 hash of the `<myPassword>` variable:
     ```yaml
     081b91d6dff5036229a92e2442fb65d7c8124571d4e70a2ac4729aeb86957407
     ```
-    - `)| sha512>` will output the sha512 hash of the `` variable:
+
+    - `<@getVar(<myPassword>)| sha512>` will output the sha512 hash of the `<myPassword>` variable:
     ```yaml
     89c05547de0aa4926512a958f95ab8bf4096ceec63ad5aad4266890bfa059e0cc98917c54276ba4cd61f1dde4c8efda948fc967885c9dd50558ed939722ca10c
     ```
-    - `)| bcrypt>` will output the bcrypt hash of the `` variable:
+
+    - `<@getVar(<myPassword>)| bcrypt>` will output the bcrypt hash of the `<myPassword>` variable:
     ```yaml
     $2a$10$CxKZX0yIxdc7ts6eI5aBu.g.heAsFcePdMDEpnlViTlo3vGc//PXe
     ```
-    - `)| argon2id>` will output the argon2id hash of the `` variable:
+
+    - `<@getVar(<myPassword>)| argon2id>` will output the argon2id hash of the `<myPassword>` variable:
     ```yaml
     $argon2id$v=19$m=98304,t=1,p=3$uWBpmoUT3sfckXHyRF9hlg$8bGtNffuHxaRIgN99zCmJeGEYJF5BY2J9TwzqmezP28
     ```
-  
-    - Using upper case modifier:
+
+#### String Case Modification Examples
+
+- Using upper case modifier:
     ```yaml
-    Input:  
+    Input:  <sTATic StrINg wiTH a mOdifIER| upper>
     Output: STATIC STRING WITH A MODIFIER
     ```
+
     - Using lower case modifier:
     ```yaml
-    Input:  
+    Input:  <sTATic StrINg wiTH a mOdifIER| lower>
     Output: static string with a modifier
     ```
+
     - Using title case modifier:
     ```yaml
-    Input:  
+    Input:  <sTATic StrINg wiTH a mOdifIER| title>
     Output: Static String With A Modifier
     ```
+
     - Chaining multiple modifiers:
     ```yaml
-    Input:  
+    Input:  <sTATic StrINg wiTH a mOdifIER| upper | lower>
     Output: static string with a modifier
     ```
+
     - Using modifiers with functions:
     ```yaml
-    Input:  ) | upper>
+    Input:  <@generateRandomString(<30>) | upper>
     Output: 7A14C8E74BC98A0D74253B1D1A4EF6
-    
-    Input:  , ) | lower>)>
+
+    Input:  <@setVar(<bucketName>, <@generateRandomString(<10>) | lower>)>
     Output: h73ep149sd
     ```
+
 :::tip Using a space before the pipe separator
 As you can see above, unlike the case of the string expression, using a space before the `|` separator in a function expression doesn't add an additional space character to the result.
 :::
 
+
 ----------------------------------------
 
 # References > Import Yaml > Type List
 
+
 This is a list of all supported service types that can be used in import yaml configuration file.
+
 :::note
 Versions listed on the same line are aliases of the same underlying version.
 :::
+
 ## Available service types
+
 ### Static Services
-  
-      Service Type
-      Versions
-    
-      Nginx
-      
-      Static
-      
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Service Type</th>
+      <th className="w-full">Versions</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Nginx</td>
+      <td className="w-fit">
+- `nginx@1.22`, `nginx@latest`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Static</td>
+      <td className="w-fit">
+- `static`, `static@1.0`, `static@latest`
+</td>
+    </tr>
+  </tbody>
+</table>
+
 ### Containers and virtual machines
-  
-      Service Type
-      Versions
-    
-      Alpine
-      
-      Ubuntu
-      
-### Runtime services
-  
-      Service Type
-      Versions
-    
-      Bun
-      
-      Deno
-      
-      .NET
-      
-      Elixir
-      
-      Gleam
-      
-      Go
-      
-      Java
-      
-      Node.js
-      
-      PHP & Apache
-      
-      PHP & nginx
-      
-      Python
-      
-      Rust
-      
-### Database services
-  
-      Database Type
-      Versions
-    
-      KeyDB
-      
-      MariaDB
-      
-      PostgreSQL
-      
-      Qdrant
-      
-      Valkey
-      
-### Search Engine
-  
-      Search Engine
-      Versions
-    
-      Elasticsearch
-      
-      Meilisearch
-      
-      Typesense
-      
-### Message Broker
-  
-      Message Broker
-      Versions
-    
-      Kafka
-      
-      NATS
-      
-### Storage Services
-  
-      Database Type
-      Versions
-    
-      Object storage
-      
-      Shared storage
-      
 
-----------------------------------------
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Service Type</th>
+      <th className="w-full">Versions</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Alpine</td>
+      <td className="w-fit">
+- `alpine@3.23`
+- `alpine@3.22`
+- `alpine@3.21`
+- `alpine@3.20`
+- `alpine@3.19`
+- `alpine@3.18`
+- `alpine@3.17`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Ubuntu</td>
+      <td className="w-fit">
+- `ubuntu@24.04`
+- `ubuntu@22.04`
+</td>
+    </tr>
+  </tbody>
+</table>
 
-# References > Import
+### Runtime services
 
-The Zerops YAML configuration provides powerful capabilities for both importing and exporting projects and services. This documentation covers how to define your infrastructure as code and move configurations between environments.
-## YAML Configuration Basics
-The Zerops YAML configuration can be used to create or replicate services in Zerops. You can import configurations in two ways:
-- **Using the GUI**:
-  - **For projects**: In the Zerops dashboard, click on **Import a project** in the Projects section
-  - **For services**: Navigate to a project's details page and click **Import services** in the services section
-- **Using the [CLI](/references/cli)**: Run `zcli project project-import` for projects or `zcli project service-import` for individual services
-Both methods provide straightforward ways to migrate or replicate infrastructure as needed.
-This section provides a comprehensive example of an import YAML configuration file, allowing you to define and import a project and its services with environment variables.
-```yaml
-# ==== Define a project to import ====
-project:
-  # REQUIRED. Name of your project
-  name: project0
-  # Project description
-  description: "This project is an example only"
-  # Project core package - LIGHT/SERIOUS
-  corePackage: SERIOUS
-  # List of project tags for filtering
-  tags:
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="whitespace-nowrap">Service Type</th>
+      <th className="w-full">Versions</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Bun</td>
+      <td className="w-fit">
+- `bun@1.3.9`, `bun@1.3`, `bun@latest`
+- `bun@1.2.2`, `bun@1.2`
+- `bun@nightly`
+- `bun@canary`
+- `bun@1.1.34`, `bun@1.1(Ubuntu only)`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Deno</td>
+      <td className="w-fit">
+- `deno@2.0.0`, `deno@2`, `deno@latest`
+- `deno@1.45.5`, `deno@1`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">.NET</td>
+      <td className="w-fit">
+- `dotnet@10`
+- `dotnet@9`
+- `dotnet@8`
+- `dotnet@7`
+- `dotnet@6`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Elixir</td>
+      <td className="w-fit">
+- `elixir@1`, `elixir@1.16`, `elixir@1.16.2`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Gleam</td>
+      <td className="w-fit">
+- `gleam@1`, `gleam@1.5`, `gleam@1.5.1`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><span class="anchor anchorWithStickyNavbar_------node_modules-@docusaurus-theme-classic-lib-theme-Heading-styles-module" id="go">Go</span></td>
+      <td className="w-fit">
+- `go@1.22`, `go@1`, `golang@1`, `golang@1.22`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Java</td>
+      <td className="w-fit">
+- `java@21`
+- `java`, `java@17`, `java@latest`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Node.js</td>
+      <td className="w-fit">
+- `nodejs@24`
+- `nodejs@22`
+- `nodejs@20`
+- `nodejs@18`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">PHP & Apache</td>
+      <td className="w-fit">
+- `php-apache@8.5+2.4`, `php-apache@8.5`
+- `php-apache@8.4+2.4`, `php-apache@8.4`
+- `php-apache@8.3+2.4`, `php-apache@8.3`
+- `php-apache@8.1+2.4`, `php-apache@8.1`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">PHP & nginx</td>
+      <td className="w-fit">
+- `php-nginx@8.5+1.28`, `php-nginx@8.5`
+- `php-nginx@8.4+1.22`, `php-nginx@8.4`
+- `php-nginx@8.3+1.22`, `php-nginx@8.3`
+- `php-nginx@8.1+1.22`, `php-nginx@8.1`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Python</td>
+      <td className="w-fit">
+- `python@3.14 (Ubuntu only)`
+- `python@3.12`
+- `python@3.11`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Rust</td>
+      <td className="w-fit">
+- `rust@1.86`, `rust@1`, `rust@stable`
+- `rust@1.80`
+- `rust@1.78`
+- `rust@nightly`
+</td>
+    </tr>
+  </tbody>
+</table>
+
+### Database services
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Database Type</th>
+      <th className="w-full">Versions</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">KeyDB</td>
+      <td className="w-fit">
+- `keydb@6`
+</td>
+    </tr>
+      <tr>
+      <td className="w-fit">MariaDB</td>
+      <td className="w-fit">
+- `mariadb@10.6`
+</td>
+    </tr>
+        <tr>
+      <td className="w-fit">PostgreSQL</td>
+      <td className="w-fit">
+- `postgresql@18`
+- `postgresql@17`
+- `postgresql@16`
+- `postgresql@14`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Qdrant</td>
+      <td className="w-fit">
+- `qdrant@1.12`
+- `qdrant@1.10`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Valkey</td>
+      <td className="w-fit">
+- `valkey@7.2`
+</td>
+    </tr>
+  </tbody>
+</table>
+
+### Search Engine
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Search Engine</th>
+      <th className="w-full">Versions</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Elasticsearch</td>
+      <td className="w-fit">
+- `elasticsearch@9.2`
+- `elasticsearch@8.16`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Meilisearch</td>
+      <td className="w-fit">
+- `meilisearch@1.20`
+- `meilisearch@1.10`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Typesense</td>
+      <td className="w-fit">
+- `typesense@27.1`
+</td>
+    </tr>
+  </tbody>
+</table>
+
+### Message Broker
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Message Broker</th>
+      <th className="w-full">Versions</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Kafka</td>
+      <td className="w-fit">
+- `kafka@3.9`
+- `kafka@3.8`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">NATS</td>
+      <td className="w-fit">
+- `nats@2.12`
+- `nats@2.10`
+</td>
+    </tr>
+  </tbody>
+</table>
+
+### Storage Services
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Database Type</th>
+      <th className="w-full">Versions</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Object storage</td>
+      <td className="w-fit">
+- `object-storage`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Shared storage</td>
+      <td className="w-fit">
+- `shared-storage`
+</td>
+    </tr>
+  </tbody>
+</table>
+
+
+----------------------------------------
+
+# References > Import
+
+
+The Zerops YAML configuration provides powerful capabilities for both importing and exporting projects and services. This documentation covers how to define your infrastructure as code and move configurations between environments.
+
+## YAML Configuration Basics
+
+The Zerops YAML configuration can be used to create or replicate services in Zerops. You can import configurations in two ways:
+
+- **Using the GUI**:
+  - **For projects**: In the Zerops dashboard, click on **Import a project** in the Projects section
+  - **For services**: Navigate to a project's details page and click **Import services** in the services section
+- **Using the [CLI](/references/cli)**: Run `zcli project project-import` for projects or `zcli project service-import` for individual services
+
+Both methods provide straightforward ways to migrate or replicate infrastructure as needed.
+
+#### Comprehensive example of an import YAML configuration
+
+This section provides a comprehensive example of an import YAML configuration file, allowing you to define and import a project and its services with environment variables.
+
+```yaml
+# ==== Define a project to import ====
+project:
+  # REQUIRED. Name of your project
+  name: project0
+  # Project description
+  description: "This project is an example only"
+  # Project core package - LIGHT/SERIOUS
+  corePackage: SERIOUS
+  # List of project tags for filtering
+  tags:
     - test
     - dev
   # Project-level environment variables
@@ -21411,10 +30775,10 @@ services:
     mode: HA
     # Map of secret environment variables
     envSecrets:
-      SECRET_KEY: )>
+      SECRET_KEY: <@generateRandomString(<32>)>
     # Environment variables defined in .env format (automatically creates secret envs)
     dotEnvSecrets: |
-      APP_KEY=)>
+      APP_KEY=<@generateRandomString(<32>)>
       DB_PASSWORD=secure123
     # Object storage size in GB
     objectStorageSize: 2
@@ -21455,11 +30819,14 @@ services:
       server {
           listen 80 default_server;
           listen [::]:80 default_server;
+
           server_name _;
           root /var/www;
+
           location / {
               try_files $uri $uri/ /index.html;
           }
+
           access_log syslog:server=unix:/dev/log,facility=local1 default_short;
           error_log syslog:server=unix:/dev/log,facility=local1;
       }
@@ -21486,49 +30853,70 @@ services:
     type: shared-storage
     ...
 ```
+
 :::note
 The example above is a general guideline; not all keys are valid for every service type. For technology-specific details, refer to the **Create service** page in the **How To** section of the Zerops documentation.
+
 - `REQUIRED.` If a parent object is defined, the key-value pair is required to be filled. All other key-value pairs are optional.
 :::
+
 ## Project Configuration
+
 The project configuration is used to define the project you want to import.
+
 ### Usage
-  
-      Field
-      Type
-      Description
-    
-      project
-      object
-      _REQUIRED, if a whole project is imported_ 
-Only one project can be defined.
-    
-      name
-      string, REQUIRED
-      The name of the new project. Duplicates are allowed.
-    
-      description
-      string
-      Description of the new project.
-    
-      corePackage
-      string
-      [Core package](/features/infrastructure#project-core-options) of the new project. 
-Values: LIGHT/SERIOUS (default LIGHT)
-    
-      tags
-      list of strings
-      One or more string tags.
-Tags provide better orientation in projects.
-    
-      envVariables
-      map[string]string
-      [Project-level environment variables](/features/env-variables#project-variables) that are available to all services in the project.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Type</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">project</td>
+      <td className="w-fit">object</td>
+      <td className="w-fit">_REQUIRED, if a whole project is imported_
+Only one project can be defined.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">name</td>
+      <td className="w-fit">string, REQUIRED</td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">description</td>
+      <td className="w-fit">string</td>
+      <td className="w-fit">Description of the new project.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">corePackage</td>
+      <td className="w-fit">string</td>
+      <td className="w-fit">[Core package](/features/infrastructure#project-core-options) of the new project.
+Values: <b>LIGHT</b>/<b>SERIOUS</b> (default LIGHT)</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">tags</td>
+      <td className="w-fit">list of strings</td>
+      <td className="w-fit">One or more string tags.
+Tags provide better orientation in projects.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">envVariables</td>
+      <td className="w-fit">map[string]string</td>
+      <td className="w-fit">[Project-level environment variables](/features/env-variables#project-variables) that are available to all services in the project.</td>
+    </tr>
+  </tbody>
+</table>
+
 :::important
 The `corePackage` value can be upgraded later from Lightweight to Serious Core, but cannot be downgraded. Upgrades involve a brief service disruption and are partially destructive (logs/statistics are lost). Make sure to choose a suitable core package for your project. Learn more about [core upgrade process](/features/infrastructure#project-core-upgrade).
 :::
+
 This example will create a project named `project0` with [serious core](/features/infrastructure#serious-core) package and the description `This project is an example only`. The project will have two tags: `test` and `dev`, and two environment variables: `LOG_LEVEL` and `API_VERSION`:
+
 ```yaml
 # ==== Define a project to import ====
 project:
@@ -21547,8 +30935,11 @@ project:
     LOG_LEVEL: info
     API_VERSION: v1
 ```
+
 ## Service Configuration
+
 The service configuration defines one or more services to import into your project. Services are specified as an array under the `services` key, allowing you to configure multiple services in a single YAML file. You need at least one service and either an existing project to import into or a project defined in the YAML file.
+
 The Service Configuration section is divided into multiple subsections for better organization:
 - [**Service Basic Configuration**](#service-basic-configuration) - Core parameters like hostname, type, mode, and environment variables
 - [**Service Vertical Autoscaling**](#service-vertical-autoscaling) - CPU, RAM, and disk scaling settings
@@ -21556,17 +30947,22 @@ The Service Configuration section is divided into multiple subsections for bette
 - [**Service Mount Shared Storage**](#service-mount-shared-storage) - Connecting to shared storage services
 - [**Service Nginx Configuration**](#service-nginx-configuration) - Custom web server settings
 - [**Service zerops.yaml Configuration**](#service-zeropsyaml-configuration) - Build and run configurations
+
+#### Complete Service Configuration Example
+
 ```yaml
 #yamlPreprocessor=on
 services:
   - hostname: app           # REQUIRED: Unique service identifier
     type: nodejs@22                 # REQUIRED: Service type and version
     mode: HA                        # HA or NON_HA mode (default: NON_HA)
+
     # Environment variables
     envSecrets:                     # Secret environment variables (blurred in GUI)
-      SECRET_KEY: )>  # Generated random string
+      SECRET_KEY: <@generateRandomString(<32>)>  # Generated random string
     dotEnvSecrets: |                # Environment vars in .env format
-      APP_KEY=)>
+      APP_KEY=<@generateRandomString(<32>)>
+
     # Storage configuration
     objectStorageSize: 2            # Object storage size in GB
     objectStoragePolicy: public-read-write  # Predefined S3 bucket policy
@@ -21583,11 +30979,13 @@ services:
           }
         ]
       }
+
     # Build and deployment
     buildFromGit: https://github.com/myorg/myapp  # Git repo for one-time build
     enableSubdomainAccess: true     # Enable public access via Zerops subdomain
     priority: 1                     # Higher priority services are created sooner
     override: true                  # When true, triggers redeploy of existing service
+
     # Vertical autoscaling
     verticalAutoscaling:
       minCpu: 1                     # Minimum number of virtual CPUs
@@ -21602,12 +31000,15 @@ services:
       minFreeCpuPercent: 20         # Min free CPU percentage before scaling
       minFreeRamGB: 0.5             # Min free RAM in GB before scaling
       minFreeRamPercent: 20         # Min free RAM percentage before scaling
+
     # Horizontal autoscaling
     minContainers: 2                # Minimum number of containers (default: 1, max: 10)
     maxContainers: 6                # Maximum number of containers (max: 10)
+
     # Shared storage
     mount:                          # List of shared storage services to mount
       - teststorage1
+
     # Nginx configuration
     nginxConfig: |-                 # Custom nginx configuration
       server {
@@ -21615,12 +31016,15 @@ services:
           listen [::]:80 default_server;
           server_name _;
           root /var/www/public;
+
           location / {
               try_files $uri $uri/ /index.html;
           }
+
           access_log syslog:server=unix:/dev/log,facility=local1 default_short;
           error_log syslog:server=unix:/dev/log,facility=local1;
       }
+
     # Zerops.yaml configuration
     zeropsSetup: backendapi          # Service setup name from zeropsYaml or repo
     zeropsYaml:                     # Full zerops.yaml configuration
@@ -21637,85 +31041,121 @@ services:
             initCommands:
               - npm run db:migrate
             start: npm start
+
   # A second, simpler service example
   - hostname: teststorage1
     type: shared-storage
 ```
+
 This example includes all possible configuration options for Zerops services. Not all options are required or applicable to every service type. The example shows two services in the same YAML file: a fully configured Node.js API service and a simpler static frontend service.
+
 ### Service Basic Configuration
-  
-      Field
-      Type
-      Description
-    
-      services
-      list of objects, REQUIRED
-      At least one service is required.
-    
-      hostname
-      string, REQUIRED
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Type</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">services</td>
+      <td className="w-fit">list of objects, REQUIRED</td>
+      <td className="w-fit">At least one service is required.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">hostname</td>
+      <td className="w-fit">string, REQUIRED</td>
+      <td className="w-fit">
         The unique service identifier.
         Limitations:
         - duplicates in the same project forbidden
         - maximum 25 characters, lowercase ASCII letters (a-z) or numbers (0-9) only
-      
-      type
-      enum, REQUIRED
-      Specifies the service type and version. See [supported types](/references/import-yaml/type-list).
-    
-      mode
-      enum
-      Values: HA / NON_HA (default NON_HA)
-Defines the operation mode of the service.
-    
-      envSecrets
-      map[string]string
-      Environment variables that are blurred by default in Zerops GUI. Can be edited or deleted in Zerops GUI.
-    
-      dotEnvSecrets
-      string (multiline)
-      Environment variables in .env file format that are automatically created as secret envs.
-    
-      objectStorageSize
-      integer
-      Object storage size in GB.
-    
-      objectStoragePolicy
-      enum
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">type</td>
+      <td className="w-fit">enum, REQUIRED</td>
+      <td className="w-fit">Specifies the service type and version. See [supported types](/references/import-yaml/type-list).</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">mode</td>
+      <td className="w-fit">enum</td>
+      <td className="w-fit">Values: <b>HA</b> / <b>NON_HA</b> (default NON_HA)
+Defines the operation mode of the service.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">envSecrets</td>
+      <td className="w-fit">map[string]string</td>
+      <td className="w-fit">Environment variables that are blurred by default in Zerops GUI. Can be edited or deleted in Zerops GUI.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">dotEnvSecrets</td>
+      <td className="w-fit">string (multiline)</td>
+      <td className="w-fit">Environment variables in .env file format that are automatically created as secret envs.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">objectStorageSize</td>
+      <td className="w-fit">integer</td>
+      <td className="w-fit">Object storage size in GB.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">objectStoragePolicy</td>
+      <td className="w-fit">enum</td>
+      <td className="w-fit">
         Values: **private / public-read / public-objects-read / public-write / public-read-write / custom**
         Select a predefined AWS S3 bucket access policy.
-      
-      objectStorageRawPolicy
-      json
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">objectStorageRawPolicy</td>
+      <td className="w-fit">json</td>
+      <td className="w-fit">
         Define your own AWS S3 bucket access policy. See [AWS docs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-policy-language-overview.html) for details.
         Use `{{ .BucketName }}` placeholder if you need to use bucket name in your custom policy rules.
-      
-      buildFromGit
-      string (URL)
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">buildFromGit</td>
+      <td className="w-fit">string (URL)</td>
+      <td className="w-fit">
         A URL of a Github or Gitlab repository used for a one-time build of your service.
-      
-      enableSubdomainAccess
-      boolean
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">enableSubdomainAccess</td>
+      <td className="w-fit">boolean</td>
+      <td className="w-fit">
         Default: `false`
+
         Set `true`, if you want to enable a public access to your service via a Zerops subdomain. Not suitable for production.
-      
-      priority
-      integer
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">priority</td>
+      <td className="w-fit">integer</td>
+      <td className="w-fit">
         Services are sorted before creation by priority in descending order, i.e. the higher the priority the sooner the service is created.
-      
-      override
-      boolean
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">override</td>
+      <td className="w-fit">boolean</td>
+      <td className="w-fit">
         Default: `false`
+
         This only works for **runtime** services.
+
         The parameter allows you to replace an existing runtime service with the same hostname byt triggering a redeploy if the service already exists.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+#### Service Basic Configuration Example
+
 ```yaml
 #yamlPreprocessor=on
 services:
@@ -21727,10 +31167,10 @@ services:
   mode: HA
   # Map of secret environment variables
   envSecrets:
-    SECRET_KEY: )>
+    SECRET_KEY: <@generateRandomString(<32>)>
   # Environment variables in .env format
   dotEnvSecrets: |
-    APP_KEY=)>
+    APP_KEY=<@generateRandomString(<32>)>
   # Object storage size in GB
   objectStorageSize: 2
   # Choose object storage policy from a predefined list
@@ -21746,6 +31186,7 @@ services:
   # When set to true, triggers a redeploy of an existing runtime service with the same hostname
   override: false
 ```
+
 This yaml will create a `nodejs@latest` service named `app` in `HA` (High-Availability) mode with the following configurations:
 - Environment variables:
   - From `envSecrets`: `SECRET_KEY` (requires yamlPreprocessor)
@@ -21755,77 +31196,112 @@ This yaml will create a `nodejs@latest` service named `app` in `HA` (High-Availa
 - Public access enabled via Zerops subdomain
 - Priority: 1
 - Override existing service: `false`
+
 The `services` object allows you to define one or more services in the same yaml file.
+
 :::caution
 The `yamlPreprocessor` option in your project & service import YAML is required to generate random secret values, passwords, and public/private key pairs. For more information, see the [yamlPreprocessor](/references/import-yaml/pre-processor) page.
 :::
+
 ### Service Vertical Autoscaling
+
 The vertical autoscaling configuration defines how the service can scale its resources vertically.
-  
-      Field
-      Type
-      Description
-    
-      minCpu
-      integer
-      Minimum number of virtual CPUs
-    
-      maxCpu
-      integer
-      Maximum number of virtual CPUs
-    
-      cpuMode
-      enum
-      Values: **SHARED / DEDICATED**
-    
-      minRam
-      float
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Type</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">minCpu</td>
+      <td className="w-fit">integer</td>
+      <td className="w-fit">Minimum number of virtual CPUs</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">maxCpu</td>
+      <td className="w-fit">integer</td>
+      <td className="w-fit">Maximum number of virtual CPUs</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">cpuMode</td>
+      <td className="w-fit">enum</td>
+      <td className="w-fit">Values: **SHARED / DEDICATED**</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">minRam</td>
+      <td className="w-fit">float</td>
+      <td className="w-fit">
         Minimum RAM in GB that each container of the service can scale down to.
-      
-      maxRam
-      float
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">maxRam</td>
+      <td className="w-fit">float</td>
+      <td className="w-fit">
         Maximum RAM in GB that each container of the service can scale up to.
-      
-      minDisk
-      float
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">minDisk</td>
+      <td className="w-fit">float</td>
+      <td className="w-fit">
         Minimum disk space in GB that each container of the service can scale down to.
-      
-      maxDisk
-      float
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">maxDisk</td>
+      <td className="w-fit">float</td>
+      <td className="w-fit">
         Maximum disk space in GB that each container of the service can scale up to.
-      
-      startCpuCoreCount
-      integer
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">startCpuCoreCount</td>
+      <td className="w-fit">integer</td>
+      <td className="w-fit">
         Number of CPU cores with which each container starts.
-      
-      minFreeCpuCores
-      float
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">minFreeCpuCores</td>
+      <td className="w-fit">float</td>
+      <td className="w-fit">
         Minimum number of unused CPU cores before a container starts scaling.
-      
-      minFreeCpuPercent
-      float
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">minFreeCpuPercent</td>
+      <td className="w-fit">float</td>
+      <td className="w-fit">
         Minimum percentage of unused CPU cores before a container starts scaling.
-      
-      minFreeRamGB
-      float
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">minFreeRamGB</td>
+      <td className="w-fit">float</td>
+      <td className="w-fit">
         Minimum unused memory in GB before a container starts scaling.
-      
-      minFreeRamPercent
-      float
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">minFreeRamPercent</td>
+      <td className="w-fit">float</td>
+      <td className="w-fit">
         Minimum percentage of unused memory before a container starts scaling.
-      
-```yaml
-services:
-  - hostname: app
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+#### Vertical Autoscaling Configuration Example
+
+```yaml
+services:
+  - hostname: app
     type: nodejs@22
     buildFromGit: https://github.com/myorg/myapp
     enableSubdomainAccess: true
@@ -21843,25 +31319,41 @@ services:
       minFreeRamGB: 0.5             # Min free RAM in GB before scaling
       minFreeRamPercent: 20         # Min free RAM percentage before scaling
 ```
+
 This yaml will create a service with the hostname `app` with `php-nginx@8.4` runtime with `HA` High-Availability mode for vertical autoscaling:
+
 - CPU: `1-3` virtual CPUs in `DEDICATED` mode
 - RAM: `1-4 GB`
 - Disk Space: `1-10 GB`
+
 ### Service Horizontal Autoscaling
+
 The horizontal autoscaling configuration is used to define the horizontal autoscaling settings for the service.
-  
-      Field
-      Type
-      Description
-    
-  minContainers
-  integer
-  Minimum number of containers of the service.
-Default: 1, maximum value: 10
-  maxContainers
-  integer
-  Maximum number of containers of the service.
-Maximum value: 10
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Type</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+<tr>
+  <td className="w-fit font-semibold">minContainers</td>
+  <td className="w-fit">integer</td>
+  <td className="w-fit">Minimum number of containers of the service.
+Default: 1, maximum value: 10</td>
+</tr>
+<tr>
+  <td className="w-fit font-semibold">maxContainers</td>
+  <td className="w-fit">integer</td>
+  <td className="w-fit">Maximum number of containers of the service.
+Maximum value: 10</td>
+</tr>
+</tbody>
+</table>
+
 ```yaml
 services:
   - hostname: app
@@ -21873,18 +31365,30 @@ services:
     # Maximum number of containers
     maxContainers: 6
 ```
+
 The `minContainers` and `maxContainers` parameters allow you to define the minimum and maximum number of containers for the service. The service will automatically scale between these values as needed.
+
 ### Service Mount Shared Storage
+
 The mount shared storage configuration defines which shared storage services should be mounted to the service.
-  
-      Field
-      Type
-      Description
-    
-    mount
-    list of strings
-    Mount shared storage to the service. `buildFromGit` must be filled.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Type</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit font-semibold">mount</td>
+    <td className="w-fit">list of strings</td>
+    <td className="w-fit">Mount shared storage to the service. `buildFromGit` must be filled.</td>
+    </tr>
+  </tbody>
+</table>
+
 ```yaml
 services:
   - hostname: app
@@ -21894,18 +31398,30 @@ services:
     mount:
       - teststorage1
 ```
+
 The `mount:` parameter allows you to mount a shared storage (which should be created inside the project) to the service.
+
 ### Service Nginx Configuration
+
 The nginx configuration defines the nginx settings for the service.
-  
-      Field
-      Type
-      Description
-    
-      nginxConfig
-      string (multiline)
-      Insert full nginx config.
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Type</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">nginxConfig</td>
+      <td className="w-fit">string (multiline)</td>
+      <td className="w-full">Insert full nginx config.</td>
+    </tr>
+   </tbody>
+</table>
+
 ```yaml
 #yamlPreprocessor=on
 services:
@@ -21916,31 +31432,47 @@ services:
       server {
           listen 80 default_server;
           listen [::]:80 default_server;
+
           server_name _;
           root /var/www;
+
           location / {
               try_files $uri $uri/ /index.html;
           }
+
           access_log syslog:server=unix:/dev/log,facility=local1 default_short;
           error_log syslog:server=unix:/dev/log,facility=local1;
       }
 ```
+
 The `nginxConfig: |-` parameter allows you to specify a custom nginx configuration for the service.
+
 ### Service zerops.yaml Configuration
+
 The `zeropsSetup` and `zeropsYaml` parameters provide flexibility in how you define and use your service configurations. Both parameters are optional and work together in the following ways:
-  
-      Field
-      Type
-      Description
-    
-      zeropsSetup
-      string
-      Specifies which service setup to use. This should match a setup name found in either the `zeropsYaml` parameter (if provided) or the `zerops.yaml` file in the repository root. If not specified, defaults to the service hostname.
-    
-      zeropsYaml
-      object
-      Contains the full [zerops.yaml configuration](/zerops-yaml/specification). If provided, this will be used instead of looking for a `zerops.yaml` file in the repository.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Field</th>
+      <th className="w-fit">Type</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">zeropsSetup</td>
+      <td className="w-fit whitespace-nowrap">string</td>
+      <td className="w-fit">Specifies which service setup to use. This should match a setup name found in either the `zeropsYaml` parameter (if provided) or the `zerops.yaml` file in the repository root. If not specified, defaults to the service hostname.</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">zeropsYaml</td>
+      <td className="w-fit whitespace-nowrap">object</td>
+      <td className="w-fit">Contains the full [zerops.yaml configuration](/zerops-yaml/specification). If provided, this will be used instead of looking for a `zerops.yaml` file in the repository.</td>
+    </tr>
+  </tbody>
+</table>
+
 ```yaml
 services:
   - hostname: app
@@ -21964,7 +31496,9 @@ services:
               - npm run db:migrate
             start: npm start
 ```
+
 #### How They Work Together
+
 - **Neither parameter specified**:
   - The system looks for a `zerops.yaml` file in the repository root
   - It searches for a setup with a name that matches the service hostname
@@ -21976,59 +31510,86 @@ services:
 - **Both parameters specified**:
   - The system uses the provided `zeropsYaml` configuration
   - It specifically looks for the setup named in `zeropsSetup` within that YAML
+
 If the specified `zeropsSetup` does not exist in the available YAML configuration (either provided in `zeropsYaml` or found in the repository), the import will fail.
+
 ## Export
+
 Zerops provides the ability to export your existing projects and services as YAML configurations through the GUI. This feature is particularly useful for:
 - Creating backups of your project configurations
 - Replicating project or service setups across different environments
 - Sharing project templates with team members
 - Creating version-controlled infrastructure configurations
+
 The exported YAML follows the same structure as the import YAML configuration detailed above. It will contain all the configuration parameters you've set for your project and services.
+
 ### How to Export
+
 #### Exporting a Single Service
 Navigate to your service dashboard in the Zerops GUI, click the three-dot menu (⋮) in the top-right corner of the service card, and choose **Export service as yaml**.
+
 #### Exporting an Entire Project
 In the Zerops GUI, go to the project dashboard, click the three-dot menu (⋮) in the top-right corner of the project card, and select **Export project as yaml**.
+
 ### Using Exported Configurations
+
 The exported YAML files are compatible with:
 - The Zerops GUI import functionality
 - The `zcli project project-import` command
 - The `zcli project service-import` command (for single service exports)
+
 This allows you to easily move configurations between environments or create new instances of your infrastructure.
 
 ----------------------------------------
 
 # References > Log Forwarding
 
+
 For more advanced [log](/references/logging) analysis and centralized logging, you can forward all your Zerops logs to external logging services. The Zerops logger service uses **syslog-ng** to enable this functionality.
+
 ## Ready-Made Configurations
+
 Zerops provides pre-configured setups for popular logging services:
+
 - **[Better Stack](https://betterstack.com/)**
 - **[Papertrail](https://www.papertrail.com/)**
 - **Self-hosted [ELK Stack](https://www.elastic.co/elastic-stack) (Logstash)**
+
 To set up one of these integrations, go to your project detail, select **Advanced Observability**, choose your preferred service, and follow the guided steps in the interface.
+
 ## Self-Hosted Logstash
+
 To collect logs in a self-hosted ELK stack, a Logstash instance (deployed as the `logstash` service) is required. Logstash listens for incoming UDP syslog packets and indexes them to Elasticsearch.
+
 The one-click GUI integration setup is all you need to get started. After setup completes, logs will appear in Kibana's "Logs > Explorer" section. You can find access information in the **Advanced Observability** section of your project in the GUI.
+
 :::warning
 Setting up log forwarding to ELK will override any previously configured log forwarding.
 :::
+
 ### What Happens Behind the Scenes
+
 1. The `elkstorage`, `kibana`, and `logstash` services are deployed and configured in the target project (if not already present)
 2. If logging is required across different projects, the `logstash` service is made publicly accessible through port routing with firewall whitelisting for source project IPs
 3. Log forwarding is configured on source projects to forward logs to the target Logstash instance
+
 :::tip
 For the complete ELK stack setup including tracing capabilities, see the [Self-Hosted Observability](/references/metrics) guide.
 :::
+
 ## Custom Log Forwarding Configuration
+
 You can set up forwarding to any syslog-ng compatible software. To do this, navigate to your project detail's **Advanced Observability** section, and choose the "Setup forwarding to any syslog-ng compatible software" option.
+
 When configuring your custom syslog-ng setup, note the following important details:
+
 ### Certificate Configuration
 - Certificates are located in `/etc/ssl/certs`
 - If your configuration references `/etc/syslog-ng/ca.d` or `/etc/syslog-ng/cert.d`, change these paths to `/etc/ssl/certs`
 - For custom certificates, you can use: `ca-file("/etc/syslog-ng/user.crt")`
 - You can combine custom certificates with standard certificates using: `ca-dir("/etc/ssl/certs")`
   (This will verify both your custom certificate and standard certificates like those from LetsEncrypt)
+
 ### Source Configuration
 - Zerops uses `s_src` as the source configuration name
 - This differs from Papertrail, which might instruct you to "replace 's_sys' with the name you found" - in Zerops, always use `s_src` instead
@@ -22037,60 +31598,91 @@ When configuring your custom syslog-ng setup, note the following important detai
 
 # References > Logging
 
+
 Zerops automatically collects logs from all services in your project through a built-in logger service. These logs include runtime operations, database activities, build processes, and more.
+
 ## Project-Wide Logs
+
 To view all project logs, navigate to your project detail and select the **Logs overview** section, where you'll find a consolidated view of all logging activity from all services with multiple filtering options.
+
 Additionally, in the **Advanced Observability** section, you can set up [log forwarding](/references/log-forwarding) to external logging services for more advanced analysis and long-term storage.
+
 ## Service-Specific Logs
+
 Zerops provides different log types depending on the service:
+
 ### Build Logs
 Shows the output from your build process:
 - **GUI**: Service detail → **Pipelines & CI/CD settings** section → Pipeline detail → Build log
-- **CLI**: zcli service log --showBuildLogs
+- **CLI**: [`zcli service log --showBuildLogs`](/references/zcli/commands#service-log)
+
 :::note
 The build log button is available only when the [build pipeline](/features/pipeline#build-phase) was triggered for the selected deploy.
 :::
+
 ### Prepare Runtime Logs
 Documents the creation of a custom runtime image:
 - **GUI**: Service detail → **Pipelines & CI/CD settings** section → Pipeline detail → Prepare runtime log
 - **CLI**: *Not currently supported*
+
 :::note
 The prepare runtime log button is available only when the [prepare runtime phase](/features/pipeline#runtime-prepare-phase-optional) was triggered for the selected deploy.
 :::
+
 ### Runtime/Database Logs
 Contains the operational output from your service.
+
 - **GUI**:
   - Runtime services: Service detail → **Runtime logs**
   - Database services: Service detail → **Database logs**
-- **CLI**: zcli service log
+- **CLI**: [`zcli service log`](/references/zcli/commands#service-log)
+
 :::note
 Each container has its own log. For services with multiple containers, select the specific container in the header. You can filter logs by severity level or time period.
+
 To view logs from all containers of a service combined, you can either use the Project logs view or click the **Go to full service log** button in the service detail page.
 :::
+
 :::important
 For severity levels to work properly in Zerops, your application must log to syslog.
 :::
 
+
 ----------------------------------------
 
 # References > Metrics
 
+
 Zerops Advanced Observability provides one-click, self-hosted, pre-configured deployments of the **[ELK stack](#elk-stack)** or **[Prometheus with Grafana](#prometheus-with-grafana)**. This enables comprehensive observability for your deployments while maintaining full control over your data and infrastructure.
+
 ## Deployment Modes
+
 Both ELK and Prometheus can be deployed in two ways:
+
 - **Local deployment**: Services are deployed within your target project
 - **Global deployment**: A dedicated project is created specifically for observability
+
 ## ELK Stack
+
 The ELK observability setup deploys and configures two base services:
+
 - **Elasticsearch** (as `elkstorage`)
 - **Kibana** (as `kibana`) - the observability access point
+
 ### Logging
+
 For log collection with ELK, see the [Log Forwarding](/references/log-forwarding#self-hosted-logstash) guide which covers the Logstash setup and configuration.
+
 ### Tracing
+
 To collect traces in the ELK stack, an APM Server instance (deployed as the `apmserver` service) is required. APM Server listens for incoming traces securely over HTTPS and indexes them to Elasticsearch.
+
 First, follow the one-click GUI integration setup to deploy the required infrastructure. Then configure your application to send traces to APM Server.
+
 #### Setting Up APM Agents
+
 1. Update your code according to the [APM documentation](https://www.elastic.co/guide/en/apm/agent/index.html) for your application's language. See this [simple Go application](https://github.com/zerops-recipe-apps/go-hello-world-app/tree/with-apm-and-metrics) using APM libraries for reference.
+
 2. Add the following environment variables to your application service (these are specific to the official Go APM Agent library and may differ for other agents):
 ```
 ELASTIC_APM_ACTIVE=true
@@ -22098,63 +31690,96 @@ ELASTIC_APM_SERVICE_NAME=recipe-go
 ELASTIC_APM_SERVER_URL=https://apmserver.url.copy.from.gui
 ELASTIC_APM_SECRET_TOKEN=secret_token_copy_from_gui
 ```
+
 :::note
 The `ELASTIC_APM_ACTIVE` variable is set to `false` by default on Zerops, so you must explicitly set it to `true` to enable APM for the official Go APM agent.
 :::
+
 3. Restart or reload your application service.
+
 You should start seeing traces appear in Kibana's "Applications > Traces" section.
+
 #### What Happens Behind the Scenes
+
 1. The `elkstorage`, `kibana`, and `apmserver` services are deployed and configured in the target project (if not already present)
 2. The `apmserver` is made publicly accessible over HTTPS via a Zerops subdomain and configured with a secret token for secure access
+
 Access information for both Kibana and APM Server can be found in the **Advanced Observability** section of your project in the GUI.
+
 ### Next Steps
+
 - **Security**: Set up custom domains for Kibana and APM Server
 - **Optimization**: Connect to APM Server locally via HTTP for improved performance
 - **Customization**: Fork the [ELK recipe](https://github.com/zeropsio/recipe-elk), customize the Logstash configuration, and redeploy the `logstash` service via `zcli`
+
 ## Prometheus with Grafana
+
 The full Prometheus setup consists of:
+
 - **Prometheus** (as `prometheus`)
 - **Grafana** (as `grafana`) - the observability access point
 - **PostgreSQL database** (as `grafanadb`) - for Grafana data storage
 - **S3 bucket** (as `prometheusbackups`) - for storing Prometheus backups
+
 Metrics can be forwarded to the target project via a Prometheus exporter (single `prometheuslight` service configured [with remote write](https://grafana.com/docs/agent/latest/flow/reference/components/prometheus.remote_write/#prometheusremote_write)). When present in a source project, it collects metrics and forwards them to Prometheus in the target project.
+
 Since Prometheus supports only filesystem storage and non-HA (single instance) setup, the `prometheus` service is configured to run a backup cron job that stores metric data snapshots in object storage.
+
 ### Metrics
+
 After deploying the full or forwarder Prometheus setup, metrics are automatically scraped by Prometheus. After setup completes, log in to Grafana using the credentials found in the **Advanced Observability** section of your project in the GUI, then navigate to `/dashboards` to start exploring your metrics.
+
 Zerops provides several metrics out of the box:
+
 - Service scaling and resource metrics
 - PostgreSQL database service metrics (with HAProxy balancer metrics in HA setups)
 - MariaDB database service metrics
 - Valkey database metrics
+
 :::note
 Some PostgreSQL database metrics are available only after enabling the `pg_stat_statements` extension. Run `CREATE EXTENSION IF NOT EXISTS pg_stat_statements;` as a superuser and restart the database service.
 :::
+
 You can also expose custom metrics from your applications.
+
 #### Exposing Custom Metrics
+
 1. Configure your application to expose an HTTP `/metrics` endpoint on an arbitrary port. See this [simple Go application using `promauto`](https://github.com/zerops-recipe-apps/go-hello-world-app/tree/with-apm-and-metrics) for reference.
+
    :::note
    Only the `/metrics` path is scraped and cannot currently be configured otherwise.
    :::
+
 2. Add and commit the `ZEROPS_PROMETHEUS_PORT` environment variable to your application service with the port where you exposed the `/metrics` endpoint:
 ```
 Single port:
 9090
+
 Multiple ports can be defined using commas:
 9090,9091
 ```
+
 For example: `ZEROPS_PROMETHEUS_PORT=9090`. After setting the environment variable, your service's ports will be automatically added to metrics discovery and scraped by Prometheus.
+
 #### What Happens Behind the Scenes
+
 **Full setup:**
+
 1. The `prometheus`, `grafana`, `grafanadb`, and `prometheusbackups` services are deployed and configured (if not already present)
 2. `grafana` is made publicly accessible over HTTPS, securely accessible via a generated password
+
 After that, metrics are scraped and available for visualization in Grafana.
+
 **Forwarder setup:**
+
 1. The `prometheuslight` forwarder service is deployed in the source project
 2. The `prometheus`, `grafana`, `grafanadb`, and `prometheusbackups` services are deployed and configured in the target project (if not already present)
 3. `grafana` is made publicly accessible over HTTPS, securely accessible via a generated password
 4. `prometheus` is made publicly accessible over HTTPS via a Zerops zone domain and secured with basic access authentication (username and password)
 5. `prometheuslight` is configured to forward metrics to the target `prometheus` using the generated credentials over secure HTTPS
+
 ### Next Steps
+
 - **Security**: Set up custom domains for Grafana and Prometheus
 - **Customization**: Fork the [Prometheus recipe](https://github.com/zeropsio/recipe-prometheus), customize dashboards and alerting rules, and redeploy via `zcli`
 - **Advanced monitoring**: Explore Grafana's alerting capabilities and create custom dashboards for your specific use cases
@@ -22163,155 +31788,211 @@ After that, metrics are scraped and available for visualization in Grafana.
 
 # References > Networking > Cloudflare
 
+
 This guide provides step-by-step instructions for configuring Cloudflare to work with your Zerops applications, covering DNS records, proxy settings, SSL/TLS configuration, and common troubleshooting scenarios.
+
 ## Prerequisites
+
 Before starting, ensure you have:
 - A Cloudflare account
 - A registered domain name
 - Access to your Zerops project with [domain access configured](/references/networking/public-access#custom-domain-access)
 - Your Zerops IP addresses (IPv4 and/or IPv6) from the Zerops GUI
+
 ## DNS Record Configuration
+
 Configure your DNS records in Cloudflare using one of these approaches based on your needs:
+
 ### Using CNAME Records
+
 CNAME can be used for non-apex domains (subdomains) or with DNS providers that support CNAME flattening at the apex (like Cloudflare). When you set up a CNAME in Zerops, it internally creates A and AAAA records pointing to your project.
+
 To find your CNAME target value, go to your service in the Zerops GUI, navigate to **Public access & internal ports**, and select the **CNAME** option when adding a domain.
 ```bash
 Type    Name              Content                         Proxy status       TTL
-CNAME             Proxied/DNS Only   Auto
+CNAME   <your-domain>     <your-project-cname-target>     Proxied/DNS Only   Auto
 ```
+
 :::warning Cloudflare Proxy with Shared IPv4
 When using Cloudflare's proxy with CNAME records, you **must exclude the shared IPv4**. Toggle off "Shared IPv4 included in the CNAME" in the Zerops GUI.
+
 Zerops does a reverse lookup of the AAAA record of the domain for requests to our shared IPv4 address. If you use a shared IPv4 and also enable a proxy for the AAAA record, Zerops will not be able to correctly route the request.
+
 This setting affects all domains in your project.
 :::
+
 ### With Cloudflare Proxy
+
 #### IPv6 only
 ```bash
 Type    Name              Content                Proxy status   TTL
-AAAA             Proxied        Auto
+AAAA    <your-domain>     <your-project-ipv6>    Proxied        Auto
 ```
+
 Cloudflare handles IPv4 to IPv6 translation, making your service accessible to both IPv4 and IPv6 users. Uses Zerops' free dedicated IPv6 address.
+
 :::note
 Do not add a proxied A record with shared IPv4 when using this setup, as it would prevent proper IPv4 traffic routing.
 :::
+
 #### Dedicated IPv4
 ```bash
 Type    Name              Content                Proxy status   TTL
-A              Proxied        Auto
+A       <your-domain>     <your-dedicated-ipv4>  Proxied        Auto
 # Optional
-AAAA             Proxied        Auto
+AAAA    <your-domain>     <your-project-ipv6>    Proxied        Auto
 ```
+
 Uses your dedicated IPv4 address with Cloudflare's proxy features.
+
 :::tip
 Adding the AAAA record allows visitors with IPv6 support to connect directly via IPv6.
 :::
+
 #### Shared IPv4 *(not recommended)*
 ```bash
 Type    Name              Content                Proxy status  TTL
 AAAA             DNS only      Auto
 A               Proxied       Auto
 ```
+
 :::tip Why Not?
 Zerops does a reverse lookup of the AAAA record of the domain for requests to our shared IPv4 address. If you use a shared IPv4 and also enable a proxy for the AAAA record, Zerops will not be able to correctly route the request.
+
 Consider using IPv6 only or dedicated IPv4 configurations instead.
 :::
+
 ### DNS-Only Configuration (Without Cloudflare Proxy)
+
 If you prefer direct connections without Cloudflare's proxy features:
+
 #### Shared IPv4
 ```bash
 Type    Name              Content                Proxy status   TTL
-A               DNS only       Auto
-AAAA             DNS only       Auto
+A       <your-domain>     <zerops-shared-ipv4>   DNS only       Auto
+AAAA    <your-domain>     <your-project-ipv6>    DNS only       Auto
 ```
+
 Uses Zerops' free shared IPv4.
+
 :::note Both A + AAAA Required
 Adding AAAA record is essential for shared IPv4 configuration as it serves as a [security measure](/references/networking/dns#understand-shared-ipv4) to prevent unauthorized domain claims.
 :::
+
 #### Dedicated IPv4
 ```bash
 Type    Name              Content                Proxy status   TTL
-A              DNS only       Auto
+A       <your-domain>     <your-dedicated-ipv4>  DNS only       Auto
 # Optional
-AAAA             DNS only       Auto
+AAAA    <your-domain>     <your-project-ipv6>    DNS only       Auto
 ```
+
 Uses your dedicated IPv4 address.
 :::tip
 Adding the AAAA record allows visitors with IPv6 support to connect directly via IPv6.
 :::
+
 #### IPv6 only
 ```bash
 Type    Name              Content                Proxy status   TTL
-AAAA             DNS only       Auto
+AAAA    <your-domain>     <your-project-ipv6>    DNS only       Auto
 ```
+
 Uses only Zerops' free dedicated IPv6.
 :::note
 This configuration will only work for users with IPv6 connectivity.
 :::
+
 ## Wildcard Domain Configuration
-Zerops supports wildcard domains (`*.`) that allow routing all subdomains to your project.
+
+Zerops supports wildcard domains (`*.<your-domain>`) that allow routing all subdomains to your project.
+
 ### DNS Records for Wildcards
+
 Configure wildcard domains using either method:
+
 #### Method A: Direct Wildcard Records
 ```bash
 Type   Name              Content               Proxy status       TTL
-A      *.      DNS only/Proxied   Auto
-AAAA   *.      DNS only/Proxied   Auto
+A      *.<your-domain>   <your-ipv4-address>   DNS only/Proxied   Auto
+AAAA   *.<your-domain>   <your-ipv6-address>   DNS only/Proxied   Auto
 ```
+
 #### Method B: CNAME to Main Domain
 First ensure your main domain has proper A/AAAA records, then add:
 ```bash
 Type    Name              Content         Proxy status       TTL
-CNAME   *.      DNS only/Proxied   Auto
+CNAME   *.<your-domain>   <your-domain>   DNS only/Proxied   Auto
 ```
+
 ### Certificate Validation for Wildcards
+
 To enable automatic SSL certificate issuance for wildcard domains:
+
 ```bash
 Type    Name                            Content                     Proxy status   TTL
-CNAME   _acme-challenge.   .zerops.zone   DNS only       Auto
+CNAME   _acme-challenge.<your-domain>   <your-domain>.zerops.zone   DNS only       Auto
 ```
+
 This CNAME record allows Zerops to handle the DNS-01 challenge required for wildcard SSL certificates.
+
 ### Higher-Level Wildcard Subdomains
-You can also set up higher-level wildcard subdomains like `*..`:
+
+You can also set up higher-level wildcard subdomains like `*.<subdomain>.<your-domain>`:
+
 #### Method A: Direct Configuration
 ```bash
 Type   Name                          Content               Proxy status       TTL
-A      *..      DNS only/Proxied   Auto
-AAAA   *..      DNS only/Proxied   Auto
+A      *.<subdomain>.<your-domain>   <your-ipv4-address>   DNS only/Proxied   Auto
+AAAA   *.<subdomain>.<your-domain>   <your-ipv6-address>   DNS only/Proxied   Auto
 ```
+
 #### Method B: Using a CNAME Record
 ```bash
 Type    Name                          Content                     Proxy status       TTL
-CNAME   *..   .   DNS only/Proxied   Auto
+CNAME   *.<subdomain>.<your-domain>   <subdomain>.<your-domain>   DNS only/Proxied   Auto
 ```
 or
 ```bash
 Type    Name                          Content         Proxy status       TTL
-CNAME   *..      DNS only/Proxied   Auto
+CNAME   *.<subdomain>.<your-domain>   <your-domain>   DNS only/Proxied   Auto
 ```
+
 For certificate validation with higher-level wildcards:
 ```bash
 Type    Name                                        Content                                 Proxy status   TTL
-CNAME   _acme-challenge..   ..zerops.zone   DNS only       Auto
+CNAME   _acme-challenge.<subdomain>.<your-domain>   <subdomain>.<your-domain>.zerops.zone   DNS only       Auto
 ```
+
 ### Combining Main Domain and Wildcard Domain
-To use both `` and `*.`, specify both variants in your [Zerops configuration](/references/networking/public-access#http-routing-setup). Zerops automatically issues a single shared certificate for both the main domain and all its subdomains.
+
+To use both `<your-domain>` and `*.<your-domain>`, specify both variants in your [Zerops configuration](/references/networking/public-access#http-routing-setup). Zerops automatically issues a single shared certificate for both the main domain and all its subdomains.
+
 ## Cloudflare SSL/TLS Configuration
+
 ### Essential SSL/TLS Settings
+
 1. **Set Encryption Mode**
    - Navigate to **SSL/TLS** → **Overview** in your Cloudflare dashboard
    - Select **Full (strict)** for production or **Full** for testing
    - **Never use Flexible mode** - this will cause redirect loops
+
 2. **Edge Certificates**
    - Go to **SSL/TLS** → **Edge Certificates**
    - Ensure **Always Use HTTPS** is enabled for production
    - Keep **Automatic HTTPS Rewrites** enabled
+
 ### Certificate Validation Configuration
+
 For proper certificate issuance, especially with Let's Encrypt:
+
 #### Option A: Simple Setup (Testing/Development)
 - Temporarily disable **Always Use HTTPS** during initial certificate setup
 - Re-enable after certificates are issued
+
 #### Option B: Production Setup
 Keep **Always Use HTTPS** enabled and create a Configuration Rule:
+
 1. Go to **Rules** → **Configuration Rules**
 2. Create a new rule with these settings:
    - **Rule name:** "Allow ACME Challenge"
@@ -22319,60 +32000,84 @@ Keep **Always Use HTTPS** enabled and create a Configuration Rule:
    - **Operator:** starts with
    - **Value:** `/.well-known/acme-challenge/`
    - **Action:** Disable **Automatic HTTPS Rewrites**
+
 This rule allows certificate validation to work while maintaining HTTPS enforcement for all other traffic.
+
 ## Validation and Testing
+
 ### DNS Resolution Testing
 ```bash
 # Check IPv4 resolution
-dig A 
+dig A <your-domain>
+
 # Check IPv6 resolution
-dig AAAA 
+dig AAAA <your-domain>
+
 # Check from specific DNS server
-dig @1.1.1.1 
+dig @1.1.1.1 <your-domain>
 ```
+
 ### Connectivity Testing
 ```bash
 # Basic HTTPS test
-curl -vI https://
+curl -vI https://<your-domain>
+
 # Test with specific subdomain (for wildcards)
-curl -vI https://api.
+curl -vI https://api.<your-domain>
+
 # Test IPv4 specifically
-curl -4 -v https://
+curl -4 -v https://<your-domain>
+
 # Test IPv6 specifically
-curl -6 -v https://
+curl -6 -v https://<your-domain>
 ```
+
 ### Cloudflare-Specific Checks
+
 1. **Verify proxy status** in Cloudflare DNS dashboard (orange cloud = proxied)
 2. **Check SSL/TLS mode** in SSL/TLS → Overview
 3. **Confirm certificate issuance** in SSL/TLS → Edge Certificates
 4. **Test redirect behavior** by accessing `http://` version of your domain
+
 ## Troubleshooting Common Issues
+
 ### SSL Certificate Problems
+
 #### Too Many Redirects or SSL Errors
+
 **Possible causes:**
 - Incorrect SSL/TLS mode in Cloudflare
 - Invalid or missing certificates
 - Misconfigured HTTPS settings
+
 **Solutions:**
 1. Verify SSL/TLS mode is set to **Full** or **Full (strict)**, not **Flexible**
 2. Check that both Zerops and Cloudflare have valid certificates
 3. Ensure **Always Use HTTPS** is properly configured
 4. For new domains, refresh the Cloudflare SSL/TLS page as settings may display incorrectly initially
+
 #### Certificate Validation Fails for Wildcard Domains
+
 **Possible causes:**
 - Missing or incorrect `_acme-challenge` CNAME record
 - DNS propagation not complete
 - Incorrect CNAME target
+
 **Solutions:**
 1. Verify the `_acme-challenge` CNAME record is correctly configured
 2. Ensure DNS propagation is complete (check with `dig` command)
-3. Confirm the CNAME points to `.zerops.zone`
+3. Confirm the CNAME points to `<your-domain>.zerops.zone`
+
 #### Domain Verification Failed (DNS Warning in Zerops)
+
 **Possible causes:**
 - Cloudflare's WAF or security features blocking the `/.well-known/acme-challenge/` path
 - Let's Encrypt HTTP-01 validation being prevented
+
 **Solutions:**
+
 **Option 1: Create a WAF Skip Rule (Recommended)**
+
 1. Navigate to **Security** → **WAF** → **Custom rules** in Cloudflare
 2. Click **Create rule** and configure:
    - **Rule name:** "Allow ACME Challenge"
@@ -22383,44 +32088,58 @@ curl -6 -v https://
    - **Which rules to skip:** Select all WAF components
 3. Move this rule to the **top** of your Custom rules list
 4. Wait a few minutes and check if the warning disappears in Zerops
+
 **Option 2: Modify Existing WAF Rules**
+
 1. Edit your existing WAF rule
 2. Add an additional condition:
    - **Field:** URI Path
    - **Operator:** does not start with
    - **Value:** `/.well-known/acme-challenge/`
+
 :::tip CNAME Flattening and DNS Verification
 Cloudflare uses CNAME flattening, which converts CNAME records to A/AAAA records in DNS responses. This is normal behavior and doesn't affect Zerops' domain verification. However, if WAF or other security features block the ACME challenge endpoint, Zerops cannot complete the HTTP-01 validation required for certificate issuance.
 :::
+
 ### DNS Resolution Issues
+
 #### Domain Not Resolving
+
 **Possible causes:**
 - Incorrect DNS record configuration
 - DNS propagation delay
 - Typos in IP addresses
+
 **Solutions:**
 1. Confirm DNS records are correctly configured in Cloudflare
 2. Verify proxy status matches your intended setup (orange cloud = proxied)
 3. Check for typos in IP addresses or CNAME targets
 4. Wait for DNS propagation (typically 5-10 minutes, up to 24 hours globally)
-5. Test resolution using: `dig @1.1.1.1 `
+5. Test resolution using: `dig @1.1.1.1 <your-domain>`
+
 #### IPv4 Traffic Not Working with IPv6-Only Setup
+
 **Possible causes:**
 - Cloudflare proxy disabled
 - Incorrect IPv6 address
 - Conflicting DNS records
+
 **Solutions:**
 1. Ensure Cloudflare proxy is **enabled** (orange cloud icon)
 2. Verify IPv6 address is correct in AAAA record
 3. Confirm no conflicting A record with shared IPv4 exists
-4. Test with: `curl -4 -v https://`
+4. Test with: `curl -4 -v https://<your-domain>`
+
 ## Security Considerations
+
 - Always use **Full (strict)** SSL mode for production
 - Enable **HSTS (HTTP Strict Transport Security)** in Cloudflare
 - Consider enabling **Bot Fight Mode** for additional protection
 - Use Cloudflare's **Firewall Rules** to block malicious traffic
 - Regularly monitor SSL certificate expiration dates
+
 ## Getting Help
+
 If you encounter issues not covered in this guide:
 - Check the [general DNS configuration guide](/references/networking/dns#technical-background) for additional context
 - Review your Zerops service logs for error messages
@@ -22432,177 +32151,243 @@ If you encounter issues not covered in this guide:
 
 # References > Networking > Dns
 
+
 This guide will show you how to configure DNS records and proxy settings to work with your Zerops applications.
+
 :::important Cloudflare
 If you're using Cloudflare, check out our dedicated [Cloudflare DNS Configuration Guide](/references/networking/cloudflare) for step-by-step instructions specific to Cloudflare's interface and features.
 :::
+
 ## DNS Configuration
+
 DNS records for Zerops services can be configured in two main ways:
 * **With Proxy**: Routes traffic through proxy services, providing additional security and performance features (recommended for DDoS protection)
 * **Without Proxy (DNS Only)**: Direct connection to your Zerops service's IP address
+
 DNS allows you to set two records based on IP address type:
 * **A** record for **IPv4** - Zerops offers either a free **shared** IPv4 or a paid **dedicated** IPv4
 * **AAAA** record for **IPv6** - Zerops provides a free **dedicated** IPv6
+
 ### Using CNAME Records
+
 CNAME can be used for non-apex domains (subdomains) or with DNS providers that support CNAME flattening at the apex. When you set up a CNAME in Zerops, it internally creates A and AAAA records pointing to your project.
+
 To find your CNAME target value, go to your service in the Zerops GUI, navigate to **Public access & internal ports**, and select the **CNAME** option when adding a domain.
+
 ```
 Type    Name              Content                         Proxy status       TTL
-CNAME             DNS only/Proxied   Auto
+CNAME   <your-domain>     <your-project-cname-target>     DNS only/Proxied   Auto
 ```
+
 :::warning Using Proxy with Shared IPv4
 When using any CDN or proxy service with CNAME records, you should **exclude the shared IPv4**. Toggle off "Shared IPv4 included in the CNAME" in the Zerops GUI.
+
 Zerops does a reverse lookup of the AAAA record of the domain for requests to our shared IPv4 address. If you use a shared IPv4 and also enable a proxy for the AAAA record, Zerops will not be able to correctly route the request because it sees the proxy's IP instead of your project's IPv6.
+
 This setting affects all domains in your project.
 :::
+
 ### With Proxy
+
 #### IPv6 only
 ```bash
 Type    Name              Content                Proxy status   TTL
-AAAA             Proxied        Auto
+AAAA    <your-domain>     <your-project-ipv6>    Proxied        Auto
 ```
+
 :::note
 Make sure your proxy service supports IPv4 to IPv6 translation for this configuration to work for **both IPv4 and IPv6** users.
+
 Do not add a proxied A record with shared IPv4 - doing so would prevent the proxy from properly routing IPv4 traffic to your service.
 :::
+
 #### Dedicated IPv4
 ```bash
 Type    Name              Content                Proxy status   TTL
-A              Proxied        Auto
+A       <your-domain>     <your-dedicated-ipv4>  Proxied        Auto
 # Optional
-AAAA             Proxied        Auto
+AAAA    <your-domain>     <your-project-ipv6>    Proxied        Auto
 ```
+
 :::tip
 Adding also AAAA record can be beneficial as visitors with IPv6 support will connect directly via IPv6.
 :::
+
 #### Shared IPv4 *(not recommended)*
 ```bash
 Type    Name              Content                Proxy status  TTL
-AAAA             DNS only      Auto
-A               Proxied       Auto
+AAAA    <your-domain>     <your-project-ipv6>    DNS only      Auto
+A       <your-domain>     <zerops-shared-ipv4>   Proxied       Auto
 ```
+
 :::tip Why Not?
 Zerops does a reverse lookup of the AAAA record of the domain for requests to our shared IPv4 address. If you use a shared IPv4 and also enable a proxy for the AAAA record, Zerops will not be able to correctly route the request.
+
 Use [IPv6 only](#ipv6-only) or dedicated IPv4 configurations instead.
 :::
+
 ### Without Proxy
+
 #### Shared IPv4
 ```bash
 Type    Name              Content                Proxy status   TTL
-AAAA             DNS only       Auto
-A               DNS only       Auto
+AAAA    <your-domain>     <your-project-ipv6>    DNS only       Auto
+A       <your-domain>     <zerops-shared-ipv4>   DNS only       Auto
 ```
+
 :::note Both A + AAAA Required
 Adding AAAA record is essential for shared IPv4 configuration as it serves as a [security measure](#understand-shared-ipv4) to prevent unauthorized domain claims.
 :::
+
 #### Dedicated IPv4
 ```bash
 Type    Name              Content                Proxy status   TTL
-A              DNS only       Auto
+A       <your-domain>     <your-dedicated-ipv4>  DNS only       Auto
 # Optional
-AAAA             DNS only       Auto
+AAAA    <your-domain>     <your-project-ipv6>    DNS only       Auto
 ```
+
 :::tip
 Adding also AAAA record can be beneficial as visitors with IPv6 support will connect directly via IPv6.
 :::
+
 #### IPv6 only
 ```bash
 Type    Name              Content                Proxy status   TTL
-AAAA             DNS only       Auto
+AAAA    <your-domain>     <your-project-ipv6>    DNS only       Auto
 ```
+
 :::note
 This configuration will only work for users with IPv6 connectivity, which may limit your service accessibility.
 :::
+
 ## Wildcard Domain Configuration
-Zerops supports wildcard domains (`*.`) that allow routing all subdomains to your project.
+
+Zerops supports wildcard domains (`*.<your-domain>`) that allow routing all subdomains to your project.
+
 ### DNS Configuration
 #### Method A: Direct configuration of A and AAAA records
-Configure wildcard DNS records following the same patterns described in the [DNS Configuration](#dns-configuration) section, using `*.` in the Name field:
+Configure wildcard DNS records following the same patterns described in the [DNS Configuration](#dns-configuration) section, using `*.<your-domain>` in the Name field:
+
 ```bash
 Type   Name              Content               Proxy status       TTL
-A      *.      DNS only/Proxied   Auto
-AAAA   *.      DNS only/Proxied   Auto
+A      *.<your-domain>   <your-ipv4-address>   DNS only/Proxied   Auto
+AAAA   *.<your-domain>   <your-ipv6-address>   DNS only/Proxied   Auto
 ```
+
 #### Method B: Using a CNAME record
-First configure A and AAAA records for your main domain (``), then set up a CNAME record:
+First configure A and AAAA records for your main domain (`<your-domain>`), then set up a CNAME record:
+
 ```bash
 Type    Name              Content         Proxy status       TTL
-CNAME   *.      DNS only/Proxied   Auto
+CNAME   *.<your-domain>   <your-domain>   DNS only/Proxied   Auto
 ```
+
 ### Certificate Validation
+
 For proper HTTPS certificate functionality with wildcard domains, configure:
 ```bash
 Type    Name                            Content                     Proxy status   TTL
-CNAME   _acme-challenge.   .zerops.zone   DNS only       Auto
+CNAME   _acme-challenge.<your-domain>   <your-domain>.zerops.zone   DNS only       Auto
 ```
+
 This record enables Zerops to issue and verify a wildcard certificate for your domain.
+
 ### Higher-Level Wildcard Subdomains
-You can also set up higher-level wildcard subdomains like `*..`:
+
+You can also set up higher-level wildcard subdomains like `*.<subdomain>.<your-domain>`:
+
 #### Method A: Direct configuration
 ```bash
 Type   Name                          Content               Proxy status       TTL
-A      *..      DNS only/Proxied   Auto
-AAAA   *..      DNS only/Proxied   Auto
+A      *.<subdomain>.<your-domain>   <your-ipv4-address>   DNS only/Proxied   Auto
+AAAA   *.<subdomain>.<your-domain>   <your-ipv6-address>   DNS only/Proxied   Auto
 ```
+
 #### Method B: Using a CNAME record
 ```bash
 Type    Name                          Content                     Proxy status       TTL
-CNAME   *..   .   DNS only/Proxied   Auto
+CNAME   *.<subdomain>.<your-domain>   <subdomain>.<your-domain>   DNS only/Proxied   Auto
 ```
 or
 ```bash
 Type    Name                          Content         Proxy status       TTL
-CNAME   *..      DNS only/Proxied   Auto
+CNAME   *.<subdomain>.<your-domain>   <your-domain>   DNS only/Proxied   Auto
 ```
+
 For certificate validation:
 ```bash
 Type    Name                                        Content                                 Proxy status   TTL
-CNAME   _acme-challenge..   ..zerops.zone   DNS only       Auto
+CNAME   _acme-challenge.<subdomain>.<your-domain>   <subdomain>.<your-domain>.zerops.zone   DNS only       Auto
 ```
+
 ### Combining Main Domain and Wildcard Domain
-To use both `` and `*.`, specify both variants in your [Zerops configuration](/references/networking/public-access#http-routing-setup). Zerops automatically issues a single shared certificate for both the main domain and all its subdomains.
+
+To use both `<your-domain>` and `*.<your-domain>`, specify both variants in your [Zerops configuration](/references/networking/public-access#http-routing-setup). Zerops automatically issues a single shared certificate for both the main domain and all its subdomains.
+
 ## Validation Steps
+
 Test your configuration:
 ```bash
 # Check DNS resolution
-dig AAAA 
+dig AAAA <your-domain>
+
 # Verify connectivity
-curl -vI https://
+curl -vI https://<your-domain>
+
 # Test IPv4 access
-curl -4 -v https://
+curl -4 -v https://<your-domain>
+
 # Test IPv6 access
-curl -6 -v https://
+curl -6 -v https://<your-domain>
 ```
+
 ## Troubleshooting Guide
+
 1. **DNS Resolution Issues**
    - Confirm correct record configuration
    - Verify proxy status settings
    - Check IPv6 address accuracy
    - Allow time for DNS propagation (typically 5-10 minutes)
+
 2. **Connection Problems**
    - Test both IPv4 and IPv6 connectivity
    - Check proxy server status if applicable
    - Confirm port configurations
+
 3. **Certificate Issues**
    - Verify proper _acme-challenge CNAME configuration for wildcard domains
    - Check that DNS records match the domains configured in Zerops
    - **Provider-specific certificate problems**: Consult your DNS provider's documentation for SSL/TLS configuration requirements
+
 ## Technical Background
+
 ### Understanding Shared IPv4 Addresses {#understand-shared-ipv4}
+
 Shared IPv4 allows multiple Zerops projects to use the same IPv4 address while maintaining separate routing for each project. Here's how it works:
+
 1. When a visitor makes a request, it first arrives at the shared IPv4 address
 2. The system looks at the domain name in the request (using SNI - Server Name Indication)
 3. For security, it checks if this domain properly resolves to your project's IPv6 address
 4. Only if IPv6 address matches your project will the traffic be routed correctly
+
 This is why configuring both A (IPv4) and AAAA (IPv6) records is crucial when using shared IPv4 addresses - the IPv6 record acts as a security key that helps prevent unauthorized use of the shared IPv4 address.
+
 ### Certificate Verification Methods
+
 When issuing SSL/TLS certificates, different verification methods are used depending on the certificate type:
+
 #### HTTP-01 vs DNS-01 Verification
-- **Regular certificates** (for a single domain like ``) are typically issued using the **HTTP-01** challenge method. This verification checks that you control the domain by placing a specific file at a specific URL.
-- **Wildcard certificates** (for domains like `*.`) must be issued using the **DNS-01** challenge method. This method requires creating specific TXT records in your DNS configuration.
+
+- **Regular certificates** (for a single domain like `<your-domain>`) are typically issued using the **HTTP-01** challenge method. This verification checks that you control the domain by placing a specific file at a specific URL.
+
+- **Wildcard certificates** (for domains like `*.<your-domain>`) must be issued using the **DNS-01** challenge method. This method requires creating specific TXT records in your DNS configuration.
+
 ### How Zerops Handles Wildcard Certificate Verification
+
 Zerops simplifies the DNS-01 challenge process:
-1. You create a CNAME record (e.g., `_acme-challenge. CNAME .zerops.zone`)
+
+1. You create a CNAME record (e.g., `_acme-challenge.<your-domain> CNAME <your-domain>.zerops.zone`)
 2. When a certificate needs to be issued or renewed, Zerops automatically creates the required TXT records on its `zerops.zone` domain
 3. The certificate authority verifies these TXT records through the CNAME redirection
 4. Once verified, the wildcard certificate is issued without requiring manual intervention
@@ -22611,129 +32396,197 @@ Zerops simplifies the DNS-01 challenge process:
 
 # References > Networking > Firewall
 
+
 Zerops includes a comprehensive firewall system implemented using [nftables](https://en.wikipedia.org/wiki/Nftables) to ensure platform security.
+
 The primary focus is on managing outbound communication to prevent potential platform misuse while maintaining the flexibility needed for legitimate applications.
+
 ## What is a Firewall?
+
 A Firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
+
 At Zerops, we implemented a robust firewall system to protect our platform and your applications.
+
 ## Port Access Rules
+
 ### UDP Ports
 *No restrictions*
+
 ### TCP Ports
+
 #### **TCP ports 1-1024**
 The following specific ports are allowed:
+
 - **22** - SSH
 - **53** - DNS
 - **80** - HTTP
 - **123** - NTP
 - **443** - HTTPS
 - **587** - SMTP (with STARTTLS)
+
 *All other TCP ports in the range 1-1024 are **blocked** for security reasons, see below.*
+
 #### **TCP ports 1025-65535**
 *No restrictions*
+
 ## Security Measures
+
 These firewall rules are strategically implemented to:
+
 - Prevent unauthorized use of the Zerops infrastructure for spam or network attacks
 - Protect Zerops and its users from potential security threats
 - Maintain compliance with security best practices
+
 ## Common Use Cases
+
 ### Standard Web Applications (HTTP/HTTPS)
 - Full access to HTTP/HTTPS communication (ports 80/443)
 - Unrestricted DNS queries (port 53)
 - Time synchronization via NTP (port 123)
+
 ### Email Services
+
 - SMTP access through port 587 (with STARTTLS)
 - For detailed SMTP configuration, see our [SMTP documentation](/references/smtp)
+
 ## Requesting Firewall Modifications
+
 If your application requires access to additional ports:
+
 1. Contact Zerops support at [support@zerops.io](mailto:support@zerops.io).
 2. Include in your request:
    - Specific ports and protocols needed.
    - Detailed explanation of your use case.
    - Mention your Project ID and Organization ID from your Zerops Dashboard.
 
+
 ----------------------------------------
 
 # References > Networking > Internal Access
 
+
 This guide covers internal communication between services and methods for accessing your project's private network. For an overview of all access methods, see the [Access & Networking guide](/features/access).
+
 ## Internal Access Methods
+
 Choose the access method that fits your needs:
+
 - **[Service-to-Service Communication](#service-to-service-communication)** - Direct communication between services in the same project
 - **[Environment Variables](#environment-variables)** - Share configuration and credentials between services
 - **[External Access to Private Network](#external-access-to-private-network)** - Connect from outside the project using VPN or SSH
+
 ## Service-to-Service Communication
+
 Every Zerops project includes a dedicated private network that automatically connects all services within the project.
+
 ### Network Architecture
+
 **Automatic Service Discovery:**
 - All services communicate directly using service hostnames
 - No manual network configuration required
 - Traffic stays isolated within your project's private network
+
 ### Basic Service Communication
+
 Connect to any service within the same project using the service hostname and internal port, e.g.:
+
 ```bash
 # Connect to 'api' service on port 3000
 http://api:3000/health
 ```
+
 :::note
 Do not use `https://` when communicating between runtime services in the same project. The internal communication is done over a private network and is isolated from other projects.
 :::
+
 ### Internal Ports Configuration
+
 Services expose internal ports for communication within the project:
+
 - **Define ports** in your service's `zerops.yaml` [configuration](/zerops-yaml/specification#ports-)
 - **HTTP ports** are accessible for web traffic between services
 - **TCP/UDP ports** support database connections and custom protocols
 - **Multiple ports** can be exposed per service for different purposes
+
 :::tip Connect from another project
 To connect to a service from **another Zerops project**, you'll need to use [public access methods](/references/networking/public-access) since different projects don't share private networks.
 :::
+
 ### Environment Variables
+
 Zerops creates default environment variables for each service to help you with connection within the same project. To avoid the need to copy the access parameters manually, use generated environment variables of the service.
+
 #### Generated Environment Variables
+
 Each service automatically receives environment variables containing connection details for other services in the project:
+
 ```bash
 # Database connection variables
 DATABASE_HOST=postgres
 DATABASE_PORT=5432
 DATABASE_URL=postgresql://app_user:secure_password@postgres:5432/myapp
 ```
+
 #### Prefix the environment variable key
+
 All services of the same project can reference environment variables from other services. To use an environment variable from one service in another service in the same project, you must prefix the environment variable key with the service hostname and underscore.
+
 **Example:**
+
 To access the `API_TOKEN` env variable of the `app` service, use `app_API_TOKEN` as the env variable key.
+
 :::tip Environment Variables Guide
 For complete information on environment variable types, isolation, and management, see the [Environment Variables Reference](/features/env-variables).
 :::
+
 ## External Access to Private Network
+
 Access your project's private network from external locations for development and administration.
+
 ### VPN Access
+
 You can securely connect to your application from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool.
+
 #### Start VPN connection
+
 To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn#start-vpn)
+
 #### Access application through VPN
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no environment variables are available when connected through VPN. To connect to your application in Zerops set the hostname and internal port e.g. `http://app:3000`
+
 :::info
 Do not use `https://` when communicating over the VPN. The security is assured by the VPN. The internal communication is done over a private network and is isolated from other projects.
 :::
+
 :::tip VPN Setup
 For complete VPN setup, configuration, and troubleshooting, see the [VPN Reference Guide](/references/networking/vpn).
 :::
+
 ### SSH Access
+
 Use [SSH](/references/networking/ssh) to connect to your service for debugging and system administration.
+
 ```bash
 # Connect to a specific service
-ssh 
+ssh <service-name>
 ```
+
 **Important:** SSH access is temporary and changes are not persistent across deployments.
+
 :::tip SSH Configuration
 For complete SSH documentation, access control, and advanced usage, see the [SSH Reference Guide].
 :::
+
 :::note
 When you're finished working with internal access over VPN, [stop the Zerops VPN](/references/networking/vpn#stop-vpn) in zCLI.
 :::
+
 ## Next Steps
+
 - **Public access configuration:** [Public Access Reference Guide](/references/networking/public-access)
 - **Environment variables:** [Environment Variables Reference](/features/env-variables)
 - **VPN setup:** [VPN Reference Guide](/references/networking/vpn)
@@ -22743,346 +32596,485 @@ When you're finished working with internal access over VPN, [stop the Zerops VPN
 
 # References > Networking > L7 Balancer Config
 
+
 This guide provides comprehensive documentation for Zerops L7 HTTP balancer configuration and advanced routing features. For basic setup instructions, see the [Domain & Access Configuration](/features/access) guide.
+
 The L7 HTTP Balancer handles all HTTP/HTTPS traffic and provides advanced application-layer capabilities:
+
 **Functions:**
 - SSL/TLS termination with automatic certificate management
 - Domain routing and virtual host management
 - Load balancing across multiple service instances
 - Advanced routing features (redirects, access policies, rate limiting)
 - Performance optimization through caching and compression
+
 **Architecture:**
 - Deployed in two containers for high availability
 - Scales automatically based on traffic patterns
 - Integrated with Let's Encrypt for SSL certificates
 - Configurable through advanced balancer settings
+
 ## L7 HTTP Balancer Configuration
+
 Access the advanced balancer configuration through your project's HTTP Balancer section → **Advanced balancer configuration**.
+
 ### Connection Handling
+
 Configure how the balancer manages client connections:
-  
-      Setting
-      Default
-      Range
-      Parameter
-    
-      Maximum simultaneous connections per worker
-      4000
-      1024-65535
-      worker_connections
-    
-      Accept multiple connections at once
-      on
-      on/off
-      multi_accept
-    
-      How long to keep idle connections open
-      30s
-      1s-300s
-      keepalive_timeout
-    
-      Maximum number of requests per connection
-      100000
-      1-1000000
-      keepalive_requests
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Setting</th>
+      <th className="w-fit whitespace-nowrap">Default</th>
+      <th className="w-fit whitespace-nowrap">Range</th>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Maximum simultaneous connections per worker</td>
+      <td className="w-fit whitespace-nowrap">4000</td>
+      <td className="w-fit whitespace-nowrap">1024-65535</td>
+      <td className="w-fit whitespace-nowrap">worker_connections</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Accept multiple connections at once</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+      <td className="w-fit whitespace-nowrap">multi_accept</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">How long to keep idle connections open</td>
+      <td className="w-fit whitespace-nowrap">30s</td>
+      <td className="w-fit whitespace-nowrap">1s-300s</td>
+      <td className="w-fit whitespace-nowrap">keepalive_timeout</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Maximum number of requests per connection</td>
+      <td className="w-fit whitespace-nowrap">100000</td>
+      <td className="w-fit whitespace-nowrap">1-1000000</td>
+      <td className="w-fit whitespace-nowrap">keepalive_requests</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip Recommendations
 - **High-traffic websites**: Increase `worker_connections` to 8000 or higher
 - **API services**: Adjust `keepalive_timeout` to 60 for longer connections
 - **WebSocket applications**: Increase `keepalive_timeout` for persistent connections
 :::
+
 ### Client Request Settings
+
 Control how the balancer handles incoming requests:
-  
-      Setting
-      Default
-      Range
-      Parameter
-    
-      Timeout for receiving client request header
-      10s
-      1s-300s
-      client_header_timeout
-    
-      Timeout for receiving client request body
-      10s
-      1s-300s
-      client_body_timeout
-    
-      Maximum allowed size of client request body
-      512m
-      1k-2048m
-      client_max_body_size
-    
-      Reset connections that have timed out
-      on
-      on/off
-      reset_timedout_connection
-    
-      Timeout for transmitting response to client
-      2s
-      1s-300s
-      send_timeout
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Setting</th>
+      <th className="w-fit whitespace-nowrap">Default</th>
+      <th className="w-fit whitespace-nowrap">Range</th>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Timeout for receiving client request header</td>
+      <td className="w-fit whitespace-nowrap">10s</td>
+      <td className="w-fit whitespace-nowrap">1s-300s</td>
+      <td className="w-fit whitespace-nowrap">client_header_timeout</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Timeout for receiving client request body</td>
+      <td className="w-fit whitespace-nowrap">10s</td>
+      <td className="w-fit whitespace-nowrap">1s-300s</td>
+      <td className="w-fit whitespace-nowrap">client_body_timeout</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Maximum allowed size of client request body</td>
+      <td className="w-fit whitespace-nowrap">512m</td>
+      <td className="w-fit whitespace-nowrap">1k-2048m</td>
+      <td className="w-fit whitespace-nowrap">client_max_body_size</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Reset connections that have timed out</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+      <td className="w-fit whitespace-nowrap">reset_timedout_connection</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Timeout for transmitting response to client</td>
+      <td className="w-fit whitespace-nowrap">2s</td>
+      <td className="w-fit whitespace-nowrap">1s-300s</td>
+      <td className="w-fit whitespace-nowrap">send_timeout</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip Recommendations
 - **File upload services**: Increase `client_body_timeout` and `client_max_body_size` to accommodate large files
 - **Slow clients**: Increase header and body timeouts
 - **API endpoints**: Set `client_max_body_size` according to your API payload requirements
 :::
+
 ### Buffer Settings
+
 Optimize memory usage for request and response handling:
-  
-      Setting
-      Default
-      Range
-      Parameter
-    
-      Size of buffer for client request header
-      1k
-      1k-64k
-      client_header_buffer_size
-    
-      Number of buffers for large client headers
-      4
-      1-16
-      large_client_header_buffers_number
-    
-      Size of buffers for large client headers
-      8k
-      1k-64k
-      large_client_header_buffers_size
-    
-      Size of buffer for client request body
-      16k
-      1k-1m
-      client_body_buffer_size
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Setting</th>
+      <th className="w-fit whitespace-nowrap">Default</th>
+      <th className="w-fit whitespace-nowrap">Range</th>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Size of buffer for client request header</td>
+      <td className="w-fit whitespace-nowrap">1k</td>
+      <td className="w-fit whitespace-nowrap">1k-64k</td>
+      <td className="w-fit whitespace-nowrap">client_header_buffer_size</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Number of buffers for large client headers</td>
+      <td className="w-fit whitespace-nowrap">4</td>
+      <td className="w-fit whitespace-nowrap">1-16</td>
+      <td className="w-fit whitespace-nowrap">large_client_header_buffers_number</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Size of buffers for large client headers</td>
+      <td className="w-fit whitespace-nowrap">8k</td>
+      <td className="w-fit whitespace-nowrap">1k-64k</td>
+      <td className="w-fit whitespace-nowrap">large_client_header_buffers_size</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Size of buffer for client request body</td>
+      <td className="w-fit whitespace-nowrap">16k</td>
+      <td className="w-fit whitespace-nowrap">1k-1m</td>
+      <td className="w-fit whitespace-nowrap">client_body_buffer_size</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip Recommendations
 - **Large headers**: Increase header buffer sizes for applications with extensive headers
 - **File uploads**: Optimize `client_body_buffer_size` based on typical upload sizes
 - **Memory optimization**: Tune based on available memory and connection patterns
 :::
+
 ### Proxy Settings
+
 Configure how the balancer communicates with backend services:
-  
-      Setting
-      Parameter
-      Default
-      Range
-    
-      Enable buffering of client request body
-      proxy_request_buffering
-      off
-      on/off
-    
-      Enable buffering of responses from proxied server
-      proxy_buffering
-      on
-      on/off
-    
-      Size of the buffer used for reading the first part of the response
-      proxy_buffer_size
-      32k
-      1k-256k
-    
-      Number of buffers used for reading a response from the proxied server
-      proxy_buffers_number
-      4
-      1-16
-    
-      Size of buffers for reading a response from the proxied server
-      proxy_buffers_size
-      256k
-      1k-1m
-    
-      Size of buffers that can be busy sending response to the client
-      proxy_busy_buffers_size
-      256k
-      1k-1m
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Setting</th>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Default</th>
+      <th className="w-fit whitespace-nowrap">Range</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Enable buffering of client request body</td>
+      <td className="w-fit whitespace-nowrap">proxy_request_buffering</td>
+      <td className="w-fit whitespace-nowrap">off</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Enable buffering of responses from proxied server</td>
+      <td className="w-fit whitespace-nowrap">proxy_buffering</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Size of the buffer used for reading the first part of the response</td>
+      <td className="w-fit whitespace-nowrap">proxy_buffer_size</td>
+      <td className="w-fit whitespace-nowrap">32k</td>
+      <td className="w-fit whitespace-nowrap">1k-256k</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Number of buffers used for reading a response from the proxied server</td>
+      <td className="w-fit whitespace-nowrap">proxy_buffers_number</td>
+      <td className="w-fit whitespace-nowrap">4</td>
+      <td className="w-fit whitespace-nowrap">1-16</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Size of buffers for reading a response from the proxied server</td>
+      <td className="w-fit whitespace-nowrap">proxy_buffers_size</td>
+      <td className="w-fit whitespace-nowrap">256k</td>
+      <td className="w-fit whitespace-nowrap">1k-1m</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Size of buffers that can be busy sending response to the client</td>
+      <td className="w-fit whitespace-nowrap">proxy_busy_buffers_size</td>
+      <td className="w-fit whitespace-nowrap">256k</td>
+      <td className="w-fit whitespace-nowrap">1k-1m</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip Recommendations
 - **Real-time APIs**: Set `proxy_buffering` to off for lower latency
 - **Large responses**: Increase `proxy_buffer_size` for handling larger API responses
 - **Multimedia streaming**: Increase `proxy_buffers_size` and `proxy_buffers_number` for larger content
 :::
+
 ### Performance Optimization
+
 Enable various performance enhancements:
-  
-      Setting
-      Default
-      Range
-      Parameter
-    
-      Use sendfile() for file transfers
-      on
-      on/off
-      sendfile
-    
-      Enable TCP_NOPUSH socket option
-      on
-      on/off
-      tcp_nopush
-    
-      Enable TCP_NODELAY socket option
-      on
-      on/off
-      tcp_nodelay
-    
-      Enable gzip compression
-      on
-      on/off
-      gzip
-    
-      Rate limit for response transmission (0 = no limit)
-      0
-      0-1000m
-      limit_rate
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Setting</th>
+      <th className="w-fit whitespace-nowrap">Default</th>
+      <th className="w-fit whitespace-nowrap">Range</th>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Use sendfile() for file transfers</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+      <td className="w-fit whitespace-nowrap">sendfile</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Enable TCP_NOPUSH socket option</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+      <td className="w-fit whitespace-nowrap">tcp_nopush</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Enable TCP_NODELAY socket option</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+      <td className="w-fit whitespace-nowrap">tcp_nodelay</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Enable gzip compression</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+      <td className="w-fit whitespace-nowrap">gzip</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Rate limit for response transmission (0 = no limit)</td>
+      <td className="w-fit whitespace-nowrap">0</td>
+      <td className="w-fit whitespace-nowrap">0-1000m</td>
+      <td className="w-fit whitespace-nowrap">limit_rate</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip Recommendations
 - **File serving**: Ensure `sendfile` and `tcp_nopush` are enabled for static content
 - **Real-time applications**: Verify `tcp_nodelay` is enabled
 - **Bandwidth control**: Use `limit_rate` for traffic shaping
 - **Multimedia streaming**: Enable `sendfile` and `tcp_nopush` for optimal streaming performance
 :::
+
 ### File Cache Settings
+
 Optimize file system operations:
-  
-      Setting
-      Default
-      Range
-      Parameter
-    
-      Cache open file descriptors
-      on
-      on/off
-      open_file_cache
-    
-      Maximum number of elements in file cache
-      200000
-      1000-1000000
-      open_file_cache_max
-    
-      Time after which unused cache elements are removed
-      20s
-      1s-300s
-      open_file_cache_inactive
-    
-      Time interval for checking cached elements validity
-      30s
-      1s-300s
-      open_file_cache_valid
-    
-      Minimum file uses to remain in cache
-      2
-      1-100
-      open_file_cache_min_uses
-    
-      Cache file lookup errors
-      on
-      on/off
-      open_file_cache_errors
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Setting</th>
+      <th className="w-fit whitespace-nowrap">Default</th>
+      <th className="w-fit whitespace-nowrap">Range</th>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Cache open file descriptors</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+      <td className="w-fit whitespace-nowrap">open_file_cache</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Maximum number of elements in file cache</td>
+      <td className="w-fit whitespace-nowrap">200000</td>
+      <td className="w-fit whitespace-nowrap">1000-1000000</td>
+      <td className="w-fit whitespace-nowrap">open_file_cache_max</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Time after which unused cache elements are removed</td>
+      <td className="w-fit whitespace-nowrap">20s</td>
+      <td className="w-fit whitespace-nowrap">1s-300s</td>
+      <td className="w-fit whitespace-nowrap">open_file_cache_inactive</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Time interval for checking cached elements validity</td>
+      <td className="w-fit whitespace-nowrap">30s</td>
+      <td className="w-fit whitespace-nowrap">1s-300s</td>
+      <td className="w-fit whitespace-nowrap">open_file_cache_valid</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Minimum file uses to remain in cache</td>
+      <td className="w-fit whitespace-nowrap">2</td>
+      <td className="w-fit whitespace-nowrap">1-100</td>
+      <td className="w-fit whitespace-nowrap">open_file_cache_min_uses</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Cache file lookup errors</td>
+      <td className="w-fit whitespace-nowrap">on</td>
+      <td className="w-fit whitespace-nowrap">on/off</td>
+      <td className="w-fit whitespace-nowrap">open_file_cache_errors</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip Recommendations
 - **Static file serving**: Increase cache size and adjust timeouts
 - **Development**: Reduce validation timeout for faster file updates
 - **High I/O applications**: Optimize based on file access patterns
 :::
+
 ### Security Settings
+
 Configure security-related options:
-  
-      Setting
-      Default
-      Parameter
-    
-      Emit nginx version in error messages and headers
-      off
-      server_tokens
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Setting</th>
+      <th className="w-fit whitespace-nowrap">Default</th>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Emit nginx version in error messages and headers</td>
+      <td className="w-fit whitespace-nowrap">off</td>
+      <td className="w-fit whitespace-nowrap">server_tokens</td>
+    </tr>
+  </tbody>
+</table>
+
 **Best Practice:** Keep `server_tokens` disabled to avoid revealing server information.
+
 ## Advanced Routing Features
+
 The L7 HTTP Balancer supports sophisticated routing beyond basic domain mapping.
+
 Access the advanced location configuration through your project's HTTP Balancer section → click the **gear/settings icon** next to any domain location to open the **Advanced Location Configuration** dialog.
+
 ### Redirect Configuration
+
 Redirect requests to different URLs with full control:
+
 **Configuration Options:**
 - **Redirect URL**: Destination for redirected requests
 - **Redirect Code**: HTTP status code for redirection (e.g., 301, 302, 307, 308)
 - **Preserve Path**: Keep original path in redirect URL
 - **Preserve Query**: Keep original query parameters in redirect URL
-  
+
 ### Access Policy Configuration
+
 Implement IP-based access control. If the request fails the check, a 403 Forbidden error is returned:
+
 **Policy Types:**
 - **Default Policy**: `allow` or `deny`
 - **CIDR Blocks**: List of IP addresses/ranges that will have the opposite policy than the default
+
 **Supported Formats:**
 - IPv4 address: `192.168.1.1`
 - IPv4 range: `192.168.1.0/24`
 - IPv6 address: `2001:db8::1`
 - IPv6 range: `2001:db8::/32`
-  
+
 ### Rate Limiting Configuration
+
 Protect against abuse and ensure fair resource usage. When the rate limit is exceeded, requests are delayed (burst). If they cannot be processed in time, a 503 Service Temporarily Unavailable error is returned:
+
 **Configuration Parameters:**
 - **Rate Limit Key**: `binary_remote_addr` (per IP) or `server_name` (per domain)
 - **Rate**: Requests per second to allow
 - **Burst**: Number of requests to queue when rate exceeded
 - **Zone Name**: Memory zone for storing rate limiting state
 - **Zone Size**: Memory allocated for rate limiting data (in MB)
-  
+
 ### Basic Authentication
+
 Add HTTP Basic Authentication to protected resources:
+
 **Configuration:**
 - **Realm**: Authentication realm name
 - **Users**: Username and password combinations
-  
+
 ### Custom Content Responses
+
 Return custom content for specific conditions:
+
 **Configuration:**
 - **HTTP Status Code**: Any valid status code (200, 404, 503, etc.)
 - **Content**: Response body content
 - **Content Type**: MIME type (default: text/plain)
-  
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
 
 # References > Networking > Public Access
 
+
 This guide provides detailed configuration instructions for making your Zerops services publicly accessible from the internet. For an overview of all access methods, see the [Access & Networking guide](/features/access).
+
 ## Public Access Methods
+
 Choose the access method that best fits your needs:
+
 - **[Zerops Subdomain Access](#zerops-subdomain-access)** - Quick setup with `.zerops.app` domains, ideal for development and testing
 - **[Custom Domain Access](#custom-domain-access)** - Production-ready access through your own domains with full SSL support
 - **[Direct Port Access](#direct-port-access)** - Direct port routing for non-HTTP protocols and specialized applications
+
 ## Zerops Subdomain Access
+
 Zerops subdomains provide quick public access through `.zerops.app` addresses, ideal for development and testing environments.
+
 ### Configuration
+
 1. Navigate to your service detail page in Zerops GUI
 2. Select **Subdomain & domain & IP access** from the left menu (for runtime services)
 3. Toggle the **Zerops subdomain access** switch
-  
+
 Once enabled, Zerops assigns a unique subdomain for your application. If you've defined multiple [internal ports](/zerops-yaml/specification#ports-) with HTTP support in your `zerops.yaml`, each port receives its own unique `.zerops.app` subdomain.
+
 ### Technical Implementation
+
 When using Zerops subdomains:
 - Access your application using the `https://` protocol (Zerops automatically manages SSL certificates)
 - Traffic flows through a central HTTP balancer that:
   - Terminates SSL connections
   - Forwards requests to your application via HTTP
   - Handles all security certificates
+
 ### Limitations
+
 :::warning Production Considerations
 - The central HTTPS balancer is shared across all Zerops projects, which creates a scalability bottleneck
 - Maximum upload size is limited to 50MB
 - Not recommended for production traffic due to scalability bottleneck
 - Better suited for development and testing environments
 :::
+
 ## Custom Domain Access
+
 Custom domain access provides production-ready public access through your own domain names, offering better performance and full control over domain settings.
-  
+
 ### IP Address Configuration
+
 Before setting up domain access, you need to configure public IP addresses. Zerops offers the following options:
+
 #### IPv4 Configuration
+
 **Dedicated IPv4 Address ($3/30 days)**
 - Dedicated to your project and shared across all project services
 - One IPv4 address per project limit
@@ -23090,6 +33082,7 @@ Before setting up domain access, you need to configure public IP addresses. Zero
 - Subscription automatically renews every 30 days *(cannot be purchased with promo credit)*
 - Fee is non-refundable but address can be reused in another project until subscription ends
 - **Recommended for production workloads**
+
 **Shared IPv4 Address (Free)**
 - Available at no cost
 - Shared across all Zerops users and their projects
@@ -23098,17 +33091,23 @@ Before setting up domain access, you need to configure public IP addresses. Zero
   - Restricted number of open connections
   - Shorter connection timeouts
 - **Not recommended for production use**
+
 #### IPv6 Configuration
+
 **IPv6 Address (Free)**
 - Dedicated to your project and shared across all project services
 - One IPv6 address per project limit
 - Automatically activated with first domain setup
 - Available for all projects at no additional cost
+
 :::tip Dual Stack Recommendation
 Since IPv6 support is not universal, using both IPv4 and IPv6 is recommended for maximum accessibility.
 :::
+
 ### HTTP Routing Setup
+
 To configure domain access:
+
 1. Go to your service detail page in Zerops GUI and select **Subdomain & domain & IP access** (or access from project's **Project & Services Access Overview** section → **HTTP Balancer (L7) Configuration & Public Access Through Domains**)
    - For advanced L7 balancer settings (connection handling, buffers, performance optimization), click **Advanced balancer configuration**
 2. Click **Setup first domain access**
@@ -23120,46 +33119,64 @@ To configure domain access:
    - **Source:** The public path (the part of URL after your domain)
    - **Destination:** Choose which application and internal port receives the traffic
    - Add multiple routing configurations as needed
+
 :::tip Alternative Access
 Domain configuration can also be accessed from individual service pages under **Subdomain & domain & IP access**.
 :::
+
 All settings can be modified later as your needs change.
+
+[Video: /vids/routes.webm](/vids/routes.webm)
+
 ### DNS Configuration
+
 After setting up domain access in Zerops, configure your DNS records with your domain registrar:
+
 :::tip DNS Configuration Guides
 - **Cloudflare users:** Follow the [Cloudflare DNS Configuration Guide](/references/networking/cloudflare) for step-by-step Cloudflare-specific instructions
 - **Other providers:** Use the [DNS and Proxy Configuration Guide](/references/networking/dns) for universal DNS setup instructions
 :::
+
 ### HTTPS & SSL Configuration
+
 When using Let's Encrypt certificates (recommended):
+
 **Certificate Management:**
 - Zerops handles all certificate installation and renewal automatically
 - Certificates are provided free of charge
 - No manual certificate management required
+
 **Traffic Flow:**
 1. Traffic arrives at your public IPv4/IPv6 addresses
 2. Requests route through your project's dedicated HTTPS balancer
 3. SSL termination occurs at the balancer level
 4. Internal traffic uses HTTP protocol for optimal performance
+
 **Balancer Architecture:**
 - Deployed in two containers for high availability
 - Scales vertically based on traffic demands
 - Cannot be directly modified by users
 - Included free of charge with custom domain setup
+
 **Load Balancing:**
 - **Round-robin load balancing** across multiple service instances
 - **Health checks** to route traffic only to healthy instances
 - **Connection pooling** for improved performance
+
 **Performance Considerations:**
 - Use dedicated IPv4 addresses instead of shared ones for high-traffic applications
 - Consider the [L7 Balancer advanced configuration options](/references/networking/l7-balancer-config) for production optimization
+
 ## Direct Port Access
+
 Direct port access enables public access to specific ports on your services, supporting any protocol and specialized use cases beyond HTTP.
+
 :::important Service Compatibility
 Currently, direct public port access is only available for runtime services and PostgreSQL databases.
 :::
-  
+
 ### Port Configuration
+
 1. Navigate to your service detail page in Zerops GUI:
    - For runtime services: Select **Subdomain & domain & IP access**
    - For PostgreSQL services: Select **Direct access through IP address**
@@ -23171,11 +33188,15 @@ Currently, direct public port access is only available for runtime services and
    - Each public port can be mapped to any internal service port
    - Multiple public ports can point to the same internal port if needed
    - Port configurations can be set independently for IPv4 and IPv6
+
 :::tip Service-Level Access
 For runtime services, you can also access port configuration from the service detail page under **Subdomain & domain & IP access**.
 :::
+
 ### Firewall Configuration
+
 Secure your public ports with optional firewall rules:
+
 1. **Enable firewall** for specific ports
 2. **Choose policy type:**
    - **Blacklist:** Block specific IPs/ranges (allow all others)
@@ -23183,166 +33204,237 @@ Secure your public ports with optional firewall rules:
 3. **Configure IP rules:**
    - **Single IP format:** Affects only the specific IP address
    - **IP range format:** Affects all IPs in the specified CIDR range
- 
+
 For information about Zerops' platform-wide firewall and port restrictions, see the [Firewall Reference Guide](/references/networking/firewall).
+
 ### Protocol Support
+
 Direct port access supports:
 - **TCP protocols:** HTTP, HTTPS, database connections, custom TCP services
 - **UDP protocols:** DNS, gaming protocols, custom UDP services
 - **Any port-based protocol** your application requires
+
 ## Next Steps
+
 - **DNS Configuration:** [DNS and Proxy Configuration Guide](/references/networking/dns) or [Cloudflare Guide](/references/networking/cloudflare)
 - **Advanced Routing:** [L7 Balancer Configuration & Advanced Routing Guide](/references/networking/l7-balancer-config)
 - **Wildcard Domains:** [Wildcard Domain Configuration](/references/networking/dns#wildcard-domain-configuration)
 - **Internal Access:** [Internal Access Configuration Guide](/references/networking/internal-access)
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
 
 # References > Networking > Ssh
 
+
 :::important
 SSH access is available only for runtime services and web servers.
+
 Database services, message brokers, and object storage are **not accessible** via SSH.
 :::
+
 :::warning Non-Persistent Changes
 SSH connections should not be used for making persistent changes to your service:
+
 - In [HA mode](/features/scaling#horizontal-scaling-runtime-services-linux-containers-and-docker), changes via SSH affect only the current container
 - Container replacements or scaling events will deploy the original application version
 - For persistent changes across all containers, use:
   - [`run.prepareCommands`](/zerops-yaml/specification#preparecommands--1)
   - [`run.initCommands`](/zerops-yaml/specification#initcommands-)
 :::
+
 ## Connection Methods
+
 You can connect to your services using two methods:
+
 ### Web Terminal (Always Available)
 For quick debugging and inspection, use the **Remote Web Terminal** available in each service's detail page. This browser-based terminal:
 - **Always accessible** regardless of [SSH isolation](#ssh-access-control) settings
 - Requires no VPN setup
 - Provides instant access to your containers
 - Perfect for quick debugging sessions and emergency access
+
 ### SSH via VPN (Full Access)
 For full SSH capabilities and persistent connections, connect through the [Zerops VPN](/references/networking/vpn).
+
 ## Setting Up SSH Access
+
 ### 1. Configure VPN Connection (For SSH Access)
+
 The [Zerops CLI (zCLI)](/references/cli) comes bundled with the [Zerops VPN](/references/networking/vpn) client. To connect to your [Zerops project](/features/infrastructure#projects):
+
 1. [Install and configure zCLI](/references/cli)
 2. [Initialize the Zerops VPN connection](/references/networking/vpn#start-vpn)
+
 ### 2. Establish SSH Connection via VPN
+
 Once your VPN session is active, you can connect to any [service](/features/infrastructure#services) using its hostname via SSH:
+
 ```sh
-ssh 
+ssh <service hostname>
 ```
+
 Example:
 ```sh
 ssh app
 ```
+
 When connecting for the first time, you may receive this security prompt:
+
 ```sh title="bash"
 The authenticity of host 'app (x.x.x.x)' can't be established.
 RSA key fingerprint is SHA256:5wdgRcp/...
 This key is not known by any other names
 Are you sure you want to continue connecting (yes/no/[fingerprint])?
 ```
+
 Type `yes` to trust the host and prevent future prompts.
+
 #### Connecting to Specific Containers
+
 To access a specific container instead of the service as a whole, use the container's hostname:
+
 ```sh
-ssh 
+ssh <container hostname>
 ```
+
 Example:
 ```sh
 ssh node-id-1.runtime.app.zerops
 ```
+
 :::note
 When using [HA mode](/features/scaling#horizontal-scaling-runtime-services-linux-containers-and-docker), connecting to the service hostname will route you to a random container within that service.
 :::
+
 #### Container Naming Conventions
+
 Each container in your project has a unique hostname following these patterns:
-- Format 1: `node-id-.runtime.app.zerops`
-- Format 2: `node.runtime.app.zerops`
+
+- Format 1: `node-id-<number>.runtime.app.zerops`
+- Format 2: `node<number>.runtime.app.zerops`
+
 When your application [scales horizontally](/features/scaling#horizontal-scaling-runtime-services-linux-containers-and-docker):
 - New containers receive incremental hostnames
 - Decommissioned container hostnames are not recycled
 - You might see non-sequential container numbers (e.g., `node-id-5` and `node-id-12`)
 - Container hostnames may change as your service scales
+
 :::warning
 Never connect to containers using their local IP addresses, as these addresses are dynamic and may change.
 :::
+
 ## SSH Access Control
+
 Zerops provides fine-grained control over SSH access through SSH Isolation. It is configured with the `sshIsolation` project variable. This security feature determines who can connect to your services via SSH, controlling both VPN connections and service-to-service SSH access.
+
 ### Default Behavior
+
 By default, `sshIsolation` is set to `vpn`, which means:
+
 - ✅ VPN users can SSH to any service
 - ✅ **Web Terminal is always accessible** (unaffected by isolation settings)
 - ❌ Services cannot SSH to each other
+
 *This configuration maintains maximum security for production environments.*
+
 ### Configuring SSH Isolation
+
 SSH isolation can be configured at two levels:
+
 #### Project-Level Configuration
+
 Set the `sshIsolation` project variable through:
 - **GUI**: Navigate to **Project Environment Variables**
 - **Import**: Add to your `import.yaml`:
+
 ```yaml title="import.yaml"
 project:
   sshIsolation: "vpn project"
 ```
+
 #### Service-Level Override
+
 Individual services can override the project setting:
+
 ```yaml title="import.yaml"
 services:
   - hostname: api
     sshIsolation: "vpn service@admin"
 ```
+
 :::note
 In import YAML, `sshIsolation` can be also defined in `envVariables`/`envSecrets`.  (If both are present, the nested version takes precedence).
 :::
+
 ### Isolation Modes
+
 #### Rule Types
+
 **Allow Rules**: Grant SSH access
 - `vpn` *(default)* - VPN SSH connections
 - `project` - Any service in the project
 - `service` - Containers within the same service
 - `service@name` - Specific service named "name"
+
 **Block Rules**: Deny SSH access (use `-` prefix)
 - `-vpn` - Block VPN SSH connections
 - `-project` - Block all services
 - `-service` - Block all services
 - `-service@name` - Block specific service named "name"
+
 :::info
 **Web Terminal access is never blocked** by these rules and remains available as an emergency access method.
 :::
+
 ### Combining Rules
+
 You can combine multiple rules using spaces. The system evaluates rules by checking the most specific matches first.
+
 #### Rule Evaluation Order
+
 The system checks SSH connection rules in this priority:
 1. **Specific service rules**: `service@name` or `-service@name`
 2. **General service rules**: `service` or `-service`
 3. **Project rules**: `project` or `-project`
 4. **VPN rules**: `vpn` or `-vpn`
+
 :::note Important
 - Block rules (`-`) always take priority over allow rules when both apply to the same source
 - **Web Terminal access bypasses all these rules** and is always available
 :::
+
 When a service tries to connect, the system:
+
 1. **Identifies the connecting source** (VPN user, Web Terminal, or specific service name)
 2. **Checks for specific rules** first (like `service@admin` or `-service@api`)
 3. **Falls back to general rules** (like `project` or `-service`)
 4. **Allows or blocks** based on the first matching rule
+
 #### Rule Evaluation Examples
+
+#### Simple Rule
+
 **Rule**: `project -service@untrusted`
+
 1. When **Web Terminal** is used:
 - Always allowed → **ALLOWED**
 2. When **`untrusted` service** connects:
 - Matches `-service@untrusted` rule → **BLOCKED**
 3. When **any other service** connects:
 - Matches `project` rule → **ALLOWED**
+
 **Effective behavior**:
 - ✅ All services can SSH to each other
 - ✅ Web Terminal always accessible
 - ❌ Except the `untrusted` service cannot SSH anywhere
 - ❌ No VPN SSH access (no `vpn` rule present)
+
+#### Complex Rule
+
 **Rule**: `vpn project -service service@admin`
+
 1. When **VPN user** connects via SSH:
   - Matches `vpn` rule → **ALLOWED**
 2. When **Web Terminal** is used:
@@ -23352,15 +33444,19 @@ When a service tries to connect, the system:
 4. When **any other service** (like `api`) connects:
 - Matches `-service` rule → **BLOCKED**
 - Never reaches the `project` rule
+
 **Effective behavior**:
 - ✅ VPN SSH connections can access all services
 - ✅ Web Terminal always accessible
 - ✅ Only the `admin` service can SSH to other services
 - ❌ All other services are blocked from SSH connections
+
 :::note
 The `project` rule remains in the configuration but becomes unreachable for most services because they get blocked by `-service` first.
 :::
+
 #### Common Combinations
+
 **Development Setup** *(ideal for microservices debugging)*:
 ```yaml
 sshIsolation: "vpn project"
@@ -23368,6 +33464,7 @@ sshIsolation: "vpn project"
 - ✅ VPN SSH connections can access all services
 - ✅ Services can SSH to each other
 - ✅ Web Terminal always accessible
+
 **Gateway Pattern**:
 ```yaml
 sshIsolation: "vpn service@gateway"
@@ -23376,6 +33473,7 @@ sshIsolation: "vpn service@gateway"
 - ✅ Only the `gateway` service can SSH to other services
 - ✅ Web Terminal always accessible
 - ❌ Other services cannot SSH anywhere
+
 **Selective Exclusion**:
 ```yaml
 sshIsolation: "project -service@untrusted"
@@ -23384,17 +33482,23 @@ sshIsolation: "project -service@untrusted"
 - ✅ Web Terminal always accessible
 - ❌ The `untrusted` service cannot SSH anywhere
 - ❌ No VPN SSH access (not included in rules)
+
 ### Security Considerations
+
 :::warning
 Be careful with block rules - they can prevent expected SSH access even when allow rules are present.
+
 **Example**: `project -service` would block all services from SSH, making the `project` rule ineffective for service-to-service connections.
 :::
+
 **Safety Mechanism**: Web Terminal access is never blocked by SSH isolation rules, ensuring you always have a way to access your containers for debugging or emergency fixes.
+
 **Common Gotchas**:
 - `service -service@api` blocks the `api` service from SSH but allows others within their own service
 - `project -service` allows VPN SSH access but blocks all service-to-service SSH
 - `-vpn -project -service` blocks all SSH connections but Web Terminal remains accessible
 - Missing `vpn` in rules blocks VPN SSH access but Web Terminal still works
+
 ### Best Practices
 - Start with `vpn` for production environments
 - Use `vpn project` for development and debugging
@@ -23402,324 +33506,460 @@ Be careful with block rules - they can prevent expected SSH access even when all
 - Be explicit about what you want to allow rather than relying on complex combinations
 - Remember that Web Terminal provides emergency access when SSH rules are too restrictive
 - Document your isolation strategy for team members
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
 
 # References > Networking > Vpn
 
+
 At Zerops, security is our core priority. We ensure everything stays within a private network with zero exposure to the internet.
 Unlike typical consumer VPNs that focus on changing your public IP address, our WireGuard VPN implementation is specifically designed to give you secure access to your project's services.
+
 ## Prerequisites
+
 Before getting started, ensure you have:
+
 - [WireGuard](https://www.wireguard.com/install) installed on your system
 - [zCLI](/references/cli) (serves as the WireGuard client)
 - A Zerops project with at least one service
+
 ## Usage
+
 You can interact with services within your project and even establish SSH connection to your services after connecting to project through VPN.
+
 ### Start VPN
+
 Connects to the Zerops VPN.
+
 ```bash
 zcli vpn up [project-id] [flags]
 ```
+
 **Flags:**
 - `--auto-disconnect` - Automatically disconnect from VPN if already connected
 - `--help` - Display help for the vpn up command
 - `--mtu int` - Set custom MTU value for Wireguard interface (default: 1420)
 - `-P, --project-id string` - Required when you have access to multiple projects
+
 To connect to a specific project without using the interactive mode, use the project ID from your Zerops dashboard:
+
 ```bash
 zcli vpn up Evs8Je4NTvKeIkUqoUXp2w
 ```
+
 :::info
 First-time `zcli vpn up` usage requires installing the Zerops VPN daemon.
 Confirm with `y` when prompted (administrator privileges may be required).
 :::
+
 Upon connection, you'll have secure access to your project's private network with the following characteristics:
+
 - All services are accessible via their hostnames
 - Only one project connection is possible at a time (new connections automatically close existing ones)
 - The VPN daemon maintains connection stability with automatic reconnection
 - Environment variables are not available through VPN connections
+
 ### Stop VPN
+
 Disconnects from the Zerops VPN.
+
 ```bash
 zcli vpn down [flags]
 ```
+
 **Flags:**
 - `--help` - Display help for the vpn down command
+
 ## Troubleshooting
+
 #### 1. Interface Already Exists
 **Problem**: When running `zcli vpn up`, you get an error like:
 ```
 ERR /opt/homebrew/bin/wg-quick up /opt/homebrew/etc/wireguard/zerops.conf: [+] Interface for zerops is utun6 wg-quick: 'zerops' already exists as 'utun6'
 ```
+
 **Solution**: Reset the VPN connection by running:
 ```bash
 zcli vpn down
 zcli vpn up
 ```
+
 #### 2. Hostname Resolution
 **Problem**: Even with VPN successfully connected, hostname resolution fails with errors like:
 ```
 could not translate host name "hostname" to address: nodename nor servname provided, or not known
 ```
+
 * The issue is known to happen rarely on Windows
+
 **Solution**: Append `.zerops` to the hostname, even when VPN shows as connected:
 ```bash
 # Instead of
 psql -h [hostname] -U [user]
+
 # Use
 psql -h [hostname].zerops -U [user]
 ```
+
 :::tip Windows OS tip
 In the Advanced TCP/IP Settings dialog, navigate to the DNS tab and confirm that "zerops" appears in the "Append these DNS suffixes (in order)" list. If missing, add it using the Add button.
 :::
+
 #### 3. WSL2 VPN Connection
 **Problem**: VPN not running in WSL2
+
 **Solution**: This might occur because `systemd` is not running in WSL2 by default. To fix:
 1. Run `sudo -e /etc/wsl.conf`
 2. Add `system=true` to `[boot]` section
 3. Comment out the first line `LABEL=cloudimg-rootfs / ext4 defaults 0 1`
 4. In `cmd.exe/PowerShell` run `wsl --shutdown` to restart WSL2
+
 #### 4. VPN Connection Conflicts
 **Problem**: When another VPN connection is active concurrently with Zerops VPN, users may experience degraded network performance or connection timeouts due to packet fragmentation issues.
+
 **Solution**: Run the VPN with a reduced MTU (Maximum Transmission Unit) size:
 ```bash
 zcli vpn up --mtu 1350
 ```
+
 This resolves packet size conflicts that can occur when multiple VPN connections are active simultaneously.
+
 #### 5. wg-quick Issues on Ubuntu 25.*
 **Problem**: VPN fails to start due to wg-quick errors on Ubuntu 25.* systems.
+
 **Solution**: Install and configure AppArmor utilities:
 ```bash
 sudo apt install apparmor-utils
 sudo aa-complain wg-quick
 ```
+
 ## Enhanced Security with WireGuard
+
 Zerops uses **WireGuard** to create secure VPN tunnel connections to your project's private network. This provides enhanced security compared to traditional **SSH** connections.
+
 WireGuard eliminates the need for **passwords** or **IP address management** that SSH typically requires. As a free, lightweight, **open-source** communication protocol, WireGuard employs advanced **cryptography** to establish secure connections.
+
 The system creates encrypted tunnels using **UDP** for traffic transmission and relies on **public/private key pairs** for user authorization.
+
 Each Zerops project runs a **WireGuard server**, while the **zCLI** (Zerops Command Line Interface) functions as a **WireGuard client**. This architecture enables authorized users to securely interact with their Zerops projects through the command line interface.
 
 ----------------------------------------
 
 # References > Smtp
 
+
 Simple Mail Transfer Protocol (SMTP) is the internet standard for email transmission. It operates as a set of rules that govern how email messages are formatted, encrypted, and relayed between servers.
+
 ## SMTP in Zerops
+
 Zerops implements a security-first approach to email sending operations, allowing only port 587 for SMTP communication. This decision aligns with modern security practices and helps maintain the platform's integrity.
+
 ### Port Configuration
-  
-      Port
-      Status
-      Description
-    
-      587
-      ✅&nbsp;Allowed
-      Modern SMTP submission with STARTTLS
-    
-      25
-      ❌&nbsp;Blocked
-      Traditional SMTP (security risk)
-    
-      465
-      ❌&nbsp;Blocked
-      Legacy SMTPS (deprecated)
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Port</th>
+      <th className="w-fit">Status</th>
+      <th className="w-full">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">587</td>
+      <td className="w-fit">✅&nbsp;Allowed</td>
+      <td className="w-full">Modern SMTP submission with STARTTLS</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">25</td>
+      <td className="w-fit">❌&nbsp;Blocked</td>
+      <td className="w-full">Traditional SMTP (security risk)</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">465</td>
+      <td className="w-fit">❌&nbsp;Blocked</td>
+      <td className="w-full">Legacy SMTPS (deprecated)</td>
+    </tr>
+  </tbody>
+</table>
+
 ### Why Port 587
+
 Port 587 is the modern standard for sending emails through SMTP, designed specifically for authenticated client submissions. This port enforces several security measures:
+
 - Mandatory TLS encryption for data protection
 - Required authentication for all clients
 - Secure transmission through verified providers
+
 #### How It Works
+
 Port 587 implements STARTTLS to establish secure connections. The process follows these steps:
+
 1. Client connects to the SMTP server
 2. Server responds with available capabilities
 3. Client requests STARTTLS upgrade
 4. Connection switches to encrypted TLS
 5. Client provides authentication credentials
 6. Email transmission begins over secure channel
+
 This implementation balances modern security requirements with broad compatibility, making it the recommended choice for email transmission.
+
 ### Port Restrictions and Platform Security
+
 Zerops enforces a strict policy of **blocking ports 25 and 465** for email operations.
+
 :::caution
 This is a permanent security measure with no exceptions, designed to protect both the platform and its users.
 :::
+
 Port 25, in particular, is frequently exploited for spam distribution across cloud platforms. Instead of providing basic SMTP functionality, we encourage the use of specialized email services that offer:
+
 - Advanced deliverability management
 - Comprehensive monitoring and analytics
 - Built-in spam protection
 - Professional IP reputation management
 - Automated bounce handling
+
 This strict policy protects platform integrity. Poor IP reputation from email abuse can cascade across an entire infrastructure. The impact extends beyond email services to affect:
+
 - Legitimate web applications
 - Platform response times
 - Overall service reliability
 - Other customers' applications
+
 This is why Zerops maintains this strict policy - to ensure consistent, reliable service for all platform users.
+
 ## Sending Emails from Zerops
+
 ### Recommended Approaches
+
 You have two main options for sending emails from your Zerops applications:
+
 1. **Email Provider SMTP Client**
    - You act as a client using their SMTP servers
    - Subject to provider's sending limits and policies
+
 2. **Specialized Email Services**
    - Purpose-built for application email delivery
    - Your own dedicated sending infrastructure
    - Higher limits with scalable pricing
    - Advanced delivery monitoring and analytics
+
 ### Configuration Examples
+
 These examples serve as a starting point. Check your email provider's official documentation for current configuration requirements.
+
 :::note
 Port 587 is mandatory for all SMTP configurations in Zerops. Other ports (25, 465) are blocked for security reasons.
 :::
+
 #### Enterprise Email Providers
-  
-      Service
-      Host
-      Port
-      Secure
-      Username
-      Password
-    
-      Gmail
-      smtp.gmail.com
-      587
-      false
-      your.name@gmail.com
-      App Password required
-    
-      Google Workspace
-      smtp-relay.gmail.com
-      587
-      false
-      your.name@your-domain.com
-      Regular password (App Password if using 2FA)
-    
-      Office 365
-      smtp.office365.com
-      587
-      false
-      your.name@your-domain.com
-      Account password
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Service</th>
+      <th className="w-fit">Host</th>
+      <th className="w-fit">Port</th>
+      <th className="w-fit">Secure</th>
+      <th className="w-fit">Username</th>
+      <th className="w-full">Password</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">[Gmail](https://support.google.com/a/answer/176600?hl=en)</td>
+      <td className="w-fit">smtp.gmail.com</td>
+      <td className="w-fit">587</td>
+      <td className="w-fit">false</td>
+      <td className="w-fit">your.name<span>@</span>gmail.com</td>
+      <td className="w-full">App Password required</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">[Google Workspace](https://support.google.com/a/answer/176600?hl=en)</td>
+      <td className="w-fit">smtp-relay.gmail.com</td>
+      <td className="w-fit">587</td>
+      <td className="w-fit">false</td>
+      <td className="w-fit">your.name<span>@</span>your-domain.com</td>
+      <td className="w-full">Regular password (App Password if using 2FA)</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">[Office 365](https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/how-to-set-up-a-multifunction-device-or-application-to-send-email-using-microsoft-365-or-office-365)</td>
+      <td className="w-fit">smtp.office365.com</td>
+      <td className="w-fit">587</td>
+      <td className="w-fit">false</td>
+      <td className="w-fit">your.name<span>@</span>your-domain.com</td>
+      <td className="w-full">Account password</td>
+    </tr>
+  </tbody>
+</table>
+
 :::note Google
 - Gmail/Office 365: Better for testing or low-volume sending
 - Google Workspace: Suitable for business needs with higher limits
 :::
+
 #### Email Service Providers
-  
-      Provider
-      Host
-      Port
-      Username
-      Password
-      Features
-    
-      SendGrid
-      smtp.sendgrid.net
-      587
-      apikey
-      SendGrid API key
-      • Free tier available
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Provider</th>
+      <th className="w-fit">Host</th>
+      <th className="w-fit">Port</th>
+      <th className="w-fit">Username</th>
+      <th className="w-fit">Password</th>
+      <th className="w-full">Features</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">[SendGrid](https://www.twilio.com/docs/sendgrid/for-developers/sending-email/getting-started-smtp)</td>
+      <td className="w-fit">smtp.sendgrid.net</td>
+      <td className="w-fit">587</td>
+      <td className="w-fit">apikey</td>
+      <td className="w-fit">SendGrid API key</td>
+      <td className="w-full">• Free tier available
 • Real-time analytics
 • Webhooks
-• Spam detection
-    
-      Mailgun
-      smtp.mailgun.org
-      587
-      postmaster@your-domain.com
-      Mailgun password
-      • Free tier available
+• Spam detection</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">[Mailgun](https://documentation.mailgun.com/docs/mailgun/user-manual/sending-messages/#send-via-smtp)</td>
+      <td className="w-fit">smtp.mailgun.org</td>
+      <td className="w-fit">587</td>
+      <td className="w-fit">postmaster<span>@</span>your-domain.com</td>
+      <td className="w-fit">Mailgun password</td>
+      <td className="w-full">• Free tier available
 • Email validation
 • Routing rules
-• Delivery analytics
-    
-      Amazon SES
-      email-smtp.us-east-1.amazonaws.com
-      587
-      SES access key ID
-      SES secret access key
-      • Pay as you go pricing
+• Delivery analytics</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">[Amazon SES](https://docs.aws.amazon.com/ses/latest/dg/send-email-smtp.html)</td>
+      <td className="w-fit">email-smtp.us-east-1.amazonaws.com</td>
+      <td className="w-fit">587</td>
+      <td className="w-fit">SES access key ID</td>
+      <td className="w-fit">SES secret access key</td>
+      <td className="w-full">• Pay as you go pricing
 • AWS integration
 • High deliverability
-• Auto-scaling
-    
+• Auto-scaling</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Best Practices
+
 When implementing email functionality in your applications:
+
 - Store SMTP credentials in environment variables
 - Implement proper error handling and retry logic
 - Use queue systems for bulk sending to prevent rate limits
 - Monitor delivery status and bounce rates
 - Keep SMTP libraries and configurations up to date
 
+
 ----------------------------------------
 
 # References > Zcli > Commands
 
+
 ## Basic Usage
+
 ```sh
-zcli  [flags]
+zcli <command> [flags]
 ```
+
 :::note Tip
 All commands support the `-h, --help` flag which displays help information about the command.
 :::
+
 :::tip Configuration
 For detailed information about configuration options, environment variables, and logging, see the [Zerops CLI Configuration](/references/zcli/configuration) page.
 :::
+
 ## Command Groups
 - [Account & VPN](#account--vpn)
 - [Project Management](#project-management)
 - [Service Operations](#service-operations)
 - [Utility Commands](#utility-commands)
+
 ## Account & VPN
+
 ### login
+
 Logs you into Zerops using a generated token or your login credentials.
+
 ```sh
-zcli login 
+zcli login <token>
 ```
+
 ### logout
+
 Disconnects from VPN and logs out from your Zerops account.
+
 ```sh
 zcli logout
 ```
+
 ### vpn up
+
 Connects to the Zerops VPN.
+
 ```sh
 zcli vpn up [project-id] [flags]
 ```
+
 **Flags:**
 - `--auto-disconnect` - Automatically disconnect from VPN if already connected
 - `--mtu int` - Set custom MTU value for Wireguard interface (default: 1420)
 - `-P, --project-id string` - Required when you have access to multiple projects
+
 :::note
 You can set a default project ID for VPN connections in a `.zcli.yml` file or via the `ZEROPS_PROJECTID` environment variable. See the [Configuration](/references/zcli/configuration) page for details.
 :::
+
 ### vpn down
+
 Disconnects from the Zerops VPN.
+
 ```sh
 zcli vpn down
 ```
+
 :::note
 For more detailed information about Zerops VPN configuration and troubleshooting, visit the [VPN Documentation](/references/networking/vpn).
 :::
+
 ## Project Management
+
 ### scope project
+
 Sets the scope for a project. All commands that require project ID will use the selected one.
+
 ```sh
 zcli scope project [project-id]
 ```
+
 ### scope reset
+
 Resets the scope for a project.
+
 ```sh
 zcli scope reset
 ```
+
 ### project create
+
 Creates a new project for a specified organization.
+
 ```sh
 zcli project create [flags]
 ```
+
 **Flags:**
 - `--env-isolation string` - Environment isolation rule [service, none] (default: "service")
 - `--mode string` - Project mode [light, serious] (default: "light")
@@ -23728,58 +33968,86 @@ zcli project create [flags]
 - `--out string` - Output format using Go template syntax
 - `--ssh-isolation string` - SSH isolation rules (default: "vpn")
 - `--tags strings` - Project tags (comma-separated list or repeated flag)
+
 ### project delete
+
 Deletes a project and all its services.
+
 ```sh
 zcli project delete [project-id] [flags]
 ```
+
 **Flags:**
 - `--confirm` - Skip confirmation prompts for destructive operations
 - `-P, --project-id string` - Required when you have access to multiple projects
+
 ### project env
+
 Displays environment variables for the current project scope.
+
 ```sh
 zcli project env [flags]
 ```
+
 **Flags:**
 - `--export` - Prepends export keyword to each env in output: `export {{.Key}}={{.Value}}`
 - `-P, --project-id string` - Required when you have access to multiple projects
 - `--service string` - Service name, in which context the environment variables are output
 - `--template string` - Output template (default: "`{{.Key}}={{.Value}}`")
 - `--user-only` - Exclude all non user env variables
+
 ### project list
+
 Lists all projects you have access to.
+
 ```sh
 zcli project list
 ```
+
 ### project project-import
+
 Creates a new project with one or more services from a YAML definition.
+
 ```sh
-zcli project project-import  [flags]
+zcli project project-import <importYamlPath> [flags]
 ```
+
 **Flags:**
 - `--org-id string` - Organization ID where the project should be created (required for multiple organizations)
 - `--working-dir string` - Sets a custom working directory (default: "./")
+
 ### project service-import
+
 Creates one or more services in an existing project from a YAML definition.
+
 ```sh
-zcli project service-import  [flags]
+zcli project service-import <importYamlPath> [flags]
 ```
+
 **Flags:**
 - `-P, --project-id string` - Required when you have access to multiple projects
+
 ## Service Operations
+
 ### service list
+
 Lists all services in a project.
+
 ```sh
 zcli service list [flags]
 ```
+
 **Flags:**
 - `-P, --project-id string` - Required when you have access to multiple projects
+
 ### service create
+
 Creates a new service for a specified project.
+
 ```sh
 zcli service create [flags]
 ```
+
 **Flags:**
 - `--env strings` - Environment variables to be set as secrets (comma-separated or repeated flag)
 - `--env-file string` - File with environment variables (max 1.0 MiB)
@@ -23793,11 +34061,15 @@ zcli service create [flags]
 - `--start-without-code` - Start service immediately without deployment
 - `--working-dir string` - Sets custom working directory (default: "./")
 - `--zerops-yaml-path string` - Sets custom path to zerops.yml file
+
 ### service push
+
 Builds your application in Zerops and deploys it. This is the recommended way to deploy your code.
+
 ```sh
 zcli service push [service-id-or-name] [flags]
 ```
+
 **Flags:**
 - `--archive-file-path string` - Creates a tar.gz archive with application code
 - `-g, --deploy-git-folder` - Include the .git folder in the upload
@@ -23814,48 +34086,70 @@ zcli service push [service-id-or-name] [flags]
 - `staged` - pushes only staged files
 - `all` - pushes all staged and unstaged files (default)
 - `--zerops-yaml-path string` - Sets a custom path to the zerops.yml file
+
 :::tip
 You can also use `zcli push` as shorthand for `zcli service push`.
+
 To avoid specifying `--project-id` and `--service-id` flags repeatedly, you can set default values in a `.zcli.yml` file or via environment variables. See the [Configuration](/references/zcli/configuration) page for details.
 :::
+
 ### service deploy
+
 Deploys your application to Zerops. Similar to `push` but focuses on deployment only.
+
 ```sh
 zcli service deploy [service-id-or-name]
 ```
+
 **Flags:**
-Same as service push command.
+Same as [`service push`](#service-push) command.
+
 ### service start/stop
+
 Commands to start or stop a Zerops service.
+
 ```sh
 zcli service start [service-id-or-name] [flags]
 zcli service stop [service-id-or-name] [flags]
 ```
+
 **Flags for both commands:**
 - `-P, --project-id string` - Required when you have access to multiple projects
 - `-S, --service-id string` - Required when you have access to multiple services
+
 ### service delete
+
 Deletes a Zerops service.
+
 ```sh
 zcli service delete [service-id-or-name] [flags]
 ```
+
 **Flags:**
 - `--confirm` - Skip confirmation prompts for destructive operations
 - `-P, --project-id string` - Required when you have access to multiple projects
 - `-S, --service-id string` - Required when you have access to multiple services
+
 ### service enable-subdomain
+
 Enables access to your service through a Zerops subdomain.
+
 ```sh
 zcli service enable-subdomain [service-id-or-name] [flags]
 ```
+
 **Flags:**
 - `-P, --project-id string` - Required when you have access to multiple projects
 - `-S, --service-id string` - Required when you have access to multiple services
+
 ### service log
+
 Gets service runtime or build logs to stdout.
+
 ```sh
 zcli service log [flags]
 ```
+
 **Flags:**
 - `--follow` - Continuously poll for new log messages
 - `--format string` - Log output format (FULL, SHORT, JSON, JSONSTREAM) (default: "FULL")
@@ -23866,37 +34160,55 @@ zcli service log [flags]
 - `-P, --project-id string` - Required when you have access to multiple projects
 - `-S, --service-id string` - Required when you have access to multiple services
 - `--show-build-logs` - Show build logs instead of runtime logs
+
 ## Utility Commands
+
 ### env
+
 Displays global environment variables and their paths.
+
 ```sh
 zcli env
 ```
+
 ### version
+
 Shows the current zCLI version.
+
 ```sh
 zcli version
 ```
+
 ### show-debug-logs
+
 Displays debug logs for troubleshooting.
+
 ```sh
 zcli show-debug-logs
 ```
+
 ### support
+
 Displays information about how to contact Zerops support.
+
 ```sh
 zcli support
 ```
+
 ### completion
+
 Generates shell autocompletion scripts.
+
 ```sh
 zcli completion {bash|fish|powershell|zsh}
 ```
+
 **Available Shells:**
 - `bash` - Generate an autocompletion script for Bash
 - `fish` - Generate an autocompletion script for Fish
 - `powershell` - Generate autocompletion script for PowerShell
 - `zsh` - Generate an autocompletion script for Zsh
+
 **Example:**
 ```sh
 zcli completion bash > ~/.zerops-completion.bash
@@ -23907,80 +34219,112 @@ echo 'source ~/.zerops-completion.bash' >> ~/.bashrc
 
 # References > Zcli > Configuration
 
+
 :::tip Commands Reference
 For a comprehensive reference of all available commands, see the [Commands Reference](/references/zcli/commands) page.
 :::
+
 ## Configuration Overview
+
 You can configure default values for zCLI commands using the following methods (in order of increasing precedence):
+
 1. [Configuration files](#configuration-files)
 2. [Environment variables](#environment-variables)
 3. [Command-line flags](/references/zcli/commands)
+
 :::note Precedence
 This precedence order means that command-line flags will override environment variables, which will override settings in configuration files.
 :::
+
 ## Configuration Files
+
 zCLI supports configuration via YAML files in the following locations:
+
 1. Global config (user home): `~/.config/zerops/zcli.yaml` or `~/zerops/zcli.yaml`
 2. Project-specific config: `./.zcli.yaml` in the root of your application repository
+
 The system first loads the global config file, then merges in the project-specific config if it exists:
 - Settings unique to the global config are preserved
 - Settings in the project-specific config will override any duplicate keys from the global config
+
 ### Configuration File Examples
+
 **Global config file:**
 ```yaml
 # Set organization-wide defaults
 workspaceState: "all"
 ```
+
 **Project-specific file:**
 ```yaml
 # Set project-specific settings
 projectId: "your-project-id"
 serviceId: "your-service-id"
+
 # Override global workspace state for this project
 workspaceState: "clean"
 ```
+
 ## Environment Variables
+
 ### Standard Environment Variables
+
 Any flag can be set via environment variables by:
 - Using the `ZEROPS_` prefix
 - Converting the flag name to uppercase
 - Using the full flag name (not shorthand)
+
 **Example:**
 ```sh
 export ZEROPS_WORKSPACESTATE=clean
 export ZEROPS_PROJECTID=your-project-id
 ```
+
 ### Special Environment Variables
+
 zCLI also recognizes special environment variables that control its behavior:
+
 #### Terminal Mode Configuration
+
 The `ZEROPS_CLI_TERMINAL_MODE` environment variable controls the interactive mode of zCLI:
+
 ```sh
-export ZEROPS_CLI_TERMINAL_MODE=
+export ZEROPS_CLI_TERMINAL_MODE=<mode>
 ```
+
 Available modes:
 - `auto` (default): Automatically detects if interactive mode can be used and enables it when possible
 - `enabled`: Forces interactive mode to be enabled
 - `disabled`: Forces interactive mode to be disabled
+
 This setting affects interactive prompts, progress indicators, and other terminal-based user interface elements.
+
 #### Logging Configuration
+
 zCLI maintains a debug log file for the `service push` and `service deploy` commands. This logging feature is designed specifically for debugging purposes. The log file can be found in one of these locations:
+
 **1. Default locations** (checked in this order):
   - `/var/log/zcli.log` (if zCLI has write permissions)
   - `~/.config/zerops/zerops.log` (as fallback)
+
 **2. Custom location** (if specified):
   - Set with `ZEROPS_CLI_LOG_FILE_PATH` environment variable
+
 :::note
 zCLI must have write permissions for the specified log file locations.
 :::
+
 To enable verbose logging with additional debug information, use the `--verbose` flag (or its shorthand `-v`):
 ```sh
 zcli service push --verbose
 zcli service push -v
 ```
+
 To troubleshoot deployment issues, you can check these log files using commands like `cat` or `tail`:
 ```sh
 # View the entire log file
 cat ~/.config/zerops/zerops.log
+
 # Stream new log entries
 tail -f ~/.config/zerops/zerops.log
 ```
@@ -23989,22 +34333,33 @@ tail -f ~/.config/zerops/zerops.log
 
 # References > Zsc
 
+
 Zerops Setup Control (zsc) is a command-line utility automatically installed in all Zerops containers enabling developers to manage and control container environments directly from within both runtime and build contexts.
+
 Zerops Setup Control provides essential capabilities for container management, including resource scaling, technology installation, and environment configuration.
+
 Zerops Setup Control commands can be executed in two ways:
+
 - **Manual execution**:
   - From the web terminal interface in Zerops GUI
   - Using SSH connections to your containers
 - **Automated execution**:
   - As part of your `zerops.yaml` configuration file
+
 ## Usage
+
 ```sh
-zsc  [flags]
+zsc <command> [flags]
 ```
+
 ## Commands
+
 ---
+
 ### help
+
 This command lists available commands and flags on a command by placing `help`, `-h` or `--help` flag after the command.
+
 ```sh
 zsc help
 # or
@@ -24012,43 +34367,63 @@ zsc --help
 # or
 zsc -h
 ```
+
 ---
+
 ### completion
+
 Generate the autocompletion script for zsc for the specified shell.
+
 ```sh
 zsc completion [command]
 ```
+
 #### Available sub-commands
 - `bash`: Generate the autocompletion script for bash
 - `fish`: Generate the autocompletion script for fish
 - `powershell`: Generate the autocompletion script for powershell
 - `zsh`: Generate the autocompletion script for zsh
+
 #### Available flags
 - `-h, --help`: Help for the completion command
+
 ---
+
 ### backup-create
+
 Creates a backup of any specified stack in your project.
+
 ```sh
-zsc backup-create 
+zsc backup-create <stackName>
 ```
+
 #### Required parameters
-- ``: Name of the stack to backup
+- `<stackName>`: Name of the stack to backup
+
 #### Available flags
 - `-h, --help`: Help for the backup-create command
+
 #### Example
 ```sh
 zsc backup-create db
 ```
+
 ---
+
 ### cdn
+
 Manages CDN (Content Delivery Network) operations for your Zerops services.
+
 ```sh
 zsc cdn [command]
 ```
+
 #### Available sub-commands
 - `purge`: Invalidates cached content from the CDN for a specific domain. The purge command allows you to ensure that the most up-to-date content is being served to visitors after making updates to your site.
+
 #### Available flags
 - `-h, --help`: Help for the cdn command
+
 #### Examples
 ```sh
 # Purge all CDN cache for a specific domain
@@ -24060,78 +34435,107 @@ zsc cdn purge example.com "/path/to/my-file$"
 # Purge CDN cache for a specific directory
 zsc cdn purge example.com "/images/"
 ```
+
 :::important
 - This command must be executed in any container within the project that has the CDN-enabled domain active
 - Currently, the purge command only works for the [Static Mode](/features/cdn#static-mode) CDN
 :::
 ---
+
 ### crontab
+
 Manages scheduled tasks that are defined in your zerops.yaml configuration.
+
 ```sh
 zsc crontab [command]
 ```
+
 #### Available sub-commands
 - `list`: List all crontabs defined in zerops.yaml
 - `run`: Execute crontab command defined in zerops.yaml
+
 #### Available flags
 - `-h, --help`: Help for the crontab command
+
 ---
+
 ### execOnce
+
 Execute a command exactly once across all containers in a service, preventing duplicate execution in high-availability setups.
+
 ```sh
-zsc execOnce [flags]  --  [args...]
+zsc execOnce [flags] <key> -- <command> [args...]
 ```
+
 #### Required parameters
-* ``: A unique identifier for the execution
+* `<key>`: A unique identifier for the execution
 * `--`: Standard separator indicating the end of options and beginning of the command
-* ` [args...]`: The actual command to execute and its arguments
+* `<command> [args...]`: The actual command to execute and its arguments
+
 #### Available flags
 - `-r, --retryUntilSuccessful`: Retry command until it succeeds
 - `-v, --verbose`: Verbose output
 - `-h, --help`: Help for the execOnce command
+
 #### Behavior
 - **On success**: All containers proceed with their tasks
 - **On failure**: All containers report the command as failed
 - **With --retryUntilSuccessful**: The command is retried on a different container until it succeeds
+
 #### Examples
 ```sh
 # Execute a command once for the entire service stack
 zsc execOnce someStaticKey -- /var/www/myBinary some initial command --flag="value" --flag2="value2"
+
 # Run migrations for each new app version deployed to Zerops
 zsc execOnce ${ZEROPS_appVersionId} -- php /var/bin/console migrations:continue
 ```
+
 :::info
 This command is ideal for database migrations, initialization scripts, and other operations that should only run once in clustered environments.
 :::
+
 ---
+
 ### fail-me
+
 Deliberately fails the current container for testing purposes.
+
 ```sh
 zsc fail-me
 ```
+
 #### Available flags
 - `-h, --help`: Help for the fail-me command
+
 ---
+
 ### install
+
 Run install commands for the specified base technology in your runtime container.
+
 ```sh
-zsc install  [flags]
+zsc install <baseName> [flags]
 ```
+
 #### Required parameters
-- ``: The technology and version to install - see the full list of supported [base environments](/zerops-yaml/base-list).
+- `<baseName>`: The technology and version to install - see the full list of supported [base environments](/zerops-yaml/base-list).
+
 #### Available flags
-- `--buildBase `: Build base (default "php@8.4")
-- `--buildOs `: Build os (default "alpine")
-- `-m, --mode `: Mode (default "RUNTIME")
-- `--runBase `: Run base (default "php-nginx@8.4")
-- `--runOs `: Run os (default "alpine")
+- `--buildBase <string>`: Build base (default "php@8.4")
+- `--buildOs <string>`: Build os (default "alpine")
+- `-m, --mode <string>`: Mode (default "RUNTIME")
+- `--runBase <string>`: Run base (default "php-nginx@8.4")
+- `--runOs <string>`: Run os (default "alpine")
 - `-h, --help`: Help for the install command
+
 #### Examples
 ```sh
 zsc install rust@1.78
 zsc install dotnet@8
 zsc install nginx@1.22
 ```
+
 #### Example usage in `zerops.yaml`
 ```yaml
 zerops:
@@ -24147,20 +34551,27 @@ zerops:
       prepareCommands:
         - zsc install python@3.11
 ```
+
 ---
+
 ### noop
+
 Keep a container alive indefinitely with a non-terminating process.
+
 ```sh
 zsc noop [flags]
 ```
+
 #### Available flags
 - `-s, --silent`: Disables output to StdOut
 - `-h, --help`: Help for the noop command
+
 #### Examples
 ```sh
 zsc noop
 zsc noop --silent
 ```
+
 :::info
 The `noop` command is especially useful for:
 - Debugging build failures by keeping containers alive for investigation
@@ -24168,6 +34579,7 @@ The `noop` command is especially useful for:
 - Keeping service containers active when your app doesn't have a foreground process
 - As a start command in zerops.yaml for services that don't have a natural blocking command
 :::
+
 #### Usage in zerops.yaml
 ```yaml
 zerops:
@@ -24178,70 +34590,91 @@ zerops:
         - port: 8080
           http: true
 ```
+
 ---
+
 ### object-storage
+
 Manages object storage operations for backups and restores.
+
 ```sh
 zsc object-storage [command]
 ```
+
 #### Available flags
 - `-h, --help`: Help for the object-storage command
+
 When using an object storage service, the command requires the following environment variables to be defined:
+
 * `objectstorage_apiUrl` - API URL of the object storage service
 * `objectstorage_accessKeyId` - Access key ID for authentication
 * `objectstorage_secretAccessKey` - Secret access key for authentication
 * `objectstorage_bucketName` - Name of the bucket to use
+
 These environment variables will be automatically available if the object storage service has `envIsolation: none` configured, or if the entire project has `envIsolation: none` set. Otherwise, you need to explicitly reference these environment variables in your `zerops.yaml` file.
+
 #### Sub-commands
+
 #### Common parameters
 All sub-commands share these parameters:
-- `--storage `: Name of the object storage service
-- `--name `: Name of the backup in storage
+- `--storage <string>`: Name of the object storage service
+- `--name <string>`: Name of the backup in storage
 - `--silent`, `-s`: Suppresses command output (default: false)
 - `--no-fail`: Prevents command failure with exit code 1 (default: false)
+
 **list** - Lists all available backups in the specified storage
 ```sh
-zsc object-storage list --storage  --name 
+zsc object-storage list --storage <storage-name> --name <backup-name>
 ```
+
 **backup** - Creates a backup of specified directories to object storage
 ```sh
-zsc object-storage backup  [...] --storage  --name  [options]
+zsc object-storage backup <directory1> [<directory2>...] --storage <storage-name> --name <backup-name> [options]
 ```
 Arguments:
-- ``: One or more directories to back up (at least one required)
+- `<directory>`: One or more directories to back up (at least one required)
+
 Additional options:
-- `--truncate-count `: Number of most recent backups to keep after successful backup (default: 0)
-- `-C, --change-directory `: Change to directory before operation
+- `--truncate-count <number>`: Number of most recent backups to keep after successful backup (default: 0)
+- `-C, --change-directory <directory>`: Change to directory before operation
+
 **restore** - Restores a backup from object storage to specified or original locations
 ```sh
-zsc object-storage restore  --storage  --name  [options]
+zsc object-storage restore <directory> --storage <storage-name> --name <backup-name> [options]
 ```
 Arguments:
-- ``: Directory to restore to. If omitted, files are restored to their original locations
+- `<directory>`: Directory to restore to. If omitted, files are restored to their original locations
+
 Additional options:
 - `--dryRun`: Simulates restore operation without performing actual changes
 - `--overwrite`: Allows overwriting existing files during restore
-- `--index `: Specifies which backup to restore. Non-negative values count from newest (0 = newest, 1 = second newest), negative values count from oldest (-1 = oldest, -2 = second oldest) (default: 0)
+- `--index <number>`: Specifies which backup to restore. Non-negative values count from newest (0 = newest, 1 = second newest), negative values count from oldest (-1 = oldest, -2 = second oldest) (default: 0)
 - `--ignore-non-existing`: Prevents command failure if backup does not exist
-- `--strip-components `: Strip NUMBER leading components from file names on extraction
+- `--strip-components <number>`: Strip NUMBER leading components from file names on extraction
+
 **truncate** - Removes old backups, keeping only the most recent ones
 ```sh
-zsc object-storage truncate --storage  --name  [options]
+zsc object-storage truncate --storage <storage-name> --name <backup-name> [options]
 ```
 Additional options:
 - `--dryRun`: Simulates truncate operation without performing actual deletions (default: false)
-- `--truncate-count `: Number of most recent backups to keep (default: 5)
+- `--truncate-count <number>`: Number of most recent backups to keep (default: 5)
+
 #### Examples
 ```sh
 # List all backups
 zsc object-storage list --storage objectstorage --name daily-backup
+
 # Create a backup with retention
 zsc object-storage backup /var/www --storage objectstorage --name web-backup --truncate-count 5
+
 # Restore with dry run preview
 zsc object-storage restore --storage objectstorage --name database-backup --dryRun
+
 # Clean up old backups
 zsc object-storage truncate --storage objectstorage --name logs-backup --truncate-count 3
 ```
+
 #### Example usage in `zerops.yaml`
 ```yaml
 zerops:
@@ -24254,14 +34687,20 @@ zerops:
           command: "zsc object-storage backup --storage objectstorage --name $ZEROPS_StackName --truncate-count 5 ./data/"
           allContainers: false
 ```
+
 ---
+
 ### resources
+
 Displays the current resource scaling configuration for the container.
+
 ```sh
 zsc resources
 ```
+
 #### Available flags
 - `-h, --help`: Help for the resources command
+
 #### Example output
 ```json
 {
@@ -24270,19 +34709,27 @@ zsc resources
     "diskGBytes": 1
 }
 ```
+
 #### Related commands
 - `zsc scale`: Dynamically adjust resource allocations
+
 ---
+
 ### scale
+
 Dynamically adjust CPU or memory resources for the current container for a specified duration.
+
 ```sh
-zsc scale {cpu|ram} { |auto}
+zsc scale {cpu|ram} {<value> <duration>|auto}
 ```
+
 #### Required parameters
 - `cpu|ram`: Resource type to scale (either CPU cores or RAM)
-- ` ` or `auto`: Scale value and duration, or "auto" to disable custom scaling
+- `<value> <duration>` or `auto`: Scale value and duration, or "auto" to disable custom scaling
+
 #### Available flags
 - `-h, --help`: Help for the scale command
+
 #### Supported values
 - **For RAM**: Value must be suffixed by a unit (KiB, MiB, GiB); number may be a float.
 - **For CPU**: Value must not be suffixed; number must be an integer.
@@ -24290,6 +34737,7 @@ zsc scale {cpu|ram} { |auto}
 - **"min"** and **"max"**: Set the container to its CURRENT min and max values.
 - Numeric values can be prefixed with **"+"** for relative scaling, adding the requested value to currently used resources.
 - Duration must be suffixed by a unit (s = seconds, m = minutes, h = hours, d = days) and cannot be less than 10 minutes.
+
 #### Examples
 ```sh
 zsc scale cpu auto
@@ -24301,6 +34749,7 @@ zsc scale ram 5GB 1h
 zsc scale ram +2.5GB 600s
 zsc scale ram max 10m
 ```
+
 :::info
 - Resource adjustments take effect within approximately 10 seconds
 - The container cannot be scaled above or below its max/min resources set in the vertical autoscaling configuration
@@ -24308,82 +34757,115 @@ zsc scale ram max 10m
 - If service limits are changed while custom scaling is active, the container will automatically adjust to the new boundaries
 - If the service auto-scaling configuration is updated, you must call the scale command again to apply custom scaling
 :::
+
 :::caution
 If there are insufficient resources on the current server, the container might be moved to another node with available resources, which will reset the scale duration.
 The container will scale down automatically if resources are not utilized, or if the scale command duration expires.
 :::
+
 ---
+
 ### setSecretEnv
+
 Securely update environment variables containing sensitive information.
+
 ```sh
-zsc setSecretEnv  
+zsc setSecretEnv <key> <content>
 ```
+
 #### Arguments
-- ``: The name of the environment variable to set
-- ``: The new value for the variable, or `-` to read from stdin
+- `<key>`: The name of the environment variable to set
+- `<content>`: The new value for the variable, or `-` to read from stdin
+
 #### Available flags
 - `-h, --help`: Help for the setSecretEnv command
+
 #### Examples
 ```sh
 # Set a secret environment variable directly
 zsc setSecretEnv SECRET_KEY "new_value"
+
 # Set a secret environment variable from stdin (useful for multi-line values or piping)
 echo "new_value" | zsc setSecretEnv SECRET_KEY -
+
 # Set a secret API key from a file
 cat api_key.txt | zsc setSecretEnv API_KEY -
 ```
+
 :::info
 Secret environment variables are encrypted at rest and securely distributed to your containers. Use this command for storing sensitive configuration like API keys, tokens, and passwords.
 :::
+
 ---
+
 ### shared-storage
+
 Manages shared storage volumes for persistent data storage.
+
 ```sh
 zsc shared-storage [command]
 ```
+
 #### Available sub-commands
 - `mount`: Mounts the shared storage
 - `unmount`: Unmounts the shared storage
 - `wait`: Waits for readiness of the storage mount
+
 #### Available flags
 - `-h, --help`: Help for the shared-storage command
+
 #### Examples
 ```sh
 # View shared-storage help
 zsc shared-storage --help
+
 # Mount a shared storage volume
-zsc shared-storage mount 
+zsc shared-storage mount <storage-name>
+
 # Unmount a shared storage volume
-zsc shared-storage unmount 
+zsc shared-storage unmount <storage-name>
+
 # Wait for a storage mount to be ready
-zsc shared-storage wait 
+zsc shared-storage wait <storage-name>
 ```
+
 ---
+
 ### test
+
 Run diagnostic tests to verify connectivity and service availability.
+
 ```sh
-zsc test tcp : [flags]
+zsc test tcp <host>:<port> [flags]
 ```
+
 #### Required parameters
-- `:`: Host and port to test connectivity to
+- `<host>:<port>`: Host and port to test connectivity to
+
 #### Available flags
-- `--timeout `: Maximum test duration (default: 30s)
-- `--dialTimeout `: Single attempt timeout (default: 2s)
+- `--timeout <duration>`: Maximum test duration (default: 30s)
+- `--dialTimeout <duration>`: Single attempt timeout (default: 2s)
 - `-4`: Force IPv4
 - `-6`: Force IPv6
 - `-h, --help`: Help for the test tcp command
+
 #### Example
 ```sh
 # Test TCP connection to a host
 zsc test tcp api.zerops:80
 zsc test tcp database:5432 --timeout 1m
 ```
+
 ---
+
 ### version
+
 Displays the current version of Zsc CLI.
+
 ```sh
 zsc version
 ```
+
 #### Available flags
 - `-h, --help`: Help for the version command
 
@@ -24391,9 +34873,13 @@ zsc version
 
 # Rust > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Rust application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -24402,48 +34888,62 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: rust@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - cargo b --release
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - target/release/~app
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: file.txt
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: rust@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Rust environment by installing additional
       # dependencies to the base Rust runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Rust application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Rust application start command
       start: ./app
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -24454,6 +34954,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -24463,11 +34964,23 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Rust builds:
+
+- `rust@1`, `rust@latest`, `rust@stable`
+- `rust@1.86`
+- `rust@1.80`
+- `rust@1.78`
+- `rust@nightly`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -24478,12 +34991,18 @@ zerops:
       base: rust@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Rust, Zerops command line tool, `npm` , `yarn`, `git` and `npx` tools.
+  major version of Rust, [Zerops command line tool](/references/cli), `npm` , `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -24497,34 +35016,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Modifying the OS will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Rust defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -24533,26 +35070,38 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: rust@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
         - cargo b --release
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/rust/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -24561,93 +35110,135 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: rust@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - cargo b --release
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     cargo b --release
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - cargo b --release
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/rust/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - cargo b --release
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - target/release/~app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - target/release/~app
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -24659,22 +35250,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -24683,6 +35285,7 @@ zerops:
     build:
       base: rust@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         RUST_ENV: production
@@ -24691,12 +35294,24 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/rust/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Rust version for your runtime.
+
 Following options are available for Rust builds:
+
+- `rust@1`, `rust@latest`, `rust@stable`
+- `rust@1.86`
+- `rust@1.80`
+- `rust@1.78`
+- `rust@nightly`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -24706,19 +35321,26 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: rust@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: rust@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Rust, Zerops command line tool, npm, yarn, git and
   npx tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the zerops.yaml in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -24728,6 +35350,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: rust@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -24737,43 +35360,74 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Rust service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access a Rust service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Rust runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Rust environment contains {data.alpine.default}, the selected
-  major version of Rust, Zerops command line tool and `npm` , `yarn`, `git` and `npx` tools. To install additional packages or tools add one or
+  major version of Rust, [Zerops command line tool](/references/cli) and `npm` , `yarn`, `git` and `npx` tools. To install additional packages or tools add one or
   more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -24781,6 +35435,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -24790,28 +35445,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/rust/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
-  
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Rust, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Rust, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -24820,6 +35492,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -24829,15 +35502,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -24846,22 +35524,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Rust application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/rust/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/rust/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -24876,56 +35567,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/rust/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Rust application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Rust application start command
       start: ./app
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Rust application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -24933,30 +35650,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Rust application.
+
+        The command has access to the same [environment variables](/rust/how-to/create#set-secret-environment-variables) as your Rust application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Rust application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -24965,13 +35699,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -24980,40 +35719,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/rust/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -25022,30 +35783,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/rust/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Rust application.
+
+        The command has access to the same [environment variables](/rust/how-to/create#set-secret-environment-variables) as your Rust application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -25057,8 +35836,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/rust/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Rust > How To > Build Process
@@ -25075,35 +35856,60 @@ Read more about how the [readiness check works](/rust/how-to/deploy-process#read
 
 # Rust > How To > Create
 
+
 Zerops provides a Rust runtime service with extensive build support. Rust runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Rust service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Rust service:
+
+[Video: /vids/services/rust.webm](/vids/services/rust.webm)
+
 ### Choose Rust version
+
 Following Rust versions are currently supported:
+
 :::info
 You can [change](/rust/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/rust/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Rust service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Rust service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/rust/how-to/create#create-a-project-description-file)
 3. [Create a project with a Rust and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -25124,13 +35930,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Rust version 18 service with default [auto scaling](/rust/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/rust/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -25175,112 +35986,191 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Rust service and a [PostgreSQL](/postgresql/overview) service.
+
 Rust service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/rust/how-to/build-pipeline#ports). Rust service will run on version 18 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Rust and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Rust service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/rust/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/rust/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/rust/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/rust/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Rust service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -25301,33 +36191,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Rust service version 18 with default [auto scaling](/rust/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Rust > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add --no-cache imagemagick)',
-  'Native dependencies: When your Cargo dependencies require system libraries that aren\'t in the default environment',
-  'Development tools: When you need debugging tools, profilers, or other development utilities',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -25381,13 +36276,21 @@ System packages for processing: When your app processes images, videos, or files
 
 # Rust > Overview
 
+
 [Rust ↗](https://www.rust-lang.org/) - a language empowering everyone to build reliable and efficient software.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-rust-hello-world), a **_recipe_**, containing the most simple Rust web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Rust running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Rust running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "rust" recipe on Zerops](https://app.zerops.io/recipe/?lf=rust)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-rust-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -25399,105 +36302,176 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-rust-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/rust/how-to/create) — Dive in all Zerops has to offer for your Rust application.
+
 ## Feature Highlights
+
+- [Create Rust service](/rust/how-to/create) — Start with creating a Rust service using GUI or zCLI.
+- [zerops.yaml](/rust/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/rust/how-to/scaling) — Set up scaling of your Rust application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/rust/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/rust/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/rust/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Shared Storage > How To > Backup
 
+
 Zerops provides automated data backup for Shared Storage services with full encryption and flexible management options.
+
 For general backup information including configuration, scheduling, and management options, see the [Zerops Backups](/features/backup) documentation, which covers:
 - Backup scheduling and retention policies
 - Tagging system and storage quotas
 - Manual backup creation and CLI tools
 - Security and encryption details
+
 ## Shared Storage Backup Format
+
 Shared Storage backups are created using tar archival:
+
 - **Format**: `.tar.gz` (archive of directory contents)
 - **Tooling**: `tar`
-- **Content**: Compresses the entire shared volume (`/mnt/`)
+- **Content**: Compresses the entire shared volume (`/mnt/<volume>`)
 - **Storage**: Encrypted and stored in isolated object storage
+
 ### Restoring Backups
+
 To restore a Shared Storage backup: Download the backup file (`.tar.gz`) from the Zerops UI, extract the archive, and upload the contents back to your Shared Storage.
+
 ## Best Practices
+
 For Shared Storage backups:
 - Regularly clean up unnecessary files from your Shared Storage to reduce backup size
 - Create manual backups with protected tags before major file operations or migrations
 - Consider adjusting your backup frequency for optimal storage usage
 - Test your restore process periodically to ensure data integrity
+
 For additional best practices and troubleshooting, refer to the [main backup documentation](/features/backup).
 
 ----------------------------------------
 
 # Shared Storage > How To > Connect
 
+
 This page covers how to connect an existing shared storage to runtime services and how to disconnect services when needed.
+
 ## In Zerops GUI
+
 ### Connect a new shared storage
+
 When creating a new shared storage service, you can directly select which runtime services it should be connected to. See [Create Shared Storage](/shared-storage/how-to/create) for details about the creation process.
+
 ### Connect an existing shared storage
+
 For existing storage, go to the shared storage service detail page and select **Shared storage connections**. Toggle ON any runtime services you wish to connect to this storage.
-  
+
 ## Disconnect a shared storage in Zerops GUI
+
 To disconnect storage, access the shared storage service detail page, select **Shared storage connections**, and toggle OFF the desired runtime service.
 
+
 ----------------------------------------
 
 # Shared Storage > How To > Create
 
+
 Shared Storage provides persistent file storage that can be mounted as a POSIX-compatible filesystem to your runtime services. Built on [SeaweedFS ↗](https://github.com/seaweedfs/seaweedfs), it enables reliable data persistence and sharing across services in your infrastructure.
+
 ## Create Using Zerops GUI
+
 First, set up a project in Zerops GUI and add a runtime service. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Shared Storage service:
+
+[Video: /vids/services/shared-storage.webm](/vids/services/shared-storage.webm)
+
 ### Set a Hostname
+
 Enter a unique service identifier like "storage", "files" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Hostname Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::note
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Connect to Services
+
 Select one or more project's runtime services in the Share with Services block:
-  
+
 The new Shared Storage will be connected to the selected runtimes.
+
 :::note
 Runtime services can be connected and disconnected at any time even after the shared storage is created.
 :::
+
 ### Choose Deployment Mode
+
 Choose between **Highly Available** (recommended for production) or **Single Container** (suitable for development) deployment.
+
 :::warning
 The Shared Storage deployment mode is fixed after the service is created. It can't be changed later.
+
 See [Technical Details](/shared-storage/tech-details#deployment-modes) for more information about deployment modes.
 :::
+
 ### Set Auto Scaling Configuration
+
 Configure vertical auto scaling parameters to control resource allocation and costs.
-  
+
 :::note
 For detailed information about auto scaling capabilities and recommendations, see [Technical Details](/shared-storage/tech-details#auto-scaling-configuration).
 :::
+
 ## Create Using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Shared Storage service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. Create a project description file
 3. Create a project with a runtime and a Shared Storage service
+
 ### Choose Your Runtime
+
 export const languages = [
     { name: "Node.js", link: "/nodejs/how-to/shared-storage#create-nodejs-service-with-a-shared-storage-using-zcli" },
     { name: "PHP", link: "/php/how-to/shared-storage#create-php-service-with-a-shared-storage-using-zcli" },
@@ -25511,104 +36485,164 @@ export const languages = [
 
 # Shared Storage > How To > Manage
 
+
 Zerops Shared Storage provides several web interfaces to manage, monitor, and troubleshoot your storage. These interfaces are accessible through the [Zerops VPN](/references/networking/vpn) and offer different capabilities for managing your data and monitoring system performance.
+
 ## Access Web Interfaces
+
 ### Filer UI
-* `http://.zerops:8888`
+
+* `http://<storage-service-hostname>.zerops:8888`
+
 The Filer UI provides a web-based interface for managing files and directories in your Shared Storage:
 - Browse the directory structure and create new directories
 - Upload new files (up to 64MB) and download existing files
 - Rename and delete files and directories
+
 ### Master UI
-* `http://node-stable-1.db..zerops:9333`
+* `http://node-stable-1.db.<storage-service-hostname>.zerops:9333`
+
 The Master UI provides system status and monitoring information:
+
 - View cluster topology
 - Monitor volume servers
 - Check system status and health
 - View statistics and metrics
+
 ### Volume UI
-* `http://node-stable-.db..zerops:8080/ui/index.html`
+
+* `http://node-stable-<node-number>.db.<storage-service-hostname>.zerops:8080/ui/index.html`
+
 The Volume UI allows you to monitor individual storage volumes:
+
 - View volume status
 - Check disk usage
 - Monitor I/O operations
 - View volume statistics
+
 ## Monitoring
+
 Several options are available to help you monitor your Shared Storage:
+
 ### Runtime Service Logs
-* Navigate to your runtime service detail page → **Runtime Logs** section → filter using the tag `zerops-mount-`
+* Navigate to your runtime service detail page → **Runtime Logs** section → filter using the tag `zerops-mount-<service-hostname>`
+
 ### Shared Storage Logs
 * Access from the Shared Storage service detail page → **Runtime Logs** tab → browse or search for relevant information
+
 ### System and Volume Status
 * Monitor replication status, disk usage, and performance metrics through the Master UI and Volume UI
 
+
 ----------------------------------------
 
 # Shared Storage > How To > Use
 
+
 Once a Shared Storage is [connected](/shared-storage/how-to/connect) to a runtime service, Zerops will create a new folder `/mnt/[shared storage name]` in the runtime service's filesystem.
+
 For example, `/mnt/teststorage` for a `teststorage` Shared Storage:
-  
+
 :::note
 The content of this folder is shared among all containers of the connected runtime service.
+
 If you connect multiple runtimes, the content of the folder will be shared among all containers of these services.
 :::
+
 ## Mount Points and Multiple Volumes
+
 - Multiple storage volumes can be mounted to a single service (e.g., `/mnt/files1`, `/mnt/files2`, etc.)
 - Shared storage mount is only available in runtime containers, not during build and prepare runtime phases
 - All filesystem operations are automatically logged to runtime logs
+
 For technical details about mount behavior and filesystem capabilities, see the [Technical Details](/shared-storage/tech-details#mount-integration) page.
+
 ## Use Cases
+
 Shared Storage is ideal for:
+
 - **Persistent filesystem-based databases**: SQLite, Prometheus DB, etc.
 - **Configuration sharing**: Deploy configurations once and share across multiple services
   - Example: Deploy Apache Airflow configurations and DAG files once and share with all worker nodes
 - **Alternative to object storage**: For applications that require filesystem semantics rather than object storage
 - **Application data**: Store and serve images, documents, and other assets
+
 ## Performance Considerations
+
 When using Shared Storage, keep in mind:
+
 - For write-heavy workloads, consider batching operations
 - Minimize operations with many small files for better performance
+
 For more detailed information about performance constraints and limitations, see the [Technical Details](/shared-storage/tech-details#performance-considerations) page.
+
 ## Troubleshooting
+
 ### Common Issues
+
 - The `df` command may show incorrect or misleading information when used with shared storage mounts. Please refer to the Zerops GUI for accurate storage metrics.
 
 ----------------------------------------
 
 # Shared Storage > Overview
 
+
 # Shared Storage
+
 Zerops provides a fully managed and scaled **Shared Storage** service, which can be mounted to your runtime services. It offers:
 - Persistent file sharing between containers of the same service or different services
 - Standard filesystem operations through a POSIX-compatible interface
 - Built-in high-availability configuration
+
 ## Documentation Sections
+
+- [Connect to Services](/shared-storage/how-to/connect) — Connect your Shared Storage to runtime services.
+- [Usage & Limitations](/shared-storage/how-to/use) — Learn how to save and access data, along with use cases and technical limits.
+- [Management & Access](/shared-storage/how-to/manage) — Access UI components and troubleshoot common issues.
+- [Backups](/shared-storage/how-to/backup) — Configure automatic backups of your data.
+- [Technical Details](/shared-storage/tech-details) — Explore the technical architecture and deployment options.
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Shared Storage > Tech Details
 
+
 Zerops Shared Storage is built on [SeaweedFS](https://github.com/seaweedfs/seaweedfs), a distributed filesystem optimized for high-volume storage with efficient retrieval.
+
 ## Architecture
+
 Shared Storage consists of three main components:
 - **Master Server**: Manages metadata and coordinates volume servers
 - **Volume Servers**: Store the actual file data
 - **Filer**: Provides a POSIX-compatible interface for file operations
+
 An **automatic vacuum process** helps maintain optimal storage performance by reclaiming space from deleted files. This process is triggered when the size of deleted content exceeds 15% (reduced from the default 30%).
+
 ### Mount Integration
+
 When connected to a runtime service:
-- Storage is mounted at `/mnt/`
+- Storage is mounted at `/mnt/<storage-hostname>`
 - Mount point is owned by the `zerops` user and group (no sudo required)
-- All filesystem operations are logged to runtime logs (tagged as `zerops-mount-`)
+- All filesystem operations are logged to runtime logs (tagged as `zerops-mount-<service-hostname>`)
 - Mounting will overwrite any existing content in the mount directory
 - Shared storage mount is only available in runtime containers, not during build and prepare runtime phases
+
 ## Deployment Modes
+
 Zerops provides Shared Storage in two deployment modes:
+
 ### Highly Available
+
 Recommended for production environments where data reliability is critical.
+
 - **Architecture**: 2 volume servers with the master located on one of them
 - **Data Durability**: Data and filer metadata are replicated 1:1 across nodes
 - **Fault Tolerance**:
@@ -25616,40 +36650,61 @@ Recommended for production environments where data reliability is critical.
     - A new container replaces the failed one
     - Data is automatically replicated to the new container (duration depends on data size)
     - During master node failure, mounted directories become temporarily unavailable until the new master initializes (~30s)
+
 ### Single Container
+
 Suitable for development environments or non-critical data storage.
+
 - **Architecture**: Master, volume, and filer server all located on a single container
 - **Data Durability**: All data is lost if the container fails
 - **Recommended For**: Development environments or temporary data storage
+
 :::warning
 The deployment mode is fixed after the service is created and cannot be changed later.
 :::
+
 ## Filesystem Capabilities
+
 Shared Storage supports standard POSIX filesystem operations:
+
 - Create, read, update, and delete files and directories
 - Set permissions (with some limitations)
 - Standard file locking operations
 - Hard and symbolic links
 - Directory listing and traversal
+
 For a complete list of supported features, see the [SeaweedFS FUSE documentation](https://github.com/seaweedfs/seaweedfs/wiki/FUSE-Mount#supported-features).
+
 ## Resource Constraints
+
 ### Storage Limits
+
 - Maximum storage space: 60GB (can be increased via support request)
 - Maximum file size: Unlimited within the 60GB total storage constraint
 - Maximum upload size via Filer UI: 64MB
+
 ### Memory Usage
+
 - Base memory consumption: ~60MB when idle
 - Peak memory usage: ~150MB under higher filesystem loads
 - Optimized for low RAM usage (may trade off some performance)
+
 ### Performance Considerations
+
 - **Latency**: Higher latency compared to local storage due to network-based distributed architecture
 - **Write Performance**: For write-heavy workloads, consider batching operations
 - **Small Files**: Minimize operations with many small files for better performance
+
 ## Auto Scaling Configuration
+
 Zerops scales Shared Storage services automatically by raising or lowering the hardware resources of each database container.
+
 Vertical auto scaling has the following default configuration:
+
 For most cases, the default parameters will work without issues. If you need to limit the cost of the Shared Storage service, lower the maximal resources. Zerops will never scale above the selected maximums.
+
 When you are experiencing problems with insufficient Shared Storage performance or capacity, increase the minimal resources. Zerops will never scale below the selected minimums.
+
 :::note
 You can change the auto scaling parameters later.
 :::
@@ -25658,11 +36713,19 @@ You can change the auto scaling parameters later.
 
 # Static > Overview
 
+
 The Static service provides a way to serve static content through a pre-configured Nginx setup. It balances simplicity with the flexibility needed for modern web applications.
-  Deploy an Analog app with static hosting in seconds. All you need is a Zerops account.
-  
+
+### Experience the simplicity of Zerops
+
+Deploy an Analog app with static hosting in seconds. All you need is a Zerops account.
+
+  [Deploy "analog" recipe on Zerops](https://app.zerops.io/recipe/?lf=analog)
+
 ## Quick Start
+
 Add a Static service to your project by including this in your `zerops.yaml`:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -25670,20 +36733,28 @@ zerops:
       os: alpine
       base: static
 ```
+
 ## Routing & Configuration
+
 ### Default Behavior
+
 Every Static service in Zerops comes with built-in defaults optimized for modern web applications, including Single Page Applications. By default, for any incoming request, the service will:
 1. Try to serve the exact path (`$uri`)
 2. Try with .html extension (`$uri.html`)
 3. Look for an index.html in the directory (`$uri/index.html`)
 4. Fall back to `/index.html` (suitable for SPAs)
 5. Return 404 if none of the above exist
+
 :::important SPAs
 Single Page Applications work out of the box without any additional configuration. The built-in fallback to `/index.html` ensures that client-side routing functions properly.
 :::
+
 ### Custom Routing Configuration
+
 The Static service allows you to configure additional URL routing and redirects through simple YAML configuration, abstracting away the complexity of Nginx configuration.
+
 Configure custom routing beyond the default behavior in the `run.routing` section of your `zerops.yaml`:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -25693,27 +36764,35 @@ run:
         to: /specific-landing-page
         status: 302
 ```
+
 ### Redirects
+
 #### Relative Redirects
+
 :::note
 Remember that SPA routing is already built into the default behavior. You don't need to add any custom redirects for client-side routing to work.
 :::
+
 Use relative redirects to route paths within your application. When both `from` and `to` are relative paths, you can omit the `status` code to create a masked redirect that shows the content of the target page while preserving the original URL:
+
 ```yaml title="zerops.yaml"
 routing:
   redirects:
     # Masked redirect - URL stays the same but shows content from about-us
     - from: /about
       to: /about-us
+
     # Standard redirect with status code
     - from: /old-page
       to: /new-page
       status: 301
+
     # Preserve the path when redirecting between directories
     - from: /blog/*
       to: /articles/
       preservePath: true
       status: 302
+
     # Preserve both path and query parameters
     - from: /posts/*
       to: /blog/
@@ -25721,11 +36800,15 @@ routing:
       preserveQuery: true
       status: 302
 ```
+
 :::caution Important
 When using `preservePath` with wildcards, ensure the `to` path ends with a `/` to maintain proper path concatenation. For example, `/blog/*` to `/new-blog/` will correctly redirect `/blog/hello.html` to `/new-blog/hello.html`, while `/new-blog` would result in `/new-bloghello.html`.
 :::
+
 #### Absolute Redirects
+
 For redirecting between domains or to external URLs, use absolute redirects by including `http://` or `https://`. When using absolute URLs in either `from` or `to`, you must specify a `status` code:
+
 ```yaml title="zerops.yaml"
 routing:
   redirects:
@@ -25734,17 +36817,22 @@ routing:
       to: https://new-domain.com
       status: 301
       preserveQuery: true  # Optional: maintain query parameters
+
     # Redirect with path preservation
     - from: https://old-site.com/*
       to: https://new-site.com/
       status: 301
       preservePath: true
 ```
+
 #### Wildcard Matching
+
 Use `*` as a wildcard in your paths:
 - **At the end of a path**: Matches any subsequent content
 - **At the start of a domain** (after `https://`): Enables regex matching for subdomains
+
 Example of domain management:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -25753,17 +36841,23 @@ run:
       - from: https://promo-domain.com/*
         to: https://main-site.com/special-offer
         status: 302
+
       # Redirect all subdomains to main site
       - from: https://*.old-domain.com/*
         to: https://main-site.com
         status: 302
 ```
+
 #### Matching Priority
+
 When multiple redirects are configured, they follow Nginx's matching priority system:
+
 1. Exact matches are checked first
 2. Simple path matches (without wildcards) are checked next
 3. Pattern matches (with wildcards) are checked last
+
 For example:
+
 ```yaml title="zerops.yaml"
 routing:
   redirects:
@@ -25771,21 +36865,26 @@ routing:
     - from: /
       to: /home
       status: 302
+
     # Simple path match - masked redirect
     - from: /about
       to: /about-us
+
     # Pattern match with path preservation
     - from: /blog/*
       to: /articles/
       preservePath: true
       status: 302
 ```
+
 In this configuration:
 - `/` will redirect to `/home` with a 302 status
 - `/about` will show content from `/about-us` but keep the URL as `/about`
 - `/blog/post-123.html` will redirect to `/articles/post-123.html`
 - Any other path will use the [default behavior](#default-behavior)
+
 #### Common Redirect Patterns
+
 **Domain Migration**
 ```yaml title="zerops.yaml"
 routing:
@@ -25795,6 +36894,7 @@ routing:
       status: 301
 ```
 Use permanent (301) redirects when permanently moving content to maintain SEO value.
+
 **Multiple Domain Management**
 ```yaml title="zerops.yaml"
 run:
@@ -25804,35 +36904,46 @@ run:
       - from: https://product-promo.com/*
         to: https://main-site.com/products
         status: 302
+
       # Campaign domain
       - from: https://special-offer.com/*
         to: https://main-site.com/campaign
         status: 302
+
       # Legacy domains and subdomains
       - from: https://*.legacy-domain.com/*
         to: https://main-site.com
         status: 302
 ```
+
 ### CORS Configuration
+
 You can enable CORS for your static service by adding a `cors` directive:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
     # Simple case - automatically converted to '*'
     cors: "*"
+
     # Full syntax with proper quoting
     cors: "'*' always"
 ```
+
 The `cors` directive sets the following headers:
 - `Access-Control-Allow-Origin`
 - `Access-Control-Allow-Methods`
 - `Access-Control-Allow-Headers`
 - `Access-Control-Expose-Headers`
+
 :::note
 The `cors` directive has a special case: if you specify just `"*"`, it's automatically converted to `'*'`. For any other values, you need to include the proper Nginx syntax including quotes.
 :::
+
 ### Custom Headers
+
 For more control over HTTP headers, use the `headers` directive:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -25841,46 +36952,61 @@ run:
         values:
           # All values need proper quoting since they're inserted directly into Nginx
           X-Frame-Options: "'DENY'"
+
           # Values with internal quotes need proper YAML escaping
           Content-Security-Policy: '"default-src ''self''"'
 ```
+
 :::important
 Header values are inserted directly into the Nginx configuration **without** additional quotes, which means:
+
 1. **All values must include their own quotes** (typically single quotes)
 2. If you need single quotes inside your header value, you must escape them in YAML (using double single quotes)
 3. To include the `always` directive, add it after your quoted value
 4. For complex values, you can use YAML's block scalar notation (`>-`) for better readability
 :::
+
 Here are examples for different header scenarios:
+
 ```yaml title="zerops.yaml"
 headers:
   - for: "/"
     values:
       # Simple header with proper quoting
       X-Frame-Options: "'DENY'"
+
       # Header with 'always' directive
       X-XSS-Protection: "'1; mode=block' always"
+
       # Header with internal single quotes - need double single quotes for escaping
       Content-Security-Policy: '"default-src ''self'' https://cdn.example.com"'
+
       # Complex header with block scalar notation for better readability
       Content-Security-Policy: >-
         "default-src 'self' https://cdn.example.com;
         script-src 'self' 'unsafe-inline';
         img-src * data:" always
 ```
+
 When this configuration is processed, it translates to the following Nginx directives:
+
 ```
 add_header X-Frame-Options 'DENY';
 add_header X-XSS-Protection '1; mode=block' always;
 add_header Content-Security-Policy "default-src 'self' https://cdn.example.com";
 add_header Content-Security-Policy "default-src 'self' https://cdn.example.com; script-src 'self' 'unsafe-inline'; img-src * data:" always;
 ```
+
 :::important Path Handling
 When you specify headers for a path that doesn't have an existing location block, the Static service automatically creates a location with the same [default behavior](#default-behavior) as the root path (trying files in order: `$uri`, `$uri.html`, `$uri/index.html`, `/index.html` or returning 404).
+
 If you add headers for a path that already has a location block, your headers will be merged with the existing configuration.
 :::
+
 ### Combining CORS and Custom Headers
+
 You can use both CORS and custom headers together:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -25890,28 +37016,42 @@ run:
         values:
           X-Frame-Options: "'DENY'"
 ```
+
 The `cors` directive sets default Access-Control headers for all routes, while the `headers` directive allows you to set additional headers for specific paths.
+
 :::important
 If you specify Access-Control headers in the `headers` directive, they will override the ones set by `cors` for that specific path.
 :::
+
 ## SEO with Prerender
+
 Single Page Applications render content with JavaScript, which most crawlers can't process—they see an empty page instead of your content. This affects traditional search engines, social media platforms, and AI tools like ChatGPT, Perplexity, and Claude.
+
 The Static service includes built-in support for Prerender.io, which automatically detects crawlers and serves them pre-rendered HTML while your users get the full interactive experience.
+
 ### Setup
+
 1. Set the `PRERENDER_TOKEN` secret variable with your Prerender.io token
 2. The service automatically configures necessary rewrites based on user agents
+
 ### Custom Prerender Host
+
 If you're using a custom Prerender host, add it to environment variables in `zerops.yaml`:
+
 ```yaml title="zerops.yaml"
 run:
   envVariables:
   - PRERENDER_HOST=your.prerender.host
 ```
+
 :::note Default
 The default host is `service.prerender.io` if not specified.
 :::
+
 ## Framework Integration
+
 The Static service handles static builds from any modern framework. Here's the typical deployment pattern:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -25925,29 +37065,41 @@ zerops:
     run:
       base: static
 ```
+
 The key is pointing `deployFiles` to wherever your framework outputs its built files (`dist/`, `build/`, `.output/public/`, etc.).
+
 This configuration:
 1. Uses Node.js for building the application
 2. Installs dependencies and builds the application
 3. Deploys the resulting static files to the Static service
+
 You can enhance this basic setup with:
 - Custom redirects for URL management
 - Prerender.io integration for SEO
 - Additional routing rules as needed
+
 For framework-specific examples, check out our [recipe collection](https://github.com/zeropsio/recipe-analog-static).
+
 ## Advanced Topics
+
 ### Switching to Full Nginx
+
 If you need more control over your Nginx configuration:
+
 1. Go to your Static service overview in the UI
 2. Click the three vertical dots in the left panel
 3. Select **Need to switch to full Nginx service?**
 4. Copy the generated Nginx configuration
 5. Use this configuration as a starting point for a full Nginx service
+
 :::tip
 This allows you to move to a more customizable setup while maintaining your existing routing logic.
 :::
+
 ### Complex Multi-Domain Setups
+
 For advanced scenarios involving multiple domains and complex routing:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -25956,18 +37108,24 @@ run:
       - from: https://product-promo.com/*
         to: https://main-site.com/products
         status: 302
+
       # Campaign domain
       - from: https://special-offer.com/*
         to: https://main-site.com/campaign
         status: 302
+
       # Legacy domains and subdomains
       - from: https://*.legacy-domain.com/*
         to: https://main-site.com
         status: 302
 ```
+
 ## Complete Examples
+
 ### Development Setup
+
 Configuration for local development with CORS and API proxying:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -25979,8 +37137,11 @@ run:
         to: https://api.your-domain.com
         status: 302
 ```
+
 ### Production Setup with Security
+
 Security-enhanced configuration for production environments:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -25998,29 +37159,47 @@ run:
 
 # Typesense > Overview
 
+
 Zerops provides a fully managed [Typesense search engine](https://typesense.org/) service that combines developer productivity with enterprise-grade reliability. The platform handles infrastructure complexity through automated deployment, scaling, and maintenance while providing developers full access to Typesense's native capabilities.
+
 ## Supported Versions
+
 Currently supported Typesense version:
+
 Import configuration version:
-## Service Configuration
+
+- `typesense@27.1`
+
+## Service Configuration
+
 Our Typesense implementation comes with carefully tuned defaults that diverge from the [standard Typesense configuration](https://typesense.org/docs/27.1/api/server-configuration.html#using-command-line-arguments) in the following ways:
+
 ```yaml
 thread-pool-size: 16
 num-collections-parallel-load: 8
 ```
+
 These defaults are optimized for most common use cases and managed by the platform. If you need to adjust these settings, please contact us through our [support channels](#support).
+
 ### Data Persistence
+
 Typesense data is automatically persisted to disk at `/var/lib/typesense`.
+
 This ensures that data remains intact during service restarts (Typesense automatically reloads the persisted data into memory upon startup).
+
 This persistence mechanism works in both HA and non-HA deployment modes, though with different reliability guarantees as detailed below.
+
 ### Deployment Modes
+
 :::warning
 The choice between HA and non-HA mode must be made during service creation and cannot be changed later. Make sure to carefully consider your requirements before deploying.
 :::
+
 #### Non-HA Mode
 - Suitable for development and testing
 - Data persistence not guaranteed during node failures
 - Lower resource requirements
+
 #### HA Mode
 - Implements Typesense's native [**Raft consensus**](https://typesense.org/docs/guide/high-availability.html) mechanism for data replication
 - Deploys as a **3-node cluster by default** for optimal reliability
@@ -26030,26 +37209,39 @@ The choice between HA and non-HA mode must be made during service creation and c
   - Recovery typically takes up to 1 minute during node failures or leader transitions
   - During these periods, requests may temporarily receive `503 Not Ready or Lagging` or `500 Could not find a leader` responses
   - These states automatically resolve once consensus is reestablished
+
 ### API Key Management
+
 The master API key is automatically generated and managed by the platform. You can access it through:
 - The service access details in the Zerops GUI
 - The `apiKey` environment variable in your service configuration
+
 :::warning
 Currently, as a security-focused design decision, the master API key cannot be modified after generation.
 :::
+
 ### CORS Configuration
+
 Your Typesense instance comes with CORS enabled by default, ensuring seamless integration with frontend applications. Browser-based clients can directly access the instance by providing the `X-Typesense-Api-Key` header, maintaining security while enabling straightforward client-side implementation.
+
 ## Network Architecture & Access Patterns
+
 ### Access Methods
+
 #### HTTPS Access
+
 When using HTTPS access (either through Zerops subdomain or custom domain), traffic is distributed across nodes via our integrated Nginx proxy layer. This provides a single access point that handles load balancing automatically.
+
 For enabling HTTPS access:
 1. Configure through the [Zerops access documentation](/features/access)
 2. Or use `enableSubdomainAccess: true` when [importing](/references/import#service-configuration) a Typesense service
+
 #### Direct Node Access
+
 Allows to access individual nodes using internal DNS:
 1. **Via [Zerops VPN](/references/networking/vpn)**
 2. **Internal Project Access** - services within the same project can reach nodes directly
+
 Node addressing patterns:
 ##### Standard format
 **Format:**```node{n}.db.{hostname}.zerops```
@@ -26058,9 +37250,13 @@ Node addressing patterns:
 **Format:**```node-stable-{n}.db.{hostname}.zerops```
 - **maintain consistent IP mapping** until node retirement (scaling down or failure events)
 - e.g. `node-stable-1.db.typesenseha.zerops`, `node-stable-2.db.typesenseha.zerops`
+
 ## Quick Start Example
+
 Here's a simple example of using Typesense with the JavaScript client:
+
 ```javascript
+
 const client = new TypesenseClient({
   nodes: [{
     host: 'your-service.zerops.dev', // Your Zerops subdomain
@@ -26070,6 +37266,7 @@ const client = new TypesenseClient({
   apiKey: process.env.TYPESENSE_API_KEY,
   connectionTimeoutSeconds: 2
 })
+
 // Create a collection
 await client.collections().create({
   name: 'companies',
@@ -26080,6 +37277,7 @@ await client.collections().create({
   ],
   default_sorting_field: 'num_employees'
 })
+
 // Example search query
 const searchResults = await client.collections('companies')
   .documents()
@@ -26090,19 +37288,25 @@ const searchResults = await client.collections('companies')
     sort_by: 'num_employees:desc'
   })
 ```
+
 ## Best Practices
+
 #### API Key Security
 - Never expose the master API key in client-side code
 - Generate scoped search-only API keys for frontend applications
 - Rotate API keys periodically through your service configuration
+
 #### High Availability
 - Implement retry logic in clients for handling temporary unavailability
 - Use stable DNS records for direct node access when needed
+
 #### Performance Optimization
 - Utilize batch operations for bulk updates
 - Configure appropriate timeout values based on your use case
 - Consider data volume when designing collection schemas
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zeropsio)
 - Contact support via [email](mailto:support@zerops.io)
@@ -26111,9 +37315,13 @@ For advanced configurations or custom requirements:
 
 # Ubuntu > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Ubuntu application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -26122,45 +37330,57 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: ubuntu@24.04
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
         - sudo apt-get something
         - curl something else
+
       # OPTIONAL. Build your application, e.g. with not officially supported version of your favourite technology
       buildCommands:
         - go build -o app main.go
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: app
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: some_file
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: ubuntu@24.04
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Ubuntu environment by installing additional
       # dependencies to the base Ubuntu runtime environment.
       prepareCommands:
         - sudo apt-get something
         - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Ubuntu application is started.
       initCommands:
        - rm -rf ./cache
+
       # REQUIRED. Your Ubuntu application start command
       start: ./app
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -26171,6 +37391,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -26180,11 +37401,20 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Ubuntu builds:
+
+- `ubuntu@24.04`
+- `ubuntu@22.04`, `ubuntu@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -26195,11 +37425,17 @@ zerops:
       base: ubuntu@24.04
       ...
 ```
-  The base build environment contains {data.ubuntu.default}, Zerops command line tool, `git` and `wget`.
+
+<p>
+  The base build environment contains {data.ubuntu.default}, [Zerops command line tool](/references/cli), `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -26213,18 +37449,27 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - [Zerops command line tool](/references/cli)
 - `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -26233,6 +37478,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: ubuntu@24.04
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -26240,20 +37486,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/ubuntu/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -26262,75 +37519,109 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: ubuntu@24.04
+
       # OPTIONAL. Build your application
       buildCommands:
-        - 
+        - <your build commands>
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 For detailed information about build commands, including how to run commands in single or separate shell instances and command exit code handling, refer to the documentation for your specific technology (e.g., [Node.js](/nodejs/how-to/build-pipeline), [Go](/ubuntu/how-to/build-pipeline), [Python](/python/how-to/build-pipeline), etc.).
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -26342,22 +37633,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -26366,6 +37668,7 @@ zerops:
     build:
       base: ubuntu@24.04
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         MODE: production
@@ -26374,12 +37677,21 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/ubuntu/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Ubuntu version for your runtime.
+
 Following options are available for Ubuntu builds:
+
+- `ubuntu@24.04`
+- `ubuntu@22.04`, `ubuntu@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -26389,17 +37701,24 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: ubuntu@24.04
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: ubuntu@24.04
       ...
 ```
+
+<p>
   The base runtime environment contains {data.ubuntu.default}, Zerops command line tool, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -26409,6 +37728,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: ubuntu@24.04
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -26418,29 +37738,52 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Ubuntu service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access a Ubuntu service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Ubuntu runtime environment by installing additional dependencies or tools to the runtime base environment.
-  The base Ubuntu environment contains {data.ubuntu.default}, Zerops command line tool and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+
+<p>
+  The base Ubuntu environment contains {data.ubuntu.default}, [Zerops command line tool](/references/cli) and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -26448,6 +37791,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -26457,26 +37801,44 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/ubuntu/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
-  The prepare runtime container contains {data.ubuntu.default}, Zerops command line tool and `git` and `wget`.
+
+<p>
+  The prepare runtime container contains {data.ubuntu.default}, [Zerops command line tool](/references/cli) and `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -26485,6 +37847,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -26494,15 +37857,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -26511,22 +37879,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Ubuntu application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/ubuntu/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/ubuntu/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -26541,56 +37922,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/ubuntu/how-to/env-variables) in Zerops.
+
 ### start
+
 _OPTIONAL._ Defines the start command for your Ubuntu application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Your Ubuntu application start command
       start: ./app
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Your Ubuntu application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -26598,30 +38005,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Ubuntu application.
+
+        The command has access to the same [environment variables](/ubuntu/how-to/create#set-secret-environment-variables) as your Ubuntu application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Ubuntu application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -26630,13 +38054,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -26645,40 +38074,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/ubuntu/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -26687,30 +38138,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/ubuntu/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Ubuntu application.
+
+        The command has access to the same [environment variables](/ubuntu/how-to/create#set-secret-environment-variables) as your Ubuntu application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -26722,80 +38191,124 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/ubuntu/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Ubuntu > How To > Build Process
 
-  
+
 ## Build process overview
+
 Zerops starts a temporary build container and performs the following actions:
+
 1. **Installs the build environment** - Sets up base system and  runtime
 2. **Downloads your application source code** - From [GitHub ↗](https://www.github.com), [GitLab ↗](https://www.gitlab.com) or via [Zerops CLI](/references/cli)
 3. **Optionally customizes the build environment** - Runs prepare commands if configured
 4. **Runs the build commands** - Executes your build process
 5. **Uploads the application artifact** - Stores build output to internal Zerops storage
 6. **Caches selected files** - Preserves specified files for faster future builds
+
 The build container is automatically deleted after the build has finished or failed.
+
 ## Build configuration
-Configure your  build process in your `zerops.yaml` file according to the full build & deploy  pipeline guide.
+
+Configure your  build process in your `zerops.yaml` file according to the  pipeline guide</VarLink>.
+
 ## Build environment
+
 ### Default  build environment
+
 The default  build environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - [zCLI](/references/cli), Zerops command line tool
-- 
+-
+
 ### Customize build environment
-To install additional packages or tools, add one or more build.prepareCommands to your `zerops.yaml`.
+
+To install additional packages or tools, add one or more  to your `zerops.yaml`.
+
 :::info
 The application code is available in the `/build/source` folder in your build container before the prepare commands are triggered. This allows you to use any file from your application code in your prepare commands (e.g. a configuration file).
 :::
+
 ### Build hardware resources
+
 All runtime services use the same hardware resources for build containers:
-  
-      HW resource
-      Minimum
-      Maximum
-    
-      CPU cores
-      1
-      5
-    
-      RAM
-      8 GB
-      8 GB
-    
-      Disk
-      1 GB
-      100 GB
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>HW resource</strong></th>
+      <th className="w-fit"><strong>Minimum</strong></th>
+      <th className="w-fit"><strong>Maximum</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">CPU cores</td>
+      <td className="w-fit">1</td>
+      <td className="w-fit">5</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">RAM</td>
+      <td className="w-fit">8 GB</td>
+      <td className="w-fit">8 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Disk</td>
+      <td className="w-fit">1 GB</td>
+      <td className="w-fit">100 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 Build containers start with minimum resources and scale vertically up to maximum capacity as needed.
+
 ### Build time limit
+
 The time limit for the whole build pipeline is **1 hour**. After 1 hour, Zerops will terminate the build pipeline and delete the build container.
+
 :::info
 Build container resources are not charged separately. Limited build time is included in your [project core plan](/company/pricing#project-core-plans), with additional build time available if needed.
 :::
+
 ## Troubleshooting  builds
+
 :::tip Advanced troubleshooting
 For complex build issues that require investigation, you can enable [debug mode](/features/debug-mode) to pause the build process at specific points and inspect the build container state interactively.
 :::
+
 ### Build and prepare command failures
-If any build command or prepare command fails (returns non-zero exit code), the build is canceled. Check the build log to troubleshoot the error.
+
+If any  or  fails (returns non-zero exit code), the build is canceled. Check the  to troubleshoot the error.
+
 ### Build cache issues
+
 If you encounter unexpected build behavior or dependency issues, the problem might be related to cached build data. While Zerops maintains the build cache to speed up deployments, sometimes you may need to start fresh.
+
 To invalidate the build cache:
+
 1. Go to your service detail in Zerops GUI
 2. Choose **Pipelines & CI/CD Settings** from the left menu
 3. Click on the **Invalidate build cache** button
+
 This will force Zerops to run the next build clean, including all prepare commands.
+
 Learn more about [build cache behavior](/features/build-cache).
+
 ## More resources
+
 For more details about the build and deploy pipeline, including how to cancel builds and manage application versions, see the [general pipeline documentation](/features/pipeline).
+
 ## Next steps
-- Understand the deployment process
-- Learn how to customize the runtime environment
-- Explore build and runtime logs
+
+- Understand the
+- Learn how to
+- Explore
 
 ----------------------------------------
 
@@ -26807,35 +38320,60 @@ For more details about the build and deploy pipeline, including how to cancel bu
 
 # Ubuntu > How To > Create
 
+
 Zerops provides a Ubuntu runtime service with extensive build support. Ubuntu runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Ubuntu service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Ubuntu service:
+
+[Video: /vids/services/golang.webm](/vids/services/golang.webm)
+
 ### Choose Ubuntu version
+
 Following Ubuntu versions are currently supported:
+
 :::info
 You can [change](/ubuntu/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/ubuntu/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Ubuntu service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Ubuntu service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/ubuntu/how-to/create#create-a-project-description-file)
 3. [Create a project with a Ubuntu and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -26856,13 +38394,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Ubuntu service with default [auto scaling](/ubuntu/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/ubuntu/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -26907,98 +38450,143 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Ubuntu service and a [PostgreSQL](/postgresql/overview) service.
+
 Ubuntu service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Ubuntu service will run with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Ubuntu service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/ubuntu/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/ubuntu/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/ubuntu/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/ubuntu/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Ubuntu service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -27019,65 +38607,90 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Ubuntu service version 1 with default [auto scaling](/ubuntu/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Ubuntu > How To > Customize Runtime
 
-System packages: Install any packages you need via apt-get, such as imagemagick, ffmpeg, or chromium',
-  'Specific language versions: Install versions of Go, Node.js, PHP, Python, or other runtimes that are not available as dedicated Zerops services (e.g., older or cutting-edge versions)',
-  'Custom binaries: Add compiled binaries or tools not available in the default repositories',
-  'Development tools: Include debugging tools, profilers, or other utilities',
-  'Specific libraries: Install dependencies required by your application'
-]} />
+
 ## Build Custom Runtime Images
+
 Zerops allows you to build custom runtime images (CRI) when the default base runtime images don't meet your application's requirements. This is an optional phase in the [build and deploy pipeline](/features/pipeline#runtime-prepare-phase-optional).
+
 Ubuntu is a versatile base for running anything not explicitly offered as a dedicated Zerops runtime. You can install any packages and tools you need, treating it as a clean OS to customize however you want.
+
 It is also a great option when you need a specific version of a technology (like Go, Node.js, or PHP) that Zerops doesn't support by default—whether it's an older version for legacy projects or a newer release not yet available.
+
 ## Configuration
+
 ### Default  Runtime Environment
+
 The default  runtime environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - [zCLI](/references/cli)
-- 
+-
+
 ### When You Need a Custom Runtime Image
+
 Since Ubuntu serves as a general-purpose base, you'll likely want to customize it for your specific use case. Common scenarios include:
+
 :::important
 You should not include your application code in the custom runtime image, as your built/packaged code is deployed automatically into fresh containers.
 :::
+
 Here are examples of configuring custom runtime images in your `zerops.yml`:
+
 ### Basic  Setup
+
 ### Using Build Files in Runtime Preparation
+
 For complete configuration details, see the [runtime prepare phase configuration guide](/features/pipeline#configuration).
+
 ## Process and Caching
+
 ### How Runtime Prepare Works
 The runtime prepare process follows the same steps for all runtimes. See [how runtime prepare works](/features/pipeline#how-it-works) for the complete process details.
+
 ### Caching Behavior
 Zerops caches custom runtime images to optimize deployment times. Learn about [custom runtime image caching](/features/pipeline#custom-runtime-image-caching) including when images are cached and reused.
+
 ### Build Management
 For information about managing builds and deployments, see [managing builds and deployments](/features/pipeline#manage-builds-and-deployments).
+
 :::warning
 Shared storage mounts are not available during the runtime prepare phase.
 :::
+
 ## Troubleshooting
-If your `prepareCommands` fail, check the prepare runtime log for specific error messages.
+
+If your `prepareCommands` fail, check the  for specific error messages.
 
 ----------------------------------------
 
@@ -27131,39 +38744,76 @@ If your `prepareCommands` fail, check the prepare runtime log for specific error
 
 # Ubuntu > Overview
 
+
 [Ubuntu ↗](https://ubuntu.com/) is a popular Linux distribution based on Debian, widely used for servers, cloud computing, and containerized applications.
+
 Ubuntu services in Zerops provide a flexible base environment for running applications built with technologies that aren't officially supported by Zerops, or for custom setups requiring full control over the runtime environment.
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## Feature Highlights
+
+- [Create Ubuntu service](/ubuntu/how-to/create) — Start with creating an Ubuntu service using GUI or zCLI.
+- [zerops.yaml](/ubuntu/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to configure your own app.
+- [Scaling configuration](/ubuntu/how-to/scaling) — Set up scaling of your Ubuntu service so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/ubuntu/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/ubuntu/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you built something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/ubuntu/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Valkey > Overview
 
+
 Valkey is a powerful, open-source alternative to Redis, offering full compatibility with Redis clients while providing an independent development path focused on community-driven innovation. Deploy and manage Valkey in Zerops' fully managed infrastructure to get instant access to high-performance in-memory data storage.
+
 :::tip
 Valkey is our recommended Redis alternative as KeyDB's development has slowed significantly in recent times.
 :::
+
 ## Supported Versions
+
 Currently supported Valkey versions:
+
 Import configuration version:
+
+- `valkey@7.2`
+
 ## Service Configuration
+
 Zerops offers Valkey in two deployment configurations to meet different availability requirements.
+
 ### Non-HA Setup
 - Single node deployment on port `6379` (non-TLS) and `6380` (TLS)
 - No backup mechanism beyond Zerops infrastructure reliability
 - Data persists unless the hardware node fails
 - Suitable for development or non-critical workloads
+
 ### HA (High Availability) Setup
+
 Our HA implementation uses a unique approach to ensure high availability while maintaining compatibility with all Redis clients:
+
 - 3-node configuration (1 master + 2 replicas)
 - Access ports:
   - `6379` - read/write operations (non-TLS, routed to master)
@@ -27178,170 +38828,2365 @@ Our HA implementation uses a unique approach to ensure high availability while m
   - When a master fails, a replica is promoted and routing is updated automatically
   - DNS entries are updated for seamless client connection
   - This implementation provides traffic forwarding to master (not natively supported by Valkey)
+
 :::note
 Be aware that replica data may lag slightly behind the master due to asynchronous replication.
 :::
+
 ## Learn More
+
 - [Official Valkey Documentation](https://valkey.io/docs) - Comprehensive guide to Valkey features
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zeropsio)
 - Contact support via [email](mailto:support@zerops.io)
 
+----------------------------------------
+
+# Zcp > Concept > How It Works
+
+
+The ZCP MCP setup gives a coding agent a **work loop** for Zerops app work. The agent reads live state, chooses the app runtime and dependencies, changes the app, deploys through Zerops, verifies real behavior, and returns proof or a blocker.
+
+The loop is carried by project-scoped Zerops operations, Zerops-specific knowledge, and instructions for what to inspect, what to change, when to ask, and what counts as done. You describe the product outcome; the agent uses the loop to make its decisions visible while it works.
+
+The source of truth is the real project: runtimes, managed services, env references, logs, events, and deploy results. A separate preview sandbox is not the source of truth.
+
+## The work loop
+
+```mermaid
+flowchart TD
+  intent["Product intent
+<code>Build a task board for my team.</code>"]
+  state["Live state
+services, runtime layout, env vars,
+logs, events, saved work state"]
+  scope["Runtime target
+which app service changes"]
+  setup{"Missing or unsuitable
+services?"}
+  provision["Service setup
+use existing services or create
+missing runtimes/dependencies"]
+  appwork["App work
+code, <code>zerops.yaml</code>, env refs,
+migrations, seeds, framework config"]
+  deploy["Direct deploy through Zerops"]
+  reachability{"Runtime reachable?
+status, logs, HTTP probe"}
+  behavior{"Requested behavior works?
+endpoint, UI flow, worker result,
+persisted state"}
+  evidence["Evidence
+build logs, runtime logs,
+events, verify output"]
+  proof["Proof
+URL, endpoint result,
+UI state, or stored result"]
+  delivery["Delivery after proof
+keep direct deploy, push to git,
+or hand off"]
+  blocker["Blocker
+credential, decision,
+unsupported fit,
+repeated failure"]
+
+  intent --> state --> scope --> setup
+  setup -->|yes| provision --> appwork
+  setup -->|no| appwork
+  appwork --> deploy --> reachability
+  reachability -->|no, fixable| evidence --> appwork
+  reachability -->|yes| behavior
+  behavior -->|no, fixable| evidence
+  behavior -->|yes| proof --> delivery
+  setup -->|needs decision| blocker
+  reachability -->|needs human| blocker
+  behavior -->|needs human| blocker
+
+  classDef user fill:#f7fbff,stroke:#2d72d9,stroke-width:1.5px,color:#172033;
+  classDef zcpbox fill:#eef7f1,stroke:#32845a,stroke-width:1.5px,color:#172033;
+  classDef work fill:#fffaf0,stroke:#c47f17,stroke-width:1.5px,color:#172033;
+  classDef done fill:#f5f3ff,stroke:#7157d9,stroke-width:1.5px,color:#172033;
+  classDef stop fill:#fff1f2,stroke:#d33f49,stroke-width:1.5px,color:#172033;
+
+  class intent user;
+  class state,scope zcpbox;
+  class setup,provision,appwork,deploy,reachability,behavior,evidence work;
+  class proof,delivery done;
+  class blocker stop;
+```
+
+The loop keeps the agent working from evidence instead of a guessed checklist: current state, Zerops wiring rules, deploy evidence, and the distinction between proof and blocker.
+
+## What "live state" means
+
+The MCP tools read Zerops instead of asking you to paste a service inventory into the prompt. Useful state includes:
+
+- runtime services and managed services,
+- whether the app has one runtime, a dev+stage pair, or local files linked to a Zerops runtime,
+- env-var keys and Zerops references,
+- recent build/deploy events,
+- build logs, runtime logs, and verification output,
+- saved work state after an interrupted session.
+
+This is why a short prompt can be enough. The agent can ask what exists, which runtime was last deployed, which checks passed, and where a previous run stopped.
+
+Chat history is not the source of truth. If the agent sounds confused, starts from an old assumption, or a session was interrupted, the recovery move is:
+
+```text
+Read current project status and tell me where this project stands before changing anything.
+```
+
+## What the workflow handles
+
+The workflow handles the things an agent must resolve during app work so you do not have to name them in the prompt. The tools and instructions supply the state, guidance, operations, and verification surface so the agent can work from evidence.
+
+| What the workflow handles | What the agent gets                                                                                                 | What that means for you                                                       |
+| ------------------------- | ------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------- |
+| Live state       | Services, env-var keys, Zerops references, recent events, logs, verification output, and saved work state.          | You do not have to paste a service inventory or reconstruct what happened.    |
+| Runtime target   | Rules for choosing the app runtime that should receive code changes.                                                | The agent can identify where app work belongs before editing or deploying.    |
+| Managed services | Knowledge and env wiring patterns for database, cache, queue, search, storage, mail, and similar services.          | Product intent can imply real dependencies without a manual wiring checklist. |
+| Service setup    | Operations for using existing services or creating missing runtimes and dependencies.                               | Runtime layout and dependencies can be established before app work starts.    |
+| App wiring       | Zerops-specific rules for `zerops.yaml`, env references, ports, commands, public access, and build/deploy behavior. | The app is wired for Zerops rather than for a generic cloud template.         |
+| Deploy evidence  | Build logs, runtime logs, platform events, service status, HTTP checks, and structured verification output.         | A failed deploy becomes a diagnosis surface instead of guesswork.             |
+| Behavior proof   | The proof gate is the requested behavior, not only a successful build or reachable root URL.                        | The final answer can point to what was actually checked.                      |
+| Delivery handoff | Direct proof first; then git push, CI, or human handoff when that is the chosen delivery choice.                    | Shipping setup follows a verified running result.                             |
+| Delivery handoff | Direct proof first; then git push, CI, or human handoff when that is the chosen delivery choice.                    | Shipping setup follows a verified running result.                             |
+
+The exact labels for layouts, delivery modes, and setup routes live in the [Glossary](/zcp/glossary) and [Workflows in depth](/zcp/reference/agent-workflow).
+
+## Service setup prepares the project layout
+
+Before app code work starts, the workflow makes three decisions visible:
+
+- Which runtime service is the app target?
+- Which managed services are dependencies?
+- Does the existing project layout fit the request?
+
+If the services already exist, the agent can use them. If a needed runtime or dependency is missing, the tools can create it. If the choice affects cost, product scope, credentials, a destructive action, or which stage/runtime should be used, the agent should stop and ask.
+
+Service setup is finished when the app runtime and dependencies are known. It is the layout that lets app work happen in the right place.
+
+## App work changes code and platform wiring together
+
+After the runtime target is known, the agent gets the platform knowledge needed to make the application change. In practice this often spans both source code and Zerops wiring:
+
+- app files,
+- `zerops.yaml` build and run setup,
+- env references to managed services,
+- migrations, seeds, and framework config,
+- start commands, ports, and public HTTP support,
+- local `.env` generation when using local setup.
+
+That guidance matters because Zerops is its own platform. Service references, build/deploy behavior, public access, scaling, and env resolution do not follow Docker Compose or Kubernetes conventions.
+
+The first functional deploy goes directly through MCP so the agent has a running result to verify. A repository push or CI handoff can follow, but it should not replace the first proof.
+
+## Recovery is evidence-driven
+
+When something fails, the workflow puts the agent on the matching evidence surface — build logs for build failures, prepare/runtime logs for start failures, verify output and request-time logs for behavior failures, transport surfaces for network failures, field-level rejection for config, and the named credential surface for credential failures. The full categories, what to read first, and what to avoid live in [Troubleshooting](/zcp/reference/troubleshooting).
+
+Retrying the same deploy without new evidence is not progress. The loop pushes toward one of three outcomes: fix from a cause, ask for the missing decision, or report a blocker with the category, evidence read, and attempts made.
+
+## Verification has two layers
+
+A successful deploy proves that Zerops accepted the build and started the runtime. Reachability checks prove the service is running and reachable. They still do not prove the product request.
+
+For a task-board app, useful behavior proof might be:
+
+- create a task,
+- move it between columns,
+- refresh the page,
+- confirm the task is still there.
+
+For an API task, proof might be a JSON response from the requested endpoint and stored data behind it. For a worker task, proof might be a processed job and the resulting database or object-storage state. For a staging request, proof belongs on the stage runtime, not only on dev.
+
+The final answer should make proof inspectable: runtime name, URL or endpoint, behavior checked, and delivery choice if one was set.
+
+## Delivery happens after proof
+
+Delivery choice controls how future changes ship after a verified runtime exists: keep direct deploy, push to git, or hand off to CI/release/human action. The user-facing version of this choice and what to tell the agent for each option lives in [Build and ship → Choose delivery after proof](/zcp/workflows/build-with-zcp#choose-delivery-after-proof).
+
+Packaging a running service turns a deployed runtime into a re-importable bundle for another Zerops project. It is useful for handoff or reuse after proof, not for deploying the next app change; see [Package a running service](/zcp/workflows/package-running-service).
+
+## Remote and local setup use the same loop
+
+The same `zcp` binary can run in two places. The control loop stays the same; filesystem and network access change. A human can take over from the same evidence either way: files, runtime target, logs, events, verification result, and delivery state.
+
+| Setup        | What runs where                                                                                                                                             | Practical effect                                                                                                                                                                                     |
+| ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Remote setup | A `zcp@1` service runs the `zcp` binary inside Zerops. **Include Coding Agent** adds the bundled agent CLI; **Cloud IDE** adds Browser VS Code. | Work happens inside the remote workspace, with private networking and runtime file mounts. |
+| Local setup  | The `zcp` binary runs on your laptop after `zcp init`, and your local editor or CLI agent talks to it.                                         | App files, deploy source, and git credentials stay local. Managed services are reached over Zerops VPN, and `.env` generation bridges credentials into your local app. |
+| Local setup  | The `zcp` binary runs on your laptop after `zcp init`, and your local editor or CLI agent talks to it.                                         | App files, deploy source, and git credentials stay local. Managed services are reached over Zerops VPN, and `.env` generation bridges credentials into your local app. |
+
+Choose setup by where the agent and filesystem should live: [Remote or local setup](/zcp/setup/choose-workspace).
+
+## Signs of a healthy run
+
+A well-shaped run should:
+
+- name the runtime target before editing or deploying,
+- use existing services when they fit,
+- create missing services only before app work starts,
+- read logs, events, and verify output when failure occurs,
+- distinguish runtime reachability from requested behavior,
+- stop before destructive actions, ambiguous runtime/stage choices, or missing credentials,
+- end with proof or a blocker.
+
+That is the practical difference between "the agent wrote code" and "the app task is done".
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) — normal app work after setup.
+- [Workflows in depth](/zcp/reference/agent-workflow) — process gates, generated files, runtime layouts, delivery labels, and completion evidence.
+
+
+----------------------------------------
+
+# Zcp > Glossary
+
+
+Use these definitions when a page, workflow status, agent handoff, or policy needs exact wording. In normal prompts, describe the outcome you want.
+
+## Core names
+
+**ZCP MCP** - Zerops Control Plane MCP: the MCP tool surface that exposes project-scoped Zerops operations to coding agents.
+
+**MCP server** - the Model Context Protocol server exposed by the `zcp` binary.
+
+**ZCP MCP tools** - the project-scoped Zerops operations exposed to an agent or MCP-capable client. In MCP clients, this usually appears as the `zerops` server.
+
+**`zcp` binary** - the executable that can run inside remote setup or on your machine in local setup.
+
+**`zcp` service** - the service instance in a Zerops project that hosts remote setup.
+
+**`zcp@1` service** - the Zerops service type used for remote setup.
+
+**zCLI** - the Zerops command-line client for humans, scripts, VPN, and CI. It is separate from ZCP MCP.
+
+**zsc** - the in-container Zerops Setup Control utility used from `zerops.yaml`.
+
+## Setup and workspace
+
+**Remote setup** - the `zcp` binary running inside a Zerops `zcp@1` service.
+
+**Include Coding Agent** - remote setup option that adds the bundled agent CLI, currently Claude Code, and preconfigures it to use ZCP MCP tools.
+
+**Cloud IDE** - browser-based VS Code served by remote setup.
+
+**Browser VS Code** - dashboard entry point into the Cloud IDE.
+
+**AI Agent environment** - recipe environment preset that creates app services plus remote setup with **Include Coding Agent** enabled.
+
+**Local setup** - the `zcp` binary running on your machine after `zcp init`, while your local editor or CLI agent talks to it.
+
+**Env bridge** - local setup behavior that writes a local `.env` snapshot from Zerops env vars and references so local app code can reach managed services over VPN.
+
+**Agent client** - the editor, CLI, hosted agent runtime, or custom MCP client that connects to ZCP MCP.
+
+## Generated files and state
+
+**Generated workflow block** - the managed section in `CLAUDE.md` between `<!-- ZCP:BEGIN -->` and `<!-- ZCP:END -->`. Durable project instructions belong outside it.
+
+**`.mcp.json`** - local MCP server config. It points the local agent client at `zcp serve` and stores `ZCP_API_KEY`; keep it out of git.
+
+**`.zcp/state/`** - local workflow metadata for a project directory: known runtimes, pairing, delivery choice, sessions, deploy attempts, verify attempts, and coordination locks. It is not source code.
+
+**Workflow state** - saved metadata that lets the agent resume, audit, or close a guided run after interruption.
+
+## Workflow
+
+**Bootstrap** - workflow phase that reads the current project and settles which runtime services and managed services the app should use before app code work starts.
+
+**Service setup** - the phase that decides which runtime services and managed services the app should use before app code work starts.
+
+**Develop** - workflow phase that changes app code/config, deploys, verifies reachability and behavior, and fixes failures from evidence.
+
+**Runtime target** - the app runtime selected for the current change, such as `appdev`, `appstage`, `app`, or a linked local target.
+
+<span id="runtime-layout"></span>**Runtime layout** - which app runtime services the workflow should use:
+
+- `standard` - dev runtime plus explicit stage runtime.
+- `dev` - one mutable development runtime.
+- `simple` - one runtime with no dev/stage split.
+- `local-stage` - local source directory linked to one Zerops runtime as deploy target.
+- `local-only` - local source directory with no linked runtime yet.
+
+**Managed service** - database, cache, queue, search, storage, mail, or similar dependency. It provides connection details; it is not an app deploy target.
+
+**Direct deploy** - deploy from the current source to the scoped runtime through ZCP MCP. The first verified running result uses direct deploy before delivery setup is applied.
+
+**Reachability verification** - checks that the runtime exists, is running, has no recent blocking errors, and can answer an HTTP probe when it is an HTTP service.
+
+**Behavior verification** - checks that the requested app behavior works on the real URL, endpoint, worker result, or stored state.
+
+**Proof** - user-inspectable completion evidence, such as a URL, endpoint result, UI state, processed job, or stored result.
+
+**Blocker** - a clear stop state with evidence: failure category, runtime in scope, what was tried, and what decision or credential is needed.
+
+## Delivery and production
+
+**Delivery choice** - what happens after a verified deploy: keep direct deploy, push to git, or hand off to CI/release/human process.
+
+**Delivery mode** - exact reference label for delivery choice:
+
+- `auto` - keep direct deploy for future changes.
+- `git-push` - commit and push to a configured remote, then observe/verify any tracked build.
+- `manual` - external CI, release process, or a human owns future delivery.
+
+**Git-push capability** - whether remote setup has enough remote URL and credential setup to push from remote setup. It can exist even when the current delivery mode is `auto`.
+
+**Build integration** - repository-triggered build/deploy path that ZCP MCP may configure or observe, such as a Zerops dashboard webhook or GitHub Actions. It is separate from git-push capability and delivery mode.
+
+**Package a running service** - workflow that turns one verified runtime and its managed dependencies into a re-importable, git-backed Zerops bundle.
+
+**Production release** - the release operation that moves verified dev or stage work into a separate production Zerops project. It is set up once per project (production infrastructure) and once per runtime (production deploy trigger), then runs every release.
+
+**Production boundary** - policy that production should live in a separate Zerops project without a `zcp` service and receive promoted work through CI, release process, or human action.
+
+## Platform and failure terms
+
+**Service scaling mode** - Zerops scaling setting such as `HA` or `NON_HA`. Different from runtime layout.
+
+**Public subdomain access** - Zerops `.zerops.app` URL access for an eligible HTTP runtime. Workers and non-HTTP services do not get useful public URLs.
+
+<span id="failure-category"></span>**Failure category** - label that points to the first useful evidence surface:
+
+- `build` - build phase failed.
+- `start` - build passed, but runtime start or prepare failed.
+- `verify` - runtime exists, but reachability or behavior failed.
+- `network` - transport, DNS, VPN, SSH, or service-to-service reach failed.
+- `config` - `zerops.yaml`, env vars, setup block, or service settings mismatch.
+- `credential` - Zerops, git, SSH, managed-service, or external API credential failed.
+- `other` - no known category matched.
+
+**Confirmation gate** - an operation that pauses until the user explicitly confirms the named target or consequence.
+
+**Destructive import override** - import action that would replace an existing service stack. ZCP MCP refuses first, names affected services, and requires a matching acknowledgement before proceeding.
+
+## Credentials
+
+**Single-project token** - Zerops token that can access exactly one project. ZCP MCP expects this shape.
+
+**`ZCP_API_KEY`** - single-project Zerops token used by ZCP MCP.
+
+**`GIT_TOKEN`** - git provider credential used by remote git-push delivery when needed.
+
+**`ZEROPS_TOKEN`** - Zerops token commonly used by GitHub Actions or external CI that runs `zcli`.
+
+**External secret** - third-party credential such as Stripe, OpenAI, Mailgun, or GitHub API access. The agent can wire placeholders and env vars, but the secret value remains your responsibility.
+
+
+----------------------------------------
+
+# Zcp > Overview
+
+
+:::info Public preview
+ZCP MCP is a public preview and is under active development. If you hit a bug, confusing behavior, or a missing workflow, please report it on [Discord](/discord); feedback from real projects is especially useful.
+:::
+
+This section covers, in order:
+
+- **How a run unfolds.** [Quickstart](/zcp/quickstart) for hands-on; [How it works](/zcp/concept/how-it-works) for the work loop.
+- **Where the agent runs.** [Remote or local setup](/zcp/setup/choose-workspace), [Trust model](/zcp/security/trust-model), and [Production boundary](/zcp/security/production-policy).
+- **What you decide while working.** [Build and ship](/zcp/workflows/build-with-zcp), [Package a running service](/zcp/workflows/package-running-service), [Promote to production](/zcp/workflows/promote-to-production).
+- **Exact labels when they matter.** [Workflows in depth](/zcp/reference/agent-workflow), [ZCP MCP tools](/zcp/reference/mcp-operations), [Troubleshooting](/zcp/reference/troubleshooting), [Glossary](/zcp/glossary).
+
+For the broader feature concept — why coding agents need real project infrastructure rather than a sandbox or generated artifact — start with [Infrastructure for Coding Agents](/features/coding-agents).
+
+With the generated workflow instructions enabled, an app task ends in proof or a blocker. **Proof** is a deployed runtime plus the URL, endpoint response, UI state, worker result, or stored data that shows the requested behavior works. A **blocker** is the agent reading the relevant Zerops evidence and naming the missing credential, decision, unsupported fit, or repeated failure.
+
+Your prompt can stay about the product. Name the stack, runtime layout, acceptance criteria, delivery path, external credentials, or risky approval only when those decisions matter.
+
+## What the agent gets
+
+**Current state.** Services, runtime layout, managed dependencies, env-var keys and references, logs, events, deploy history, verification state, and saved work state.
+
+**Zerops operations.** Project-scoped tools for discovering services, changing env vars, managing runtimes, deploying, verifying, scaling, public access, and delivery setup.
+
+**Workflow.** The generated instructions combine service setup and app development: inspect state, choose the runtime target, use or create services, wire code and `zerops.yaml`, deploy, verify, and choose delivery. The Zerops work stays behind the product task instead of becoming another checklist.
+
+**Evidence-based completion.** A build or deploy is not the finish line. A completed app task should end with a working URL, endpoint result, UI proof, or a blocker backed by logs, events, and verification evidence.
+
+## What you no longer have to script
+
+Without this layer, an app prompt often turns into an operations runbook. With MCP tools and workflow instructions enabled, you should not need to paste:
+
+- the service map, runtime target, dev/stage state, or managed-service inventory,
+- database credentials, private hostnames, env-var references, or generated connection strings,
+- build logs, runtime logs, event timelines, or a guess about why the last deploy failed,
+- a deploy/verify/recovery script for every task,
+- a recap after the chat loses context; the agent can read current workflow status.
+
+**You still own the decisions that need human judgment:** product intent, technology constraints, acceptance criteria, external credentials, repository policy, and approval for destructive actions.
+
+## Where it runs
+
+The **same `zcp` binary** runs in both setups. In [remote setup](/zcp/setup/hosted-workspace), Zerops packages it as a `zcp@1` service with Browser VS Code and bundled agent wiring. In [local setup](/zcp/setup/local-agent-bridge), you install it on your machine and connect your own editor or CLI agent. The project surface is the same; the workspace, network access, deploy source, and safety profile differ.
+
+To start, add remote setup in Zerops or initialize local setup beside your editor or CLI agent. The [Quickstart](/zcp/quickstart) uses remote setup because it needs no local install.
+
+## Your agent, credentials, and workspace
+
+**Agent account.** Remote setup can include a bundled agent CLI, currently Claude Code, already configured for MCP. Zerops wires the agent to the tools; you still authenticate with your own subscription login or API credentials.
+
+**Zerops token.** The MCP server connects through `ZCP_API_KEY`, a Zerops token limited to one project. Remote setup gets it from the platform; local setup reads it from `.mcp.json`. Token details live in [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+**Workspace freedom.** The `zcp@1` service is still a normal Zerops service. You can install another agent CLI, add private MCP servers or helper tools, edit `CLAUDE.md`, add team dotfiles, and adapt the workspace. Details live in [What remote workspace gives you](/zcp/setup/hosted-workspace#make-customization-persistent).
+
+:::caution Production boundary
+Use this setup for development or staging work. Production should stay in a separate Zerops project and receive released work through your CI or release process; see [Promote to production](/zcp/workflows/promote-to-production) for the practical flow and [Production boundary](/zcp/security/production-policy) for the policy.
+:::
+
+## What stays outside
+
+This section is not a replacement for Zerops platform references. The Zerops [build and deploy pipeline](/features/pipeline), [permissions](/features/rbac), networking, scaling, and service references remain canonical for platform behavior.
+
+
+----------------------------------------
+
+# Zcp > Quickstart
+
+
+Use this when you want the fastest hands-on ZCP loop: deploy an **AI Agent** recipe, authorize Claude Code, open Browser VS Code, and ask for one product change.
+
+Some [Zerops recipes](https://app.zerops.io/recipes) include an **AI Agent** environment. That preset creates app services, managed services, the `zcp@1` workspace, Browser VS Code, and bundled agent wiring in one deploy.
+
+This quickstart uses [Laravel showcase](https://app.zerops.io/recipes/laravel-showcase?environment=ai-agent) because it includes real managed services. The same flow works for other recipes that offer AI Agent (local variants exist too).
+
+## Prerequisites
+
+- A Zerops account with permission to create a project.
+- A Claude Code subscription login or API authentication. Zerops wires Claude Code to ZCP, but your agent subscription or model credentials stay yours.
+
+## 1. Choose the AI Agent recipe
+
+1. Open the [Zerops recipes catalog](https://app.zerops.io/recipes).
+2. Open a recipe with an **AI Agent** environment. For example, open [Laravel showcase](https://app.zerops.io/recipes/laravel-showcase?environment=ai-agent).
+3. Select **AI Agent**.
+4. Keep **Coding Agent** and **Cloud IDE** enabled.
+5. Deploy the recipe.
+
+The deploy creates app runtimes, managed dependencies, and a `zcp@1` workspace. In this recipe it appears as the `zcp` service. The agent, terminal, and browser IDE run there. App code still deploys to the app runtimes, not to `zcp`.
+
+## 2. Authorize Claude Code
+
+When provisioning finishes, the dashboard opens the Claude Code authentication flow. Use your own Claude Code subscription login or API credentials.
+
+This is separate from `ZCP_API_KEY`, the Zerops token used by ZCP. Your Claude login or API key is used only by the bundled agent.
+
+If you close the prompt, open the `zcp` service in the dashboard. Its panel shows the browser workspace, web terminal, SSH access, desktop editor access, and agent authorization state.
+
+## 3. Open the workspace
+
+After authentication, continue into **Browser VS Code**. The workspace opens with files, ZCP configuration, terminal access, and the Claude Code panel.
+
+You are now inside the remote workspace. The agent can read live state, use the MCP tools, reach private services, and deploy app changes to the runtimes created by the recipe.
+
+## 4. Ask for a product outcome
+
+In Claude Code, ask for the app behavior in natural language. A good first prompt is intentionally short:
+
+```text
+Build a task board for my team.
+Tasks should stay saved after refresh.
+```
+
+The agent should deploy, verify, read evidence, and return proof for the app task. Add detail only when it changes the work.
+
+Add details when they change the product, stack, runtime layout, acceptance criteria, or delivery preference:
+
+```text
+In this Laravel app, add a task board backed by the existing PostgreSQL service.
+A user can create a task, refresh the page, and still see it.
+```
+
+:::note Prompt shape
+
+Quickstart prompts are short so you can see what ZCP carries behind the request. Longer, detailed prompts are fine for larger engineering work, especially when they change product behavior, stack, runtime layout, acceptance criteria, delivery preference, credentials, or safety approvals.
+:::
+
+## 5. Read the proof
+
+The final answer should give you a real URL, endpoint, UI state, stored result, or blocker. Open the URL and try the behavior the agent says it verified.
+
+For the task-board prompt, create a task, refresh the page, and confirm the task is still there. If it disappears, the app is not done; ask the agent to verify that exact behavior again and continue from current evidence rather than starting over.
+
+If the agent cannot finish, useful output names the blocker: missing credential, missing decision, unsupported runtime choice, or repeated failure it could not recover from.
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) — Runtime layout, development work, delivery, packaging, and production release.
+- [How it works](/zcp/concept/how-it-works) — Live state, runtime fit, app wiring, deploy evidence, behavior proof, and blockers.
+- [Trust model](/zcp/security/trust-model) — What the project-scoped token lets the agent do, and where the safety boundary sits.
+
+
+----------------------------------------
+
+# Zcp > Reference > Agent Workflow
+
+
+Use this page when you want the process and exact labels behind a run that follows the generated workflow. Normal prompts should still describe outcomes. The workflow exists so the agent can read the project, prepare the right runtime and services, make the app change, deploy, verify, recover from evidence, and stop with proof or a concrete blocker.
+
+The useful mental split is:
+
+| Phase | What it settles | What should be true when it ends |
+| ----- | --------------- | -------------------------------- |
+| **Bootstrap** | Where the app should run and which services it depends on. | Runtime target and managed dependencies are known. |
+| **Develop** | Code, `zerops.yaml`, env wiring, deploy, verification, recovery, and delivery choice. | The requested behavior is proved, or the blocker is concrete. |
+| **Develop** | Code, `zerops.yaml`, env wiring, deploy, verification, recovery, and delivery choice. | The requested behavior is proved, or the blocker is concrete. |
+
+For the loop itself, see [How it works](/zcp/concept/how-it-works). This page catalogs the exact phases, routes, layouts, labels, and gates.
+
+## Session layers
+
+Most workflow mistakes come from confusing these layers:
+
+| Layer | What it is | What changes here |
+| ----- | ---------- | ----------------- |
+| **Workspace** | Where `zcp` and the agent run: remote `zcp@1` service or local machine. | Agent config, tools, local workflow state. App code should not be deployed to the workspace itself. |
+| **Target runtime service** | The app runtime in scope: `appdev`, `appstage`, `app`, or a linked local deploy target. | App files, `zerops.yaml`, deploys, runtime logs, verification target. |
+| **Managed services** | Databases, caches, queues, search, storage, mail, and similar dependencies. | Schema/data operations and credentials, never app code deploys. |
+| **Managed services** | Databases, caches, queues, search, storage, mail, and similar dependencies. | Schema/data operations and credentials, never app code deploys. |
+
+The `zcp` service is the control surface, not the app runtime.
+
+## What drives the workflow
+
+The generated workflow is made from four pieces:
+
+| Piece | Role |
+| ----- | ---- |
+| **MCP tools** | Project-scoped Zerops operations: discover, deploy, read logs/events, manage env vars, verify, import/export, and related actions. |
+| **Generated instructions** | Agent policy for when to inspect, when to ask, when to deploy, what evidence to read, and what counts as done. |
+| **Saved workflow state** | Local metadata about bootstrap sessions, runtime pairing, delivery choice, deploy attempts, verify attempts, and interrupted work. |
+| **Live Zerops project** | Source of truth for services, status, env refs, logs, events, deploys, runtime files, and public access. |
+| **Live Zerops project** | Source of truth for services, status, env refs, logs, events, deploys, runtime files, and public access. |
+
+The workflow does not replace judgment from the user or the agent. It gives the agent a process and evidence surface so app work does not depend on stale chat memory or a pasted runbook.
+
+## Bootstrap
+
+Bootstrap starts before app code changes when the workflow needs to understand or prepare the project layout.
+
+```mermaid
+flowchart TD
+  start(["Read live project state"])
+  interrupted{"Interrupted bootstrap
+to resume?"}
+  runtime{"Runtime services
+already exist?"}
+  known{"Request matches
+known recipe or stack?"}
+  resume(["resume"])
+  adopt(["adopt"])
+  recipe(["recipe"])
+  classic(["classic"])
+  done(["Runtime target and dependencies known"])
+
+  start --> interrupted
+  interrupted -- yes --> resume --> done
+  interrupted -- no --> runtime
+  runtime -- yes --> adopt --> done
+  runtime -- no --> known
+  known -- yes --> recipe --> done
+  known -- no --> classic --> done
+```
+
+| Route | Use when | Wrong signal |
+| ----- | -------- | ------------ |
+| `adopt` | Runtime services already exist, including recipe-created projects. | Recreating services that already fit, or targeting the `zcp` service as the app. |
+| `recipe` | The project is empty or only has remote setup, and the request matches a known stack recipe. | Treating an unchanged starter as the finished requested product. |
+| `classic` | The project is empty and needs a custom service plan. | Writing app code before service ownership and runtime target are known. |
+| `resume` | A previous bootstrap was interrupted. | Starting from scratch without checking live services and saved state. |
+| `resume` | A previous bootstrap was interrupted. | Starting from scratch without checking live services and saved state. |
+
+Bootstrap ends when the app runtime target and managed dependencies are known. It should also make visible any choice that needs human judgment: cost, credentials, data, runtime layout, production risk, or destructive behavior.
+
+## Runtime layouts
+
+Runtime layout describes which app runtime services the workflow should use. Exact layout labels (`standard`, `dev`, `simple`, `local-stage`, `local-only`) and the runtime names they map to live in the [Glossary](/zcp/glossary#runtime-layout). The user-facing three (dev, dev + stage, stage / linked target) are in [Build and ship → Choose the runtime layout](/zcp/workflows/build-with-zcp#choose-the-runtime-layout). Service scaling mode (`HA`/`NON_HA`) is a separate service setting.
+
+In `standard`, stage is explicit. Work scoped to `appdev` does not silently touch `appstage`; a release or stage verification happens when the user asks for it.
+
+## Develop
+
+Develop is the main app-work loop. It begins after bootstrap has a runtime target and dependencies. It closes only when runtime reachability and requested behavior both pass, or when the agent has a blocker that needs a human decision. The loop itself is in [How it works → The work loop](/zcp/concept/how-it-works#the-work-loop). The labeled steps are:
+
+1. **Name runtime target.** State which runtime is in scope: `appdev`, `appstage`, `app`, or a linked local target.
+2. **Change code and config.** Edit app files, `zerops.yaml`, env references, migrations, seeds, framework config, or local `.env` bridge when needed.
+3. **Deploy directly first.** The first verified runtime deploy goes through MCP tools. Git or CI handoff comes after proof.
+4. **Start or restart if needed.** Dynamic dev runtimes may need an explicit start or restart after deploy. Built-in webserver runtimes do not need a separate dev-server step unless the framework requires one.
+5. **Verify runtime reachability.** Check service status, recent error logs, and HTTP readiness when the runtime is an HTTP service.
+6. **Verify requested behavior.** Check endpoint body, UI state, job result, persisted data, or another result tied to the user request.
+7. **Fix from evidence.** Read failure category, logs, events, and check output. Repeating the same deploy without new evidence is not progress.
+
+Reachability and requested behavior are separate gates. A green deploy with a broken route is not done.
+
+## Failure categories
+
+Failure categories (`build`, `start`, `verify`, `network`, `config`, `credential`, `other`) point the agent to the first useful evidence surface. The full read-first / avoid playbook is in [Troubleshooting → Evidence order](/zcp/reference/troubleshooting#evidence-order); the term definitions are in the [Glossary](/zcp/glossary#failure-category).
+
+Categorization is what turns retries into evidence-driven fixes.
+
+## Delivery after proof
+
+Delivery mode applies after a verified deploy. It does not replace the first proof.
+
+| Exact mode | User-facing choice | Meaning |
+| ---------- | ------------------ | ------- |
+| `auto` | Keep direct deploy | The agent keeps deploying future changes directly to the target runtime. |
+| `git-push` | Push to git | The agent commits and pushes to a configured remote; any resulting build still needs observation and verification. |
+| `manual` | External handoff | CI, release process, or a human owns future delivery; the workflow records evidence but does not initiate the next deploy. |
+| `manual` | External handoff | CI, release process, or a human owns future delivery; the workflow records evidence but does not initiate the next deploy. |
+
+Git-push capability, delivery mode, and build integration are separate. A project can have git-push configured while still using direct deploy for a given session.
+
+Packaging and production release are deliberate handoffs after proof. Packaging turns a verified runtime into a git-backed import bundle. A production release moves verified work into a separate production project through GUI setup, git/CI triggers, or the team's release process.
+
+## Generated files and state
+
+Remote setup and `zcp init` create configuration around the MCP server and workflow guidance.
+
+| File or directory | Created where | Purpose |
+| ----------------- | ------------- | ------- |
+| `CLAUDE.md` | Remote workspace or local project directory | Claude Code instruction surface. ZCP MCP writes a managed block between `<!-- ZCP:BEGIN -->` and `<!-- ZCP:END -->`. User content outside that block is preserved. |
+| `.claude/settings.local.json` | Remote workspace or local project directory | Claude Code per-project settings and ZCP MCP tool permissions for that directory. |
+| `.mcp.json` | Local project directory | Project-local MCP server config. It contains the local `zcp` command and the project-scoped `ZCP_API_KEY`; keep it out of git. |
+| `~/.claude.json` and SSH config | Remote setup | Workspace-level Claude Code and SSH wiring used inside the Zerops-hosted workspace. |
+| `.zcp/state/` | Working directory where the MCP server runs | Workflow state and service metadata for that project directory. |
+| `.zcp/state/` | Working directory where the MCP server runs | Workflow state and service metadata for that project directory. |
+
+The managed `CLAUDE.md` block is refreshed by `zcp init` and by the MCP server when the block already exists. Put durable project instructions outside the ZCP markers. Edits inside the managed block are treated as generated content.
+
+`.zcp/state/` is not application source code and should not be committed. It stores metadata such as known runtime services, local/stage pairing, delivery preference, git-push setup, build integration, first-deploy stamps, workflow sessions, deploy attempts, verify attempts, and local coordination locks.
+
+ZCP MCP does not use `.zcp/state/` as a stale copy of the Zerops project. Service status, logs, events, runtime files, env-var values, and current platform configuration are read from Zerops or from the local filesystem when tools run. Local `.env` files are generated separately and may contain secrets.
+
+Do not edit `.zcp/state/` by hand during normal work. Use workflow operations to reset, resume, iterate, or reconfigure state. Deleting it intentionally discards local memory of services and delivery setup for that directory; the tools can rediscover live Zerops state, but delivery preferences and workflow history may need to be set again.
+
+## Completion evidence
+
+A completed app task should answer:
+
+- which bootstrap route was used when setup was needed,
+- which runtime target changed,
+- which managed services were used or created,
+- which deploy passed,
+- which reachability check passed,
+- which requested behavior passed,
+- which URL, endpoint, UI state, worker result, or stored value proves it,
+- which delivery choice applies next,
+- or which blocker remains and what evidence supports it.
+
+A clear blocker is acceptable completion only when it names the runtime in scope, failure category, evidence read, fixes tried, and human decision or credential still needed.
+
+## Confirmation gates
+
+Two operations pause because the loss is not safely reversible from inside the conversation: **service deletion** (named approval) and **destructive import override** (refuse-then-acknowledge). See [Tokens and credentials → What ZCP enforces for destructive actions](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions) for the user-facing confirmation flow.
+
+## Auditing a workflow
+
+A workflow run is well-shaped if the evidence answers:
+
+| Question | Evidence |
+| -------- | -------- |
+| Where did bootstrap start? | Live service list, saved workflow state, and bootstrap route. |
+| Where did bootstrap end? | Runtime target, managed dependencies, and any human decisions. |
+| Which runtime was developed and deployed? | Runtime target, deploy result, events, and logs. |
+| What proved reachability? | Verify output, service status, public URL, or HTTP probe. |
+| What proved behavior? | Endpoint, UI flow, job result, database/object state, or other requested proof. |
+| What controls future delivery? | Delivery mode, git-push state, build integration, package bundle, or production release handoff note. |
+| What controls future delivery? | Delivery mode, git-push state, build integration, package bundle, or production release handoff note. |
+
+## Related reference
+
+- [ZCP MCP tools](/zcp/reference/mcp-operations) — operation names and direct tool calls.
+- [Troubleshooting](/zcp/reference/troubleshooting) — recovery order when a run gets stuck.
+- [Glossary](/zcp/glossary) — exact terms used across the ZCP MCP reference.
+
+
+----------------------------------------
+
+# Zcp > Reference > Index
+
+
+Reference pages exist for the moments when an exact label, tool name, or recovery step matters. For day-to-day app work, start in [Build and ship](/zcp/workflows/build-with-zcp); for the loop itself, [How it works](/zcp/concept/how-it-works).
+
+- [Workflows in depth](/zcp/reference/agent-workflow) — Catalog of phases, routes, layouts, and labels behind a generated-workflow run.
+- [ZCP MCP tools](/zcp/reference/mcp-operations) — Exact tool names and surface for custom MCP clients or agent policy.
+- [Troubleshooting](/zcp/reference/troubleshooting) — When the agent is stuck, a session was interrupted, deploys keep failing, or you are taking over manually.
+- [Glossary](/zcp/glossary) — Definitions for terms across pages and workflow status (`appdev`, `local-stage`, `delivery mode`, etc.).
+
+## Common scenarios
+
+<div className="zcp-claim-grid">
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Debugging a stuck deploy
+
+[Troubleshooting → Evidence order](/zcp/reference/troubleshooting#evidence-order) names what to read first; [Workflows in depth → Failure categories](/zcp/reference/agent-workflow#failure-categories) maps the labels.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Building a custom MCP client
+
+[ZCP MCP tools](/zcp/reference/mcp-operations) for the tool surface; [Workflows in depth → What drives the workflow](/zcp/reference/agent-workflow#what-drives-the-workflow) for what the generated workflow adds on top of bare tools.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Auditing a finished run
+
+[Workflows in depth → Completion evidence](/zcp/reference/agent-workflow#completion-evidence) for what should be in the final answer; [Trust model → Audit evidence](/zcp/security/trust-model#audit-evidence) for what Zerops records platform-side.
+
+</div>
+
+</div>
+
+
+----------------------------------------
+
+# Zcp > Reference > Mcp Operations
+
+
+Most app work should be phrased as an outcome: build this, fix that, deploy and prove it. Operation names matter when you configure agent-client policy, debug an MCP integration, build a custom client, or use ZCP MCP pragmatically as a set of project-scoped Zerops tools.
+
+ZCP MCP is the MCP server exposed by the `zcp` binary. Any MCP-capable client can connect to it and call tools such as `zerops_discover`, `zerops_logs`, `zerops_events`, `zerops_deploy`, or `zerops_verify`.
+
+## Tool-only use
+
+The MCP server exposes operations. It does not, by itself, decide the whole app lifecycle.
+
+Claude Code with the generated workflow uses its instructions to decide sequencing: inspect state before changing things, choose the runtime target, use existing services or create missing ones, deploy, read failure evidence, verify requested behavior, and stop with proof or a blocker.
+
+Tool-only use is valid when you want a custom MCP client, script, dashboard, policy-gated agent, or narrow operational task. In that setup, your integration owns the sequencing:
+
+- which project services are in scope,
+- when a deploy is allowed,
+- what counts as verification,
+- which logs or events should be read after failure,
+- when to ask a human,
+- when to stop.
+
+Tool-level gates still apply. Service deletion requires explicit named approval, and destructive import override requires an acknowledgement of the exact targets.
+
+If you use Claude Code but do not want the generated workflow guidance, keep the MCP connection and remove the ZCP-managed workflow block from `CLAUDE.md`, or keep your own policy outside the ZCP markers. What you lose is the generated instruction layer that makes the agent plan around live state, deploy with bounded retries, verify behavior, and report proof or a concrete blocker.
+
+Generated files and workflow state are documented in [Workflows in depth](/zcp/reference/agent-workflow#generated-files-and-state).
+
+## What the tools can do
+
+| Area | Tools | Typical use |
+| ---- | ----- | ----------- |
+| Discover | `zerops_discover` | Read services, service metadata, env-var keys, and project topology. |
+| Observe | `zerops_logs`, `zerops_events`, `zerops_verify`, `zerops_process` | Diagnose deploys, read runtime/build evidence, run health checks, and watch async processes. |
+| Deploy | `zerops_deploy` | Push source through Zerops build/deploy pipeline and return build/deploy evidence. |
+| Configure | `zerops_env`, `zerops_subdomain`, `zerops_scale`, `zerops_manage` | Change env vars, public subdomain access, scaling, lifecycle, reload/restart, and storage attachment. |
+| Import/export | `zerops_import`, `zerops_export`, `zerops_preprocess` | Import project/service YAML, read export YAML, and expand Zerops preprocessor expressions. |
+| Workspace | `zerops_mount` | Mount or unmount runtime filesystems in remote setup. |
+| Workflow | `zerops_workflow` | Track, recover, or configure workflow sessions and packaging/export flow. |
+| Destructive | `zerops_delete` | Delete one named service after explicit user approval. |
+| Destructive | `zerops_delete` | Delete one named service after explicit user approval. |
+
+Recipe-authoring and ZCP-internal maintenance operations are intentionally out of scope for this public reference.
+
+## Read-only operations
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_discover` | Read services, ports, env-var keys, and current state. |
+| `zerops_export` | Read platform project/service export YAML and service metadata. |
+| `zerops_logs` | Read runtime/build logs filtered by service, severity, time, or search. |
+| `zerops_events` | Read service activity, deploys, builds, scaling, and failures. |
+| `zerops_verify` | Run service health, recent error log, and HTTP-readiness checks. |
+| `zerops_knowledge` | Fetch ZCP MCP guidance or platform knowledge for the current state. |
+| `zerops_process` | Check a known async process; cancel is a mutating action. |
+| `zerops_process` | Check a known async process; cancel is a mutating action. |
+
+## Mutating operations
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_deploy` | Ship code through the Zerops build and deploy pipeline. |
+| `zerops_env` | Read, set, delete, or generate env vars and local `.env` files. |
+| `zerops_manage` | Start, stop, restart, reload, or connect storage. |
+| `zerops_scale` | Change CPU, RAM, disk, CPU mode, or container autoscaling where supported. `HA`/`NON_HA` is set at service creation. |
+| `zerops_subdomain` | Enable or disable public subdomain access. |
+| `zerops_delete` | Delete a service. Explicit named approval is required. |
+| `zerops_delete` | Delete a service. Explicit named approval is required. |
+
+## Operational setup
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_workflow` | Track, recover, or configure workflow sessions; also carries the package-running-service export flow. |
+| `zerops_import` | Import project/service definitions. Destructive override is gated. |
+| `zerops_mount` | Mount or unmount runtime filesystems in remote setup. |
+| `zerops_preprocess` | Expand Zerops preprocessor expressions. |
+| `zerops_preprocess` | Expand Zerops preprocessor expressions. |
+
+## Remote and local tool differences
+
+The operation names are the same, but the filesystem and network boundary differ.
+
+| Area | Remote setup | Local setup |
+| ---- | ------------ | ----------- |
+| Files | Runtime files through SSHFS or remote containers. | Local working directory. |
+| Deploy source | Remote service or batch deploy inside Zerops. | Local `workingDir`. |
+| Dev server | Remote setup can run or inspect remote dev processes. | Your local tool owns the dev server. |
+| Env bridge | Env vars are already available in Zerops. | `.env` generation resolves Zerops references for local use. |
+| Git | Workspace-managed credentials. | User's local git credentials. |
+| Git | Workspace-managed credentials. | User's local git credentials. |
+
+## Confirmation gates
+
+Two operations require explicit care:
+
+- **Service deletion** requires explicit user approval in the current conversation, by service name.
+- **Destructive import override** first refuses and names what would be replaced; a second call must acknowledge the same targets.
+
+See [Tokens and credentials](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions) for the user-facing confirmation flow.
+
+## Related reference
+
+- [Workflows in depth](/zcp/reference/agent-workflow) - how a generated-workflow run uses these tools.
+- [Troubleshooting](/zcp/reference/troubleshooting) - evidence order when a run gets stuck.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, and confirmation gates.
+
+
+----------------------------------------
+
+# Zcp > Reference > Troubleshooting
+
+
+Use troubleshooting when the agent is confused, a session was interrupted, deploy keeps failing, verification does not match the final answer, or you are taking over manually.
+
+Start from current state, not chat memory:
+
+```text
+Read current project status and tell me where things stand before changing anything.
+```
+
+That should make the agent read live services, saved workflow state, recent deploys, logs, events, and verification output before it edits anything else.
+
+## Find where the run is stuck
+
+| Stuck point | Ask for | What you should get |
+| ----------- | ------- | ------------------- |
+| Agent lost context | Current project status and services in scope. | Runtime target, managed services, last deploy, last verify result, and any saved workflow state. |
+| Service setup is unclear | Runtime target and dependency plan. | Which existing services will be used, which missing services are needed, and what needs human approval. |
+| Deploy failed | Failure category plus build logs, runtime logs, and recent service events. | A cause or next diagnostic step, not another blind deploy. |
+| Runtime is reachable but app behavior fails | The failing behavior check and request-time runtime logs. | Endpoint/UI/job/data evidence tied to the product request. |
+| Local app cannot reach services | VPN state, generated `.env`, and selected runtime/setup. | Whether MCP auth works separately from private service access. |
+| Delivery is ambiguous | Delivery mode, git-push state, build integration, or handoff note. | What will happen after proof: direct deploy, git push, CI, package, or production handoff. |
+| Delivery is ambiguous | Delivery mode, git-push state, build integration, or handoff note. | What will happen after proof: direct deploy, git push, CI, package, or production handoff. |
+
+Useful prompt:
+
+```text
+Show me the runtime in scope, failure category, evidence read, fixes tried, and the next decision needed.
+```
+
+## Evidence order
+
+The useful evidence depends on the failure category surfaced by deploy or verify tools.
+
+| Category | Read first | Avoid |
+| -------- | ---------- | ----- |
+| `build` | Build logs, build commands, dependency manifests, deploy file list. | Runtime logs; the runtime did not start yet. |
+| `start` | Prepare/runtime logs, start command, ports, env references. | Rebuilding without checking why the process exited. |
+| `verify` | Failing check detail, HTTP response, request-time runtime logs, stored state. | Calling a green deploy "done" before behavior passes. |
+| `network` | VPN, SSH, DNS, subdomain readiness, service status, transport error. | Editing app code before proving connectivity. |
+| `config` | Field-level rejection, `zerops.yaml`, setup name, env references, service settings. | Guessing from service names or dashboard memory. |
+| `credential` | The named credential surface: `ZCP_API_KEY`, git, SSH, managed-service, CI, or external API. | Rotating unrelated secrets. |
+| `other` | Raw events/logs and the exact phase that failed. | Repeating the same attempt after the same unknown reason. |
+| `other` | Raw events/logs and the exact phase that failed. | Repeating the same attempt after the same unknown reason. |
+
+Failure categories come from the deploy/verify evidence surface. They are not a verdict; they tell the agent where the next useful signal is.
+
+## Local setup checks
+
+Local setup has two separate connections:
+
+- MCP uses `ZCP_API_KEY` to talk to the Zerops API.
+- Your local app and shell use `zcli vpn up` to reach private service hostnames such as `db` or `cache`.
+
+That means MCP can work while the app cannot reach the database.
+
+| Symptom | Check |
+| ------- | ----- |
+| Agent does not list the `zerops` MCP server. | Relaunch the agent from the directory containing `.mcp.json`. |
+| MCP startup says the token reaches multiple projects. | Replace `ZCP_API_KEY` with a single-project token. |
+| Re-running `zcp init` made MCP disappear. | Re-add the `ZCP_API_KEY` env block to `.mcp.json` and restart the agent. |
+| Local app cannot reach `db`, `cache`, or storage hostnames. | Run `zcli vpn up <project-id>` again. |
+| Local app reads stale credentials. | Regenerate `.env`; it is a snapshot, not a live sync. |
+| `zcp` is not found after install. | Add `~/.local/bin` or the install target to `PATH`, then restart the shell/agent. |
+| `zcp` is not found after install. | Add `~/.local/bin` or the install target to `PATH`, then restart the shell/agent. |
+
+For local setup details, use [Run locally](/zcp/setup/local-agent-bridge).
+
+## Manual takeover
+
+If you take over from the agent, read evidence in this order:
+
+1. Service list and runtime target.
+2. Service-scoped events for the runtime in question.
+3. Build logs for build failures, runtime logs for start or request failures.
+4. Verify output for reachability and requested behavior.
+5. Git history only when delivery uses git-push or CI.
+
+Do not inspect every service first. Start with the runtime in scope and expand only when the evidence points to a dependency.
+
+## When to stop
+
+Stop the loop when:
+
+- the same failure repeats without new evidence,
+- the agent needs an external credential,
+- the target runtime or stage choice is ambiguous,
+- a destructive action would delete or replace a service,
+- production release authority is needed,
+- the request no longer fits the current project layout.
+
+A blocker is acceptable only when it names the runtime in scope, failure category, evidence read, fixes attempted, and the human decision or credential still needed.
+
+Before destructive recovery, read service-scoped events, logs, deploy/verify result, and git history when delivery uses git-push. Token scope and destructive confirmations are covered in [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+
+----------------------------------------
+
+# Zcp > Security > Production Policy
+
+
+Use the MCP setup in development or staging. Keep production in a separate Zerops project without a `zcp` service. Production deploys should come from CI, a release pipeline, or a deliberate human `zcli` push using production credentials.
+
+Zerops does not prevent you from adding `zcp` to production. The policy exists because ZCP MCP gives a coding agent operational access. In production, that is the wrong blast radius for normal app development.
+
+The production boundary does not make ZCP output disposable. The intended path is production-shaped dev or stage infrastructure, verified behavior, and then a controlled production release outside the agent loop.
+
+## Recommended project layout
+
+| Project                       | Contains                                                                                                | Who operates it                |
+| ----------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------------ |
+| Development / staging project | `zcp` service, agent workspace, dev runtime, optional stage runtime, non-production managed services    | Agent plus humans              |
+| Production project            | Production runtimes, production managed services, production env values, production backups and scaling | CI/release process plus humans |
+| Production project            | Production runtimes, production managed services, production env values, production backups and scaling | CI/release process plus humans |
+
+The two projects use different Zerops tokens. A development token cannot reach production. A production token should not be placed in the development `zcp` service or a local `.mcp.json` used by the agent.
+
+## Why production is a separate project
+
+- **The Zerops project is the security boundary.** ZCP binds to one project at startup. Keeping production separate prevents a development agent from touching it by accident.
+- **Secrets stay clean.** Production env values, database credentials, object-storage keys, and third-party secrets stay in the production project.
+- **Operational policies can differ.** Production often needs HA services, stronger backup retention, stricter scaling, alerts, and release approvals. Development can stay cheaper and more flexible.
+- **Audit trails stay readable.** Development experiments and agent retries do not mix with production deploy evidence.
+
+This separation matters even when the same source repository deploys to both projects.
+
+## What stage proves
+
+Stage is the production-like rehearsal inside development or staging. It is where the agent proves the change before the release leaves the ZCP loop.
+
+Use stage to match production where it matters:
+
+- same runtime family and version,
+- same managed service types,
+- same build and start command pattern,
+- same deploy route,
+- behavior checks against a real running service.
+
+Stage is not production. It should use non-production data and non-production secrets. A green stage means the change is ready for release, not that the agent should deploy to production itself.
+
+## The release
+
+After stage verifies, ZCP's job is done for that change. The production release happens outside the agent loop:
+
+- CI deploys a merged commit or release tag to the production project.
+- A release pipeline runs `zcli push` with a production-scoped `ZEROPS_TOKEN`.
+- A human runs `zcli push` against the production project with production credentials.
+
+The agent can prepare the handoff by pushing code, summarizing verification evidence, and naming the runtime and URL it verified. It should not bridge development to production.
+
+For the practical workflow, see [Promote to production](/zcp/workflows/promote-to-production).
+
+## Credential rules
+
+| Credential                          | Production policy                                                                                        |
+| ----------------------------------- | -------------------------------------------------------------------------------------------------------- |
+| Development `ZCP_API_KEY`           | Never grants production access. Keep it scoped to the development/staging project.                       |
+| Production `ZEROPS_TOKEN`           | Store only in the production CI/release secret store. Do not place it in the development `zcp` service.  |
+| Agent subscription or model API key | May be used by the agent, but it does not grant Zerops production access by itself.                      |
+| Git credentials                     | May push source changes, but production deploy authority should stay with the release process.           |
+| Git credentials                     | May push source changes, but production deploy authority should stay with the release process.           |
+
+If a production deploy fails, investigate in the production project with production logs, events, backups, and CI output. Do not attach the development agent directly to production as a shortcut.
+
+## Production separation rules
+
+| Rule                                                              | Why it matters                                                                        |
+| ----------------------------------------------------------------- | ------------------------------------------------------------------------------------- |
+| Keep the production project without a `zcp` service               | Production should not host an agent workspace with operational access.                |
+| Keep production tokens out of local `.mcp.json`                   | Local agents should operate development or staging projects, not production.          |
+| Keep production `ZEROPS_TOKEN` in the release secret store        | Development tooling should not deploy to production outside the release process.      |
+| Treat stage proof as release evidence, not production approval    | Stage is the rehearsal; production approval is a separate release decision.           |
+| Promote through CI, release tooling, or a deliberate human action | Production execution should use production credentials.                               |
+| Promote through CI, release tooling, or a deliberate human action | Production execution should use production credentials.                               |
+
+## Acceptable agent involvement
+
+The agent can still help before the production release:
+
+- make the code change in development,
+- deploy and verify dev/stage runtimes,
+- produce the URL, endpoint result, or UI proof it verified,
+- push or prepare the branch your team uses for review,
+- summarize release notes and known blockers for the human or CI handoff.
+
+ZCP's involvement stops at the handoff. Production execution belongs to the release process.
+
+## Related security
+
+- [Promote to production](/zcp/workflows/promote-to-production) - practical production release paths after ZCP proof.
+- [Trust model](/zcp/security/trust-model) - the boundary that makes this policy enforceable.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - production and development credentials stay separate.
+
+
+----------------------------------------
+
+# Zcp > Security > Tokens And Project Access
+
+
+ZCP uses a Zerops API token to operate exactly one project. The important rule is simple: `ZCP_API_KEY` is the Zerops credential for ZCP, not an agent login, not a git token, and not a general account token.
+
+Remote setup gets `ZCP_API_KEY` from Zerops. Local setup reads it from `.mcp.json`. In both setups, ZCP validates the token at startup and refuses tokens that resolve to no project or multiple projects.
+
+## Credential map
+
+| Name                         | What it authorizes                           | Where it belongs                                                            |
+| ---------------------------- | -------------------------------------------- | --------------------------------------------------------------------------- |
+| `ZCP_API_KEY`                | ZCP against one Zerops project               | Remote: `zcp` service env injected by Zerops. Local: `.mcp.json` env block. |
+| Agent login or model API key | The coding agent itself                      | The bundled agent in remote setup, or your local agent client.              |
+| `GIT_TOKEN`                  | Git push from remote setup to a git provider | Secret env var on the `zcp` service when remote git-push delivery needs it. |
+| `ZEROPS_TOKEN`               | `zcli` in GitHub Actions or external CI      | Separate Zerops delivery token stored in the CI/release secret store.       |
+| `ZEROPS_TOKEN`               | `zcli` in GitHub Actions or external CI      | Separate Zerops delivery token stored in the CI/release secret store.       |
+
+Keeping these names separate prevents most setup and delivery failures.
+
+## Recommended `ZCP_API_KEY` shape
+
+Use a Zerops API token with **Custom access per project**, exactly one selected project, and **Full access** for normal agent work.
+
+Read-only tokens can authenticate, but they fail as soon as the agent needs to deploy, write env vars, restart services, scale, or change public access. Account-wide or multi-project tokens are refused before the agent can operate.
+
+To generate the token:
+
+1. Open [Settings -> Access Tokens Management](https://app.zerops.io/settings/token-management).
+2. Create a token and name it for the project, for example `zcp-<project-slug>`.
+3. Choose **Custom access per project**.
+4. Add exactly one project.
+5. Set that project to **Full access** for normal ZCP MCP work.
+6. Create the token and copy the value. Zerops shows it only at creation time.
+
+The token's blast radius equals the project and its granted permissions. Other projects, organization settings, and billing stay out of reach. Zerops [Roles & Permissions](/features/rbac#integration-tokens) remain the platform authority.
+
+## Rejected token shapes
+
+ZCP validates token shape at startup.
+
+| Token shape                         | What happens                                | Fix                                                                  |
+| ----------------------------------- | ------------------------------------------- | -------------------------------------------------------------------- |
+| Account-wide or multi-project token | ZCP refuses to start.                       | Generate a token scoped to exactly one project.                      |
+| Token with no project access        | ZCP refuses to start.                       | Grant one project or create a new single-project token.              |
+| Expired or revoked token            | ZCP refuses to start or receives HTTP 401.  | Replace the token and restart the agent or ZCP process.              |
+| Read-only project token             | Startup may pass, but mutations fail later. | Use full access for normal agent work, or expect read-only behavior. |
+| Read-only project token             | Startup may pass, but mutations fail later. | Use full access for normal agent work, or expect read-only behavior. |
+
+Common messages:
+
+| Message                                                        | Meaning                                           |
+| -------------------------------------------------------------- | ------------------------------------------------- |
+| `Token accesses N projects; use project-scoped token`          | The token can see more than one project.          |
+| `Token has no project access`                                  | The token authenticates but reaches no project.   |
+| `No authentication found: set ZCP_API_KEY or log in with zcli` | The `zcp` process did not receive a usable token. |
+| `AUTH_TOKEN_EXPIRED` or HTTP 401                               | The token expired, was revoked, or is invalid.    |
+| `AUTH_TOKEN_EXPIRED` or HTTP 401                               | The token expired, was revoked, or is invalid.    |
+
+For ZCP MCP setup, provide `ZCP_API_KEY`. `zcli` login is a diagnostic fallback, not the normal agent setup.
+
+## Where the token lives - remote vs local {#where-the-token-lives--remote-vs-local}
+
+ZCP reads `ZCP_API_KEY` from its process environment at startup. It does not write the token somewhere else or exchange it for a derived credential.
+
+| Setup                                        | Where `ZCP_API_KEY` comes from                          | Who provisions it                                        |
+| -------------------------------------------- | ------------------------------------------------------- | -------------------------------------------------------- |
+| [Remote setup](/zcp/setup/hosted-workspace)  | The `zcp` service environment                           | Zerops injects it automatically when the service starts. |
+| [Local setup](/zcp/setup/local-agent-bridge) | The `env` block of `.mcp.json` in the app directory     | You add it after `zcp init`.                             |
+| [Local setup](/zcp/setup/local-agent-bridge) | The `env` block of `.mcp.json` in the app directory     | You add it after `zcp init`.                             |
+
+In remote setup, do not hand-edit `ZCP_API_KEY`. Replace or rotate it through the Zerops-managed surface so the service keeps the intended project boundary.
+
+In local setup, `zcp init` writes a token-less `.mcp.json`. Add the token manually:
+
+```json
+{
+  "mcpServers": {
+    "zerops": {
+      "command": "zcp",
+      "args": ["serve"],
+      "env": {
+        "ZCP_API_KEY": "<your-single-project-token>"
+      }
+    }
+  }
+}
+```
+
+Add `.mcp.json` to `.gitignore`. Each app directory should have its own file and token. Switching projects means switching directories, not editing one shared credential.
+
+## Agent credentials are separate
+
+The bundled agent in remote setup may ask you to sign in or provide a model API key. That is not `ZCP_API_KEY`.
+
+Zerops wires the agent to ZCP. It does not provide your model subscription, store your agent login, or rotate your agent provider credentials. Treat the agent account exactly as you would outside Zerops.
+
+## Git and CI credentials
+
+`GIT_TOKEN` matters only when remote setup pushes to a git remote. It authorizes git provider access from the `zcp` service. In local setup, your local git CLI uses your normal SSH key or credential helper, so ZCP does not need `GIT_TOKEN`.
+
+`ZEROPS_TOKEN` is a Zerops API token used by GitHub Actions or another CI system when that system runs `zcli` against Zerops. It is not a GitHub token. Use a separate delivery token so ZCP sessions and CI/release workflows can be named, rotated, and audited independently.
+
+For production delivery, `ZEROPS_TOKEN` should reach production only and live only in the production CI or release secret store.
+
+With GitHub CLI, the secret shape is:
+
+```bash
+gh secret set ZEROPS_TOKEN -b "$ZEROPS_DELIVERY_TOKEN"
+```
+
+Use the GitHub UI or your CI secret manager instead if your team does not allow local CLI secret writes.
+
+## Rotation
+
+Rotate in the Zerops dashboard, then update the surface that consumes the token.
+
+| Surface              | Rotation step                                                                                                                            |
+| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- |
+| Remote `ZCP_API_KEY` | Reconfigure or redeploy the remote workspace through the dashboard-managed flow, then restart the `zcp` service so the process gets the new value. |
+| Local `ZCP_API_KEY`  | Paste the new token into `.mcp.json`, then restart the local agent client.                                                               |
+| `ZEROPS_TOKEN` in CI | Replace the repository or CI secret. The next workflow run uses the new value.                                                           |
+| `GIT_TOKEN`          | Replace the git-provider credential stored for remote setup.                                                                             |
+| `GIT_TOKEN`          | Replace the git-provider credential stored for remote setup.                                                                             |
+
+Rotation is picked up on the next process start or CI run, not in the middle of a live agent session.
+
+## What ZCP enforces for destructive actions
+
+A valid token does not remove every guardrail. ZCP MCP adds explicit confirmation for operations where the loss is not safely reversible from inside the conversation.
+
+| Operation                                                 | Gate                                                                                                                                                   |
+| --------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| Service deletion                                          | Requires explicit approval in the same conversation, including the service name. Remote setup also blocks deleting the `zcp` service it is running in. |
+| Wholesale service replacement after failed deploy history | The first request refuses, surfaces what would be replaced, and requires the agent to read failure evidence before asking you to confirm.              |
+| Wholesale service replacement after failed deploy history | The first request refuses, surfaces what would be replaced, and requires the agent to read failure evidence before asking you to confirm.              |
+
+Deploys, env changes, lifecycle actions, restarts, scaling, and public-access changes do not get an additional ZCP-specific confirmation gate. They are normal operations for a full-access token and should be reviewed through service events, logs, verification output, and team policy.
+
+Approval from a previous chat does not carry forward. A new conversation needs a new approval.
+
+## Evidence before destructive recovery
+
+When a service has recent failure history, ZCP enforces one recovery rule: read the platform evidence before destroying or replacing the service.
+
+The agent should inspect service events, build logs, runtime logs, and failure summaries, then either fix the cause or show you the evidence before asking for destructive confirmation. The point is to preserve the failure context the next session needs.
+
+A service waiting for first code deploy is not the same thing as a failed service. The gate is about recorded failure history, not idle state.
+
+Threat model and boundaries: [Trust model](/zcp/security/trust-model).
+
+## Credential checks
+
+- **Account-wide full-access tokens are refused.** ZCP needs one project, not a broad account credential.
+- **`zcp init` regenerates `.mcp.json`.** Re-add `ZCP_API_KEY` after rerunning it.
+- **`GIT_TOKEN` is not `ZCP_API_KEY`.** One authorizes git provider access; the other authorizes Zerops operations.
+- **`ZEROPS_TOKEN` in GitHub Actions is not a GitHub PAT.** It is a Zerops API token for `zcli`.
+- **A rotated token needs a restart.** The live ZCP process keeps the old environment value until it starts again.
+- **A successful confirmation is still destructive.** Backups, git history, and service events are your recovery evidence; ZCP does not auto-rollback a confirmed deletion or replacement.
+
+## Related pages
+
+- [Trust model](/zcp/security/trust-model) - the access boundary this page enforces.
+- [What remote workspace gives you](/zcp/setup/hosted-workspace) - automatic token injection.
+- [Run locally](/zcp/setup/local-agent-bridge) - local `.mcp.json` token setup.
+- [Production boundary](/zcp/security/production-policy) - why production gets separate credentials.
+- [GitHub integration](/references/github-integration) - CI secret usage with Zerops.
+
+
+----------------------------------------
+
+# Zcp > Security > Trust Model
+
+
+The trust model starts with one rule: one ZCP process operates one Zerops project. `ZCP_API_KEY` decides that boundary at startup, and ZCP refuses tokens that resolve to no project or multiple projects.
+
+That boundary is strong on the Zerops side. It does not make the agent harmless. A valid token can still deploy, change env vars, restart services, read logs, scale services, and change public access when Zerops permissions allow it. Treat it like an operations credential.
+
+## Boundary summary
+
+| Question                             | Answer                                                                                      |
+| ------------------------------------ | ------------------------------------------------------------------------------------------- |
+| What project can ZCP see?            | Exactly one project resolved from `ZCP_API_KEY` at startup.                                 |
+| What can ZCP change?                 | Whatever Zerops RBAC grants that token inside the project.                                  |
+| What is outside reach?               | Other projects, organization-wide settings, billing, and any operation Zerops RBAC rejects. |
+| What network can remote setup reach? | Private services from inside the `zcp` service.                                             |
+| What network can local setup reach?  | The Zerops API directly, plus private services only when your laptop VPN is up.             |
+| Who owns the agent login?            | You. The agent subscription or model API key is separate from `ZCP_API_KEY`.                |
+| Who owns the agent login?            | You. The agent subscription or model API key is separate from `ZCP_API_KEY`.                |
+
+Zerops [RBAC](/features/rbac) remains the authority. ZCP does not bypass platform permissions; it exposes project operations to the agent only through the token it was given.
+
+## Remote and local blast radius
+
+Remote setup and local setup share the same Zerops boundary, but not the same surroundings.
+
+| Area                       | Remote setup                                                                 | Local setup                                                     |
+| -------------------------- | ---------------------------------------------------------------------------- | --------------------------------------------------------------- |
+| Agent location             | Inside the `zcp@1` service when **Include Coding Agent** is enabled          | On your machine through your editor or CLI agent                |
+| Files visible to the agent | Workspace files and mounted runtime files                                    | Local files and anything your client permits                    |
+| Private service access     | Private network without laptop VPN                                           | `zcli vpn up <project-id>` from your machine                    |
+| Local machine exposure     | No direct access to your laptop                                              | Agent client runs as your local user                            |
+| Best safety posture        | Keep ZCP in a development/staging project and avoid mounting unrelated files | Restrict client permissions, shell access, and filesystem scope |
+| Best safety posture        | Keep ZCP in a development/staging project and avoid mounting unrelated files | Restrict client permissions, shell access, and filesystem scope |
+
+Remote setup is contained inside Zerops by design. Local setup is supervise-the-client by design. Either can be right, but local setup requires more attention to your agent client's local permissions.
+
+## Credential ownership
+
+There are three separate credential surfaces people often mix together:
+
+| Credential                          | Owner                        | Purpose                                                |
+| ----------------------------------- | ---------------------------- | ------------------------------------------------------ |
+| `ZCP_API_KEY`                       | Zerops token                 | Lets ZCP operate one Zerops project.                   |
+| Agent subscription or model API key | You / the agent provider     | Lets the coding agent run. Zerops does not provide it. |
+| Git or CI credentials               | You / your repository system | Lets finished work push to git or deploy through CI.   |
+| Git or CI credentials               | You / your repository system | Lets finished work push to git or deploy through CI.   |
+
+In both setups, the agent account is still authenticated through the agent's own login flow. For where each credential lives (remote injection vs `.mcp.json`), rotation, rejected token shapes, and `GIT_TOKEN` / `ZEROPS_TOKEN`, see [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## What the token lets the agent do
+
+The agent can perform normal operational work when the token has permission:
+
+- discover runtime and managed services,
+- create or adjust services when the task requires it,
+- read and write service env vars,
+- deploy app code to runtime services,
+- read build logs, runtime logs, and service events,
+- restart, reload, stop, start, or scale services,
+- enable or disable public access,
+- prepare delivery such as git push or CI handoff.
+
+This is why development and staging projects are the right place for ZCP. Production should be a separate project without a `zcp` service; see [Production boundary](/zcp/security/production-policy).
+
+## Remote setup specifics
+
+- **`zcp` service is not the app.** It is the workspace and control surface. Deploys target app runtimes, not the `zcp` service.
+- **The service has operational reach.** A terminal in the `zcp` service can use the same ZCP access as the agent. Review the dashboard's additional changes before deploying the service; they are what give the workspace its operating surface.
+- **Network reach is broader than file reach.** The workspace can reach private services, but it only sees runtime files that are mounted into it.
+- **Do not hand-edit `ZCP_API_KEY`.** Remote setup gets the value from Zerops. Manual replacement can break the intended one-project boundary.
+
+## Local setup specifics
+
+- **The agent inherits local reach.** ZCP MCP is limited to one project, but the local agent client can read files, run commands, and use credentials allowed by your client settings.
+- **Each local directory has its own config.** `.mcp.json` and `.zcp/state/` belong to one app directory. Launching from the wrong directory can connect the wrong token or no token.
+- **VPN is outside MCP authority.** Bringing up Zerops VPN needs your operating-system approval. The tools cannot grant that for the agent.
+- **`.env` files are snapshots.** They contain real project credentials and should stay out of git.
+
+## Human confirmation gates
+
+Most project operations do not get an extra ZCP-specific confirmation prompt. Deploys, env changes, restarts, scaling, and public-access changes are normal project operations and are audited through platform evidence.
+
+ZCP MCP adds hard gates where the loss is not safely reversible from the conversation: **service deletion** (explicit same-conversation approval by service name; remote setup also blocks deleting the `zcp` service it is running in) and **wholesale service replacement after failed deploy history** (refuse-then-acknowledge with failure evidence first). Approval from an old chat does not carry forward. The full enforcement rules are in [Tokens and credentials → What ZCP enforces for destructive actions](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions).
+
+## Audit evidence
+
+Zerops records platform-side evidence. It does not record the agent's private reasoning, every shell edit, browser-helper action, or prompt history outside your agent client.
+
+When taking over from an agent, read evidence in this order:
+
+1. service-scoped events,
+2. build logs,
+3. runtime logs,
+4. deploy and verification output,
+5. git history when delivery uses git-push.
+
+| Surface        | What it proves                                                            | What it does not prove                       |
+| -------------- | ------------------------------------------------------------------------- | -------------------------------------------- |
+| Service events | Deploy lifecycle, failures, restarts, scaling, and public-access changes. | The exact source edit that caused the event. |
+| Build logs     | Dependency install, build commands, compile/package failures.             | Runtime request behavior after deploy.       |
+| Runtime logs   | Start crashes, port binding, request-time app errors.                     | Why the build failed.                        |
+| Verify output  | Whether reachability and requested behavior passed.                       | That unrelated app flows work.               |
+| Git history    | Source changes pushed during git-push delivery.                           | Uncommitted shell edits.                     |
+| Git history    | Source changes pushed during git-push delivery.                           | Uncommitted shell edits.                     |
+
+Filter by service hostname when possible. Project-level timelines can include unrelated services and older failures.
+
+## Related security
+
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, rotation, and confirmation gates.
+- [Remote or local setup](/zcp/setup/choose-workspace) - compare blast radius before setup.
+- [Production boundary](/zcp/security/production-policy) - keep production outside the agent loop.
+
+
+----------------------------------------
+
+# Zcp > Setup > Choose Workspace
+
+
+Use this page to decide where the agent workspace lives: inside Zerops, or on your machine beside the local app directory.
+
+Both setups connect the agent to one Zerops project and the same project-scoped operations. The tradeoff is where the agent works: filesystem ownership, private-service access, credential location, bundled tooling, and shell blast radius. The runtime layout is a separate app-work decision.
+
+## What you are choosing
+
+**Remote setup** always includes the `zcp@1` workspace service. If the chosen **runtime layout** has a development runtime, the agent works with that service too.
+
+**Local setup** does not need the workspace service or a separate development runtime. It runs beside your **local source tree** and deploys to the Zerops runtime you choose to link.
+
+Remote setup is the **safer default** for broader agent autonomy because the agent shell, private networking, and workspace files stay **inside Zerops** instead of on your machine. Use local setup when local files, data, desktop tools, git credentials, or a **local-only agent client** need to stay local.
+
+## Setup comparison
+
+|                         | Remote setup                                      | Local setup                                  |
+| ----------------------- | ------------------------------------------------- | -------------------------------------------- |
+| Workspace service       | Always has `zcp@1`.                               | Not required.                                |
+| Development runtime     | Only if the runtime layout includes one.          | Not required for local work.                 |
+| `zcp` process           | Runs in Zerops.                                   | Runs on your machine.                        |
+| Agent process           | Runs in the remote workspace.                     | Runs in your local editor or CLI.            |
+| Files the agent edits   | Workspace files and mounted runtime files.        | Files on your machine.                       |
+| Private service access  | Private Zerops network from the workspace.        | Zerops VPN from your machine.                |
+| Token storage           | Injected into the workspace service.              | `.mcp.json` in the local app directory.      |
+| Git credentials         | Configured inside the workspace service.          | Your local git credentials.                  |
+| Safety posture          | Broad agent shell permissions stay in Zerops.     | Agent shell permissions affect your machine. |
+| Safety posture          | Broad agent shell permissions stay in Zerops.     | Agent shell permissions affect your machine. |
+
+## Starting points
+
+Remote setup can start from:
+
+- **Recipe with AI Agent environment.** A guided path for a known stack. A recipe creates app services, managed services, and the `zcp@1` workspace together.
+- **New Zerops setup with remote setup enabled.** Start from blank services or a custom stack and add the `zcp@1` service during creation.
+- **Existing development or staging setup.** Add the `zcp` workspace next to services that already exist. Do not add ZCP to production; promote verified work through your release process instead.
+
+Local setup can start from:
+
+- **Empty local directory.** The agent creates the app structure from a product request and uses ZCP to select or create Zerops services.
+- **Existing app directory.** The app code, editor setup, local data, and git credentials already live on your machine.
+- **Recipe prepared for local setup.** The recipe creates the Zerops service baseline, while the agent and files stay local.
+
+## Runtime layout is separate
+
+Remote or local only answers where the agent and `zcp` process run. The project can still use:
+
+- one mutable dev runtime,
+- a dev + stage pair,
+- a single app runtime,
+- local files linked to a stage target.
+
+That choice belongs to app work: [Build and ship](/zcp/workflows/build-with-zcp#choose-the-runtime-layout).
+
+Stage is not production. Keep production in a separate Zerops project and promote work through your release process; see [Production boundary](/zcp/security/production-policy).
+
+## Switching later
+
+Remote and local setup are not permanent, but switching is a handoff between workspaces, not a sync operation. Before switching, make the handoff explicit:
+
+- Preserve the current source tree through git or another explicit copy path.
+- Choose one deploy source for the next task: the remote workspace, mounted runtime files, or the local app directory.
+- Do not edit mounted runtime files and a local repo in parallel unless you have a merge plan.
+- Regenerate local `.env` snapshots after Zerops env changes.
+- If the local deploy target changed, have the agent inspect the current local link before deploying.
+
+## Next steps
+
+- [What remote workspace gives you](/zcp/setup/hosted-workspace) - remote setup, Browser VS Code, bundled agent CLI, and workspace persistence.
+- [Run locally](/zcp/setup/local-agent-bridge) - local install, `zcp init`, `.mcp.json`, VPN, env snapshots, and deploy target linking.
+- [Trust model](/zcp/security/trust-model) - how the safety boundary changes between remote setup and local setup.
+
+
+----------------------------------------
+
+# Zcp > Setup > Hosted Workspace
+
+
+A remote workspace puts the agent, terminal, and optional browser IDE inside Zerops, next to private networking and ZCP access.
+
+The `zcp@1` service runs the same `zcp` binary used by local setup, but broad shell permissions and private service access stay in a clean Zerops service instead of on your laptop.
+
+Use remote setup when you want the default workspace, a safer boundary for broad agent permissions, or a preconfigured environment with Claude Code and Browser VS Code.
+
+App code still deploys to your app runtime services. The `zcp` service is the workspace and control surface; it is not the application runtime.
+
+Taking over is straightforward in this setup. You open the same workspace, terminal, files, and workflow status the agent used, then continue, inspect, or stop the work from there.
+
+## What it includes
+
+- **`zcp@1` workspace service.** Runs ZCP inside Zerops and gives the agent project-scoped operations.
+- **Platform-injected `ZCP_API_KEY`.** Zerops injects the token into the workspace; you normally do not set it by hand.
+- **Bundled Claude Code when enabled.** The **Include Coding Agent** option installs and preconfigures Claude Code. You authenticate with your own Claude subscription login or API key.
+- **Browser VS Code when enabled.** The **Cloud IDE** option gives you a browser editor, terminal, and a place to supervise or take over the agent session.
+- **Private networking.** The workspace can reach managed services by hostname without laptop VPN.
+- **Open workspace model.** You can add other agent CLIs, private MCP servers, helper processes, dotfiles, package installs, or a derived team image.
+
+For the local alternative, see [Run locally](/zcp/setup/local-agent-bridge). For the tradeoffs, see [Remote or local setup](/zcp/setup/choose-workspace).
+
+## Choose a starting point
+
+### First-time trial
+
+Use the [Quickstart](/zcp/quickstart) when you want the guided recipe route. It covers the recipe catalog, **AI Agent** environment, Claude Code authentication, Browser VS Code, first product prompt, and proof.
+
+After provisioning, continue with a product prompt in [Build and ship](/zcp/workflows/build-with-zcp).
+
+### Recipe with AI Agent environment
+
+Use this when you want a guided stack baseline for development or staging. A recipe with an **AI Agent** environment creates app services, managed services, and the `zcp@1` workspace together.
+
+Keep **Coding Agent** enabled when you want bundled Claude Code. Keep **Cloud IDE** enabled when you want Browser VS Code.
+
+### New Zerops setup with remote setup enabled
+
+Use this when you want blank services or a custom stack.
+
+1. Open [Add new project](https://app.zerops.io/dashboard/project-add).
+2. Enter the project name, region, and tags.
+3. Enable the `zcp@1` remote setup service.
+4. Keep **Include Coding Agent** enabled if you want bundled Claude Code.
+5. Keep **Cloud IDE** enabled if you want browser VS Code.
+6. Create the project.
+
+This gives you the `zcp@1` workspace. App runtimes and managed services may still be created later by normal ZCP app work.
+
+### Existing development or staging setup
+
+Use this when runtime or managed services already exist in development or staging. Do not add `zcp` to production; promote verified work through your release process.
+
+Add a `zcp` service from the dashboard the same way you add another Zerops service. The workspace appears next to the existing services and receives ZCP access from the platform.
+
+The agent should still read current state before changing anything. Existing services are context, not instructions for the next task.
+
+## Open the workspace
+
+For a returning remote workspace, open the existing `zcp` service:
+
+1. Open the project in the [Zerops dashboard](https://app.zerops.io/).
+2. Open the `zcp` service.
+3. Use **Browser VS Code** when **Cloud IDE** is enabled.
+4. Complete the Claude Code login or API-token flow if prompted.
+
+After authentication, Claude Code is connected to ZCP and ready to work from the Browser VS Code terminal. If the workspace was already authorized, use the same route to resume, supervise, or take over work.
+
+First load can take a minute while the image, Cloud IDE, and bundled agent finish starting. If the page opens before the service is ready, wait until the service is running and reload.
+
+## Use your own editor or tools
+
+Browser VS Code is the quickest entry point, not the only one.
+
+Editors that support remote development can connect to the workspace or runtime services over SSH, depending on how your team wants to work. Common options include VS Code Remote SSH, JetBrains Gateway, Cursor, Zed, and plain SSH.
+
+This keeps the agent and private network inside Zerops while letting you use a desktop editor UI. Broader editor patterns live in [Local & Remote Development](/features/local-remote-development#native-ide-over-ssh).
+
+You can also install another agent CLI or additional MCP servers inside the `zcp` service. The bundled Claude Code flow is a convenience, not a closed product boundary.
+
+## Advanced customization guardrails
+
+Tools installed inside the `zcp` service may see workspace environment variables, private networking, and any runtime files mounted into the workspace. Use trusted and pinned tools. Keep model credentials, git delivery tokens, external API keys, and production credentials out of the workspace unless the current task explicitly needs them.
+
+## What belongs where
+
+| Concern              | Where it belongs                                                                                                            |
+| -------------------- | --------------------------------------------------------------------------------------------------------------------------- |
+| Agent workspace      | The `zcp@1` service: agent CLI, browser VS Code, shell tools, MCP servers, helper processes, dotfiles.                      |
+| App code deploys     | Your app runtime services; not the `zcp` workspace service.                                                                 |
+| `ZCP_API_KEY`        | Injected by Zerops into the `zcp` workspace.                                                                                |
+| Agent account        | Your Claude subscription login or model API credential. Zerops wires the agent to ZCP, but the agent account remains yours. |
+| Git credentials      | Configured inside the workspace when the agent should commit or push from remote setup.                                     |
+| Production release   | A separate production project and release process.                                                                          |
+| Production release   | A separate production project and release process.                                                                          |
+
+## Runtime file access
+
+Remote setup can mount runtime service filesystems into the `zcp` workspace after the first setup pass. Each mounted runtime appears as its own folder. Editing a mounted file changes the file inside that runtime service, with no upload step from your laptop.
+
+Filesystem reach is narrower than network reach. The workspace can reach services over the private network, but it only sees runtime files mounted into it.
+
+## Make customization persistent
+
+The `zcp@1` service is a normal Zerops service. One-off shell installs disappear when the service is rebuilt unless you make them part of the service setup.
+
+Use these patterns:
+
+- **Small additions:** put package installs, dotfiles, or bootstrap scripts into service init commands.
+- **Team-standard workspace:** build a derived image based on `zcp@1` with required tools already present.
+- **Helper processes:** run private helpers next to the agent and editor workspace when your team needs internal integrations.
+
+Keep app runtime build steps with the runtime services. The remote workspace carries the agent, tools, and ZCP access; runtime services own app builds and deploys.
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) - normal app work after setup.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - how `ZCP_API_KEY`, git credentials, and CI secrets differ.
+
+
+----------------------------------------
+
+# Zcp > Setup > Local Agent Bridge
+
+
+Local setup installs the `zcp` binary on your machine and runs it from the app directory where your agent works.
+
+Use it when the agent should work next to local files, local data, your desktop editor, terminal tools, and git credentials. The MCP server limits Zerops operations to one project, but the agent client runs as your local user, so local approvals and filesystem allowlists matter.
+
+[Remote setup](/zcp/setup/hosted-workspace) is the safer default when the agent does not need local files or tools. Use local setup when local control is the point.
+
+:::warning Public preview
+Local setup has more moving parts than remote setup and may change faster. The binary install path, `.mcp.json` shape, and files written by `zcp init` are still settling between releases.
+:::
+
+## Choose a local starting point
+
+Pick the folder that should own app work:
+
+- **Empty local directory.** Start with no app code yet. The agent can create the app structure and use the MCP tools to select or create Zerops services.
+- **Existing app directory.** Use this when app code, local data, editor setup, test fixtures, and git credentials already live on your machine.
+- **Recipe prepared for local setup.** Use a recipe to create the Zerops service baseline, then run the agent locally from the directory that should own source changes.
+
+After that choice, the mechanics are the same: install `zcp`, run `zcp init`, add `ZCP_API_KEY`, start VPN when private service access is needed, and link a runtime when the agent should deploy.
+
+## What local setup gives the agent
+
+- **Local files as source.** The agent edits the directory on your machine, and deploys use that working directory.
+- **Your editor and terminal.** Framework CLIs, test runners, local data, and local feedback stay under your normal tools.
+- **Your git credentials.** Pushes use your local git CLI, SSH agent, or credential helper.
+- **Zerops operations.** The MCP tools let the agent discover services, generate env snapshots, deploy to linked runtimes, read logs, and verify.
+- **Private service access through VPN.** Your local app and shell reach private service hostnames through `zcli vpn up`.
+
+Security note: local setup cannot protect your laptop from the agent client. Configure approvals as you would for any local coding agent.
+
+## Prerequisites
+
+- A Zerops project. Create one from the [Zerops dashboard](https://app.zerops.io/dashboard/project-add), from a [recipe](https://app.zerops.io/recipes), or use an existing development/staging setup.
+- [zCLI](/references/cli) installed and authenticated on your machine.
+- A compatible local agent client installed and logged in.
+- A **single-project Zerops token**. Multi-project tokens are refused at startup.
+- A local directory where the agent should run.
+
+You do not need MCP just to develop locally against Zerops services as a human. `zcli vpn up` plus your editor is enough. Add MCP when a local coding agent should also understand and operate Zerops.
+
+## 1. Get `ZCP_API_KEY`
+
+The MCP server needs a Zerops API token that reaches exactly one project. For normal agent work, use a full-access token; read-only tokens can authenticate but fail on deploys, env changes, lifecycle actions, and other mutations. Token generation, rejected shapes, and rotation are covered in [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## 2. Install `zcp`
+
+```bash
+curl -sSfL https://raw.githubusercontent.com/zeropsio/zcp/main/install.sh | sh
+```
+
+The installer downloads the latest release for your platform into `~/.local/bin`, or `/usr/local/bin` when run as root. Verify the install:
+
+```bash
+zcp version
+```
+
+If your shell cannot find `zcp`, add the install directory to `PATH` and reload the shell.
+
+## 3. Run `zcp init`
+
+From the local directory the agent should operate:
+
+```bash
+zcp init
+```
+
+`zcp init` writes local MCP config and agent instructions:
+
+- `.mcp.json` - MCP server config for this directory.
+- `CLAUDE.md` - agent instructions for Zerops work.
+- `.claude/settings.local.json` - Claude Code per-project settings when that client is used.
+- `~/.config/zerops/aliases` plus a shell-rc sourcing line - helper aliases for launching the agent here.
+- `.zcp/state/` - workflow state created when MCP first writes local state.
+
+Re-running `zcp init` may refresh generated config. `CLAUDE.md` preserves edits outside managed markers, but `.mcp.json` is regenerated from the token-less template. If you rerun it, re-check the `ZCP_API_KEY` block before launching the agent.
+
+## 4. Add `ZCP_API_KEY`
+
+`zcp init` writes a token-less `.mcp.json`. Add the project token under the `env` block:
+
+```json
+{
+  "mcpServers": {
+    "zerops": {
+      "command": "zcp",
+      "args": ["serve"],
+      "env": {
+        "ZCP_API_KEY": "<your-single-project-token>"
+      }
+    }
+  }
+}
+```
+
+Add `.mcp.json` to `.gitignore`. It contains a live Zerops credential and should not leave the machine. Each app directory should have its own `.mcp.json` and token.
+
+The server name `zerops` is intentional. Do not rename it unless your agent client requires a different name and you understand the prompt/instruction changes.
+
+## 5. Launch the agent from the app directory
+
+Start the agent from the directory that contains `.mcp.json`. The client should list `zerops` as an available MCP server.
+
+Sanity check:
+
+```text
+List the Zerops services through MCP.
+```
+
+A working connection answers with the runtime and managed services. If not, check the launch directory, token scope, and whether the client loaded `.mcp.json`.
+
+## 6. Bring up VPN when private services are needed
+
+The MCP server can talk to the Zerops API without VPN. Your local app, shell, tests, database clients, and framework commands need VPN to reach private hostnames such as `db` or `cache`.
+
+```bash
+zcli vpn up <project-id>
+```
+
+VPN setup needs admin or root approval on macOS and Linux. The tools can tell the agent which command is needed, but they cannot approve or start it for you. After the tunnel is up, service hostnames resolve from your machine; rerun the command when local service connections fail.
+
+## 7. Generate local env when needed
+
+When the local app needs service credentials, ask the agent for the app work and let the tools generate the env bridge. For a standalone check:
+
+```text
+Generate a .env file for my local app from Zerops env references.
+```
+
+Env generation needs `zerops.yaml` in the working directory, the runtime or setup the local app should use, a matching `setup:` entry, and non-empty `run.envVariables` under that setup.
+
+The tools read `run.envVariables`, resolve Zerops references such as `${db_user}`, `${db_password}`, and `${db_hostname}`, and write the resulting values into `.env`. Cross-service references resolve recursively, so a `DATABASE_URL` can land as a complete local connection string.
+
+If those inputs are missing, the agent should fix `zerops.yaml` or ask for the target runtime/setup. It should not invent env values from service names or dashboard memory.
+
+The file is a snapshot, not a live sync. Regenerate it after changing env variables in Zerops. VPN is still required for your local app to use private service hostnames from that `.env`.
+
+Keep `.env` out of git. It contains real connection values.
+
+## 8. Link a deploy target
+
+Local setup needs a Zerops runtime when the agent should deploy from your working directory. A stage runtime is the usual target because it lets local work prove itself before the production release.
+
+If there is exactly one runtime, the agent can use it automatically. If multiple runtimes exist, it should ask which one to link:
+
+```text
+Link this local directory to appstage for deploys.
+```
+
+Without a linked runtime, the tools can still inspect services and generate env snapshots, but local deploys need a target first.
+
+## What stays outside
+
+MCP does not replace your local feedback loop. Vite, Valet, Docker Compose, your IDE runner, framework CLIs, local fixtures, and test data stay under your normal tooling.
+
+Local setup does not mount Zerops runtime filesystems on your laptop. Remote setup can mount runtime files into the workspace; local setup works from files on your machine. To inspect runtime files from your machine, use [SSH](/references/networking/ssh) directly.
+
+The MCP server does not own your git credentials. In local setup, your local git CLI, SSH agent, or credential helper handles pushes.
+
+## Local setup checks
+
+- **Launch directory matters.** Start the agent from the folder that contains `.mcp.json`.
+- **`zcp init` can remove the token from `.mcp.json`.** Re-add `ZCP_API_KEY` after rerunning init.
+- **VPN is separate from MCP auth.** MCP may work while your app still cannot reach `db`.
+- **`.env` generation depends on `run.envVariables`.** If generation fails, check that the working directory has `zerops.yaml`, the selected `setup:` exists, and env entries live under `run.envVariables`.
+- **`.env` is a credential snapshot.** Regenerate after env changes and keep it out of git.
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) - normal app work after setup.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, rotation, and destructive confirmations.
+
+
+----------------------------------------
+
+# Zcp > Workflows > Build With Zcp
+
+
+Use Build and ship for the decisions that shape normal app work. ZCP MCP gives the agent Zerops project state, platform guidance, project-scoped operations, deploy evidence, and recovery rules. You still decide what should be built, where it should run, how strict the acceptance criteria are, and what happens after proof.
+
+```text
+Build a task board.
+Tasks should stay saved after refresh.
+```
+
+A prompt can be that short when the outcome is enough. Add detail when it changes behavior, architecture, stack, runtime layout, acceptance criteria, credentials, delivery, packaging, or the production release.
+
+The expected output is a verified running change, not only generated files. The agent should prove the request against a real runtime, real managed services when used, and the logs, events, and checks that explain what happened.
+
+## The decisions
+
+<div className="zcp-lifecycle-diagram">
+  <div className="zcp-lifecycle-prompt">
+    <span>Product prompt</span>
+    <code>Build a task board...</code>
+  </div>
+  <div className="zcp-lifecycle-down" aria-hidden="true" />
+  <div className="zcp-lifecycle-flow">
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--infra">
+      <h3>1. Runtime layout</h3>
+      <p>Choose where app work should land.</p>
+      <ul>
+        <li>Use existing services</li>
+        <li>Create missing services</li>
+        <li>Pick dev, stage, or linked target</li>
+      </ul>
+    </section>
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--dev">
+      <h3>2. Development</h3>
+      <p>The agent gets current state, Zerops knowledge, deploy evidence, and your product instructions.</p>
+    </section>
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--delivery">
+      <h3>3. After proof</h3>
+      <p>Decide what happens to verified work.</p>
+      <ul>
+        <li>Direct deploy, git, or CI</li>
+        <li>Optional package bundle</li>
+        <li>Production release</li>
+      </ul>
+    </section>
+  </div>
+</div>
+
+You do not run these steps by hand. They are the parts where your intent changes what the agent should do. If you do not specify a choice, the agent should infer from current project state and ask only when the decision changes cost, credentials, runtime layout, delivery, production risk, or destructive behavior.
+
+## 1. Choose the runtime layout {#choose-the-runtime-layout}
+
+When the app runtime and dependencies are unclear, the workflow prepares the layout before feature work starts. It reads current state, uses existing services when they fit, creates missing runtimes or managed services when needed, and stops when the agent knows where app code belongs.
+
+The main user-facing choice is runtime layout. Let the agent infer it from the project, or name it in the prompt when it matters.
+
+| Runtime layout            | Use when                                                                                  | What to tell the agent                                  |
+| ------------------------- | ----------------------------------------------------------------------------------------- | ------------------------------------------------------- |
+| **Dev**                   | You want one mutable runtime for fast iteration, experiments, or early app work.          | `Build a small Node.js API on dev.`                     |
+| **Dev + stage**           | You want a development runtime plus a separate runtime for review or release rehearsal.  | `Build a Node.js API with PostgreSQL on dev+stage.`     |
+| **Stage / linked target** | You work from local files or a single target runtime and want the workflow to use that target. | `Use appstage as the deploy target for this local app.` |
+| **Stage / linked target** | You work from local files or a single target runtime and want the workflow to use that target. | `Use appstage as the deploy target for this local app.` |
+
+The layout is about app runtimes, not where the `zcp` binary runs. Remote setup can use any of these layouts from the `zcp@1` workspace. Local setup usually works from local files into a linked stage or app runtime.
+
+Managed services such as PostgreSQL, Valkey, queues, search, storage, or mail are dependencies. The agent gets their state and wiring patterns, but app code deploys to runtime services.
+
+## 2. Development {#develop-with-live-project-context}
+
+Development is still a normal coding conversation with the agent. You describe the product behavior, stack constraints, acceptance criteria, and anything the agent must not guess.
+
+MCP adds the Zerops side of that conversation: current project state, platform knowledge, project-scoped operations, deploy/log evidence, verification checks, recovery rules, and saved work state. Because of that, you usually do not paste service inventory, env wiring, deploy logs, or a "deploy and verify" checklist into the prompt.
+
+The useful things to name are:
+
+- the behavior you want and how it should be verified,
+- stack, framework, managed-service, or runtime target preferences,
+- whether the agent should inspect or continue existing work first,
+- approval boundaries for cost, credentials, data, production, or destructive actions.
+
+Expect the agent to ask when one of those choices is missing. Otherwise, it should use project context while it works and finish with proof or a blocker.
+
+## 3. Choose delivery after proof {#choose-delivery-after-proof}
+
+Delivery preference is how app work closes after there is a verified result. Include it in the original prompt or set it later.
+
+The first functional deploy is still direct so the agent can prove the app runs. Delivery preference decides what happens after that proof and how later sessions should finish similar work.
+
+| Delivery preference    | What it means                                                                                      | What to tell the agent                                                      |
+| ---------------------- | -------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- |
+| **Keep direct deploy** | The agent keeps deploying directly to the target runtime for fast dev/stage iteration.             | `Keep direct deploy for now.`                                               |
+| **Push to git**        | The agent commits and pushes working changes to the configured repository.                         | `When the app works, push changes to git@github.com:my-org/task-board.git.` |
+| **CI / handoff**       | A repository integration, GitHub Actions workflow, release process, or human owns the next deploy. | `Set up GitHub Actions delivery for future deploys after the app works.`    |
+| **CI / handoff**       | A repository integration, GitHub Actions workflow, release process, or human owns the next deploy. | `Set up GitHub Actions delivery for future deploys after the app works.`    |
+
+The workflow records the delivery choice so later work can follow it. Git credentials, CI secrets, and production credentials are separate from `ZCP_API_KEY`; see [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## 4. Package a verified runtime {#package-a-verified-runtime}
+
+After a runtime is verified, you can ask the agent to prepare it as a re-importable Zerops project bundle. Use this when the app should become a reusable starter, customer handoff, demo project, or clean staging project.
+
+The prompt can be one sentence:
+
+```text
+Package appstage as a buildFromGit import bundle, commit it, and push it to git so I can import it into a fresh Zerops project.
+```
+
+The export workflow prepares `zerops-project-import.yaml` and `zerops.yaml` in the same git repo as the app. The import file contains one runtime with `buildFromGit:` pointing back to that repo, plus managed services needed for Zerops env references to resolve when the bundle is imported into a fresh project.
+
+The agent may still ask which runtime to package, which half of a dev+stage pair to use, how to classify project env vars, or how to configure git push. Once pushed, the target project can import the bundle from the dashboard or with `zcli project project-import zerops-project-import.yaml`.
+
+Packaging is not the next deploy of the same app. For the next app change, keep using the normal build/deploy/verify loop. Use packaging when the output you want is a git-backed import bundle; see [Package a running service](/zcp/workflows/package-running-service).
+
+## 5. Prepare the production release {#prepare-production-release}
+
+The production release is where authority changes. The agent prepares verified work and release evidence; production execution belongs to Zerops project settings, CI, release tooling, or a deliberate human action with production credentials.
+
+The useful split is:
+
+| Job | How often | What happens |
+| --- | --- | --- |
+| **Production infrastructure** | Once per production project | Export the verified project as YAML in the GUI, edit it for production, then import it as a new project. |
+| **Production deploy trigger** | Once per production runtime | Connect the production runtime to git, usually with a tag trigger. |
+| **Production release** | Every release | Verify in dev/stage, push source to git, then trigger production through your tag or release process. |
+| **Production release** | Every release | Verify in dev/stage, push source to git, then trigger production through your tag or release process. |
+
+Production should be a separate Zerops project without a `zcp` service. Production credentials are not `ZCP_API_KEY`; keep them in CI or release tooling. For the full release guide, see [Promote to production](/zcp/workflows/promote-to-production).
+
+## What the final answer should contain
+
+For a completed app task, the agent should report:
+
+- the runtime service it changed,
+- the deploy or verification target,
+- the URL, endpoint, UI state, job result, or stored data that proves the requested behavior,
+- managed services, env vars, or delivery settings it touched,
+- the delivery preference, packaging output, or production release state that now applies.
+
+If the task is incomplete, the final answer should name the blocker, the evidence read, what was tried, and the decision or credential needed from you.
+
+
+----------------------------------------
+
+# Zcp > Workflows > Package Running Service
+
+
+Use packaging when a verified runtime should become a re-importable Zerops bundle. It is a handoff or reuse task after the app already works, not the normal way to deploy the next change.
+
+You can ask for it directly:
+
+```text
+Package appstage as a buildFromGit import bundle.
+Commit it and push it to git.
+```
+
+The result is a single git repo that contains the app source, [`zerops.yaml`](/zerops-yaml/specification), and a project [import file](/references/import) named `zerops-project-import.yaml`. The import file uses `buildFromGit:` so a fresh Zerops project can rebuild the app from the repo instead of carrying source code inside YAML.
+
+Packaging starts from a deployed Zerops runtime. If important source changes exist only on your laptop, deploy or push them first so the runtime and git repo match what you want to package.
+
+## When to package
+
+Package a runtime when you need:
+
+- a running runtime and its managed dependencies reproduced in another Zerops project,
+- a reusable starter, demo, handoff, customer project, or clean staging baseline,
+- a repo commit that carries the Zerops import shape next to the app source,
+- the destination project to build from git.
+
+Do not use packaging for:
+
+- the next app deploy; use the normal build, deploy, and verify loop,
+- the production release; production needs its own infrastructure, credentials, domains, and release trigger,
+- moving managed-service data; backups and restores are separate.
+
+For production setup, follow [Promote to production](/zcp/workflows/promote-to-production). Packaging can help create a reusable app bundle, but it does not decide production infrastructure or release policy.
+
+## What the agent prepares
+
+The agent packages **one** runtime. If the project has dev and stage runtimes, it asks which one to use because they can have different env values, start commands, or `setup:` blocks.
+
+Managed services come along as dependencies when the runtime's `zerops.yaml` needs their env references. You do not pick databases, caches, queues, or search services one by one.
+
+The workflow then prepares:
+
+- `zerops-project-import.yaml` - the project and service shape for the destination project,
+- `zerops.yaml` - the runtime build and run configuration,
+- a git commit and push when git delivery is configured or explicitly requested.
+
+If the runtime has no usable `zerops.yaml` or git remote, the agent has to fix that first. A bundle is only useful when the destination project can pull source and build it from git.
+
+## Env vars need review
+
+Project env vars are the main place where the agent may ask you to decide. Each value gets one bucket:
+
+| Bucket | Use for | Bundle result |
+| --- | --- | --- |
+| `infrastructure` | Values derived from managed services, such as database or cache references. | Omitted from project envs; the new managed service provides fresh values. |
+| `auto-secret` | App-owned signing or encryption keys that can be regenerated. | Fresh generated secret on import. |
+| `external-secret` | Third-party credentials such as Stripe, OpenAI, Mailgun, or GitHub. | `REPLACE_ME` placeholder. |
+| `plain-config` | Literal non-secret config such as log level, feature flags, or public app settings. | Copied as-is. |
+| `plain-config` | Literal non-secret config such as log level, feature flags, or public app settings. | Copied as-is. |
+
+Do not treat this as a key-name guessing game. The agent should inspect source code and ask when classification changes behavior. For example, regenerating a Laravel `APP_KEY`, Django `SECRET_KEY`, or session secret can break existing encrypted state. If state continuity matters, carry the existing value instead of generating a new one.
+
+## What is not included
+
+| Not included | What to do instead |
+| --- | --- |
+| Managed-service data | Restore from [Backup](/features/backup) or another migration path. |
+| Real third-party secrets | Fill placeholders in the destination project before deploying. |
+| Production domains, scaling, backups, and release triggers | Configure them in the destination project. |
+| A repeatable production release process | Use your CI or release workflow; see [Promote to production](/zcp/workflows/promote-to-production). |
+| A repeatable production release process | Use your CI or release workflow; see [Promote to production](/zcp/workflows/promote-to-production). |
+
+## Use the bundle
+
+After the bundle is pushed, import `zerops-project-import.yaml` in the destination project through the dashboard or with `zcli project project-import zerops-project-import.yaml`.
+
+Before opening the new project to users:
+
+- fill `REPLACE_ME` values,
+- restore or seed data when needed,
+- review service scaling and public access,
+- run a normal deploy and verification pass in the destination project.
+
+
+----------------------------------------
+
+# Zcp > Workflows > Promote To Production
+
+
+Use this after the agent has proved work in development or stage. The production release is the point where authority changes: the agent can prepare proof, source changes, and setup notes, but production execution belongs to Zerops project settings, CI, release tooling, or a deliberate human action with production credentials.
+
+Production should be a separate Zerops project without a `zcp` service. That keeps the development agent out of the production blast radius while still letting verified work reach production.
+
+## The simple production path
+
+There are three different jobs. Two are setup work; one is the repeatable release operation.
+
+| Job | How often | Simplest path |
+| --- | --- | --- |
+| **Create production infrastructure** | Once per production project | Export the verified Zerops project as YAML in the GUI, edit it for production, then import it as a new project. |
+| **Connect the production deploy trigger** | Once per production runtime | In the production project, connect the git repository in the Zerops GUI and trigger builds from release tags. |
+| **Release an app change** | Every release | Verify in dev/stage, push source to git, then create the release tag or use your team's release process. |
+| **Release an app change** | Every release | Verify in dev/stage, push source to git, then create the release tag or use your team's release process. |
+
+This page uses the GUI path because it is the clearest path available today. More customized teams can replace the GUI trigger with GitHub Actions or another CI system later.
+
+## 1. Create production infrastructure
+
+Do this once when you need a production project for a verified app.
+
+1. Open the development or staging project that contains the verified runtime.
+2. Use **Export project as yaml**.
+3. Edit the exported YAML for production.
+4. Import the edited YAML as a new Zerops project.
+
+Before import, review the YAML as production infrastructure, not as a blind copy of the development project:
+
+- remove the `zcp` service,
+- remove dev-only runtimes and tools such as Mailpit or Adminer,
+- keep the runtime and managed services that production actually needs,
+- choose production `mode` values before creation, especially `HA` for databases that need it,
+- set production `minContainers`, autoscaling, and core package,
+- replace development secrets with production secrets or placeholders,
+- plan managed-service data restore or migrations,
+- configure production domains, DNS, public access, SMTP, object storage, backups, queues, search, and cache as needed.
+
+Before opening production traffic, get familiar with the deeper Zerops production surface: service modes, scaling, deploy pipeline, health checks, backups, public access, and domains. If the app should use a real domain, follow [Public Access Configuration](/references/networking/public-access).
+
+Project export/import creates the production infrastructure. Do not rely on it as the code delivery mechanism. The app source should be in git, and the first production code deploy should come through the production deploy trigger.
+
+## 2. Connect the production deploy trigger
+
+Do this once for each production runtime that should build from git.
+
+The simplest path is the Zerops GitHub or GitLab integration in the production project:
+
+1. Open the production runtime service.
+2. Connect the git repository.
+3. Choose **New tag** as the production trigger.
+4. Add a tag filter if your team uses one, for example `v*`.
+5. Keep production env vars and secrets in the production Zerops project.
+
+For stage, a branch trigger can be convenient. For production, a tag trigger is easier to reason about: a normal source push can update stage, while a deliberate release tag updates production.
+
+If your team needs approvals, custom tests, generated artifacts, or stricter audit, use GitHub Actions or another CI system instead. In that setup, store a production-scoped `ZEROPS_TOKEN` in the CI secret store and run the production deploy from CI.
+
+## 3. Release an app change
+
+This is the repeatable operation after production infrastructure and the deploy trigger exist. The exact release command is yours: define it in your repository instructions, agent skill, CI guide, or team release checklist.
+
+For example, if production deploys from release tags, the user instruction can be as direct as:
+
+```text
+Create the release tag for production and push it to git.
+```
+
+Use the wording that matches your CI/CD. The release step can be a manual CLI action, a `git push`, a tag push, a pull request, a protected branch merge, or a CI job. That part is your team preference and production setup, not a rule from these docs.
+
+The important rule is that the agent should name what it pushed and whether that push triggers stage, production, both, or neither. If production release requires a tag, the final answer should say the tag name or the exact tag command.
+
+## What not to carry into production
+
+Do not copy these from the development project into production:
+
+- the `zcp` service,
+- development `ZCP_API_KEY`,
+- local `.mcp.json`,
+- development secrets,
+- test data unless it is intentionally migrated,
+- dev-only utilities such as Mailpit or Adminer,
+- `.zerops.app` preview routing as the final public entry point.
+
+Use production-specific domains, secrets, backup policy, scaling, and release credentials.
+
+## What the agent should hand you
+
+A useful release handoff from the agent contains:
+
+- runtime and project where the change was verified,
+- URL, endpoint, UI state, job result, or stored data that proves the requested behavior,
+- commit, branch, PR, or suggested release tag,
+- whether the git push triggers stage, production, both, or neither,
+- services to keep, remove, or change before importing production infrastructure,
+- env vars, managed services, migrations, or delivery settings touched,
+- external secrets still needed,
+- managed-service data that must be restored or migrated,
+- production blockers that need a human decision.
+
+If the answer only says that files were changed, the release handoff is incomplete. Ask for the verification evidence and the exact release artifact.
+
+Production hardening belongs in your team's production checklist. This page only defines the handoff from verified dev or stage work into production authority.
+
+## Related production references
+
+- [Production boundary](/zcp/security/production-policy) — Why production stays outside the agent loop.
+- [Import & Export YAML Configuration](/references/import) — Project export and import reference.
+- [Public Access Configuration](/references/networking/public-access) — Custom domains, DNS, SSL, and production public access.
+
+
 ----------------------------------------
 
 # Zerops Yaml > Base List
 
-This is a list of all currently supported versions of technologies that can be used for build.base and run.base sections in `zerops.yaml`.
+
+This is a list of all currently supported versions of technologies that can be used for <code>[build.base](/zerops-yaml/specification#base-required)</code> and <code>[run.base](/zerops-yaml/specification#base)</code> sections in `zerops.yaml`.
+
 :::note
 Versions listed on the same line are aliases of the same underlying version.
 :::
+
 ## Runtime services
-  
-      Service Type
-      Supported OS
-      Versions
-    
-    Build / Runtime
-  
-     Bun
-     `ubuntu` / `alpine`
-     
-     Deno
-     `ubuntu`
-     
-     .NET
-     `ubuntu` / `alpine`
-     
-     Elixir
-     `ubuntu` / `alpine`
-     
-     Gleam
-     `ubuntu`
-     
-     Go
-     `ubuntu` / `alpine`
-     
-     Java
-     `ubuntu` / `alpine`
-     
-      Node.js
-      `ubuntu` / `alpine`
-      
-      Python
-      `ubuntu` / `alpine`
-      
-      Rust
-      `ubuntu` / `alpine`
-      
-        &nbsp;
-        &nbsp;
-        Build
-        Runtime
-      
-      PHP + Apache
-      `ubuntu` / `alpine`
-      
-      PHP + nginx
-      `ubuntu` / `alpine`
-      
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th rowspan="2" className="">Service Type</th>
+      <th rowspan="2" className="">Supported OS</th>
+      <th colspan="2" className="w-full">Versions</th>
+    </tr>
+  <tr>
+    <th colspan="2" className="w-full">Build / Runtime</th>
+  </tr>
+</thead>
+  <tbody>
+    <tr>
+     <td className="w-fit">Bun</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `bun@1.3.9`, `bun@1.3`, `bun@latest`
+- `bun@1.2.2`, `bun@1.2`
+- `bun@nightly`
+- `bun@canary`
+- `bun@1.1.34`, `bun@1.1(Ubuntu only)`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Deno</td>
+     <td className="w-fit">`ubuntu`</td>
+     <td colspan="2" className="w-fit">
+- `deno@2.0.0`, `deno@2`, `deno@latest`
+- `deno@1.45.5`, `deno@1`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">.NET</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `dotnet@10`, `dotnet@latest`
+- `dotnet@9`
+- `dotnet@8`
+- `dotnet@7`
+- `dotnet@6`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Elixir</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `elixir@1.16`, `elixir@1`, `elixir@latest`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Gleam</td>
+     <td className="w-fit">`ubuntu`</td>
+     <td colspan="2" className="w-fit">
+- `gleam@1.5`, `gleam@1`, `gleam@latest`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Go</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `go@1.22`, `go@1`, `golang@1`, `go@latest`, `golang@latest`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Java</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `java@21`, `java@latest`
+- `java@17`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Node.js</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td colspan="2" className="w-fit">
+- `nodejs@24`, `nodejs@latest`
+- `nodejs@22`
+- `nodejs@20`
+- `nodejs@18`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Python</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td colspan="2" className="w-fit">
+- `python@3.14 (Ubuntu only)`, `python@latest`
+- `python@3.12`
+- `python@3.11`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Rust</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td colspan="2" className="w-fit">
+- `rust@1`, `rust@latest`, `rust@stable`
+- `rust@1.86`
+- `rust@1.80`
+- `rust@1.78`
+- `rust@nightly`
+</td>
+    </tr>
+      <tr>
+        <th className="w-fit">&nbsp;</th>
+        <th className="w-fit">&nbsp;</th>
+        <th className="w-full">Build</th>
+        <th className="w-full">Runtime</th>
+      </tr>
+    <tr>
+      <td className="w-fit">PHP + Apache</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td className="w-fit">
+- `php@8.5`, `php@latest`
+- `php@8.4`
+- `php@8.3`
+- `php@8.1`
+</td>
+      <td className="w-fit">
+- `php-apache@8.5`, `php-apache@latest`
+- `php-apache@8.4`
+- `php-apache@8.3`
+- `php-apache@8.1`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">PHP + nginx</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td className="w-fit">
+- `php@8.5`, `php@latest`
+- `php@8.4`
+- `php@8.3`
+- `php@8.1`
+</td>
+      <td className="w-fit">
+- `php-nginx@8.5`, `php-nginx@latest`
+- `php-nginx@8.4`
+- `php-nginx@8.3`
+- `php-nginx@8.1`
+</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Static services
-  
-      Service Type
-      Supported OS
-      Versions
-    
-    Build
-    Runtime
-  
-      nginx
-      `ubuntu`/`alpine`
-      -
-      
-      static
-      `ubuntu`/`alpine`
-      -
-      
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th rowspan="2" className="">Service Type</th>
+      <th rowspan="2" className="">Supported OS</th>
+      <th colspan="2" className="w-full">Versions</th>
+    </tr>
+  <tr>
+    <th className="w-full">Build</th>
+    <th className="w-full">Runtime</th>
+  </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">nginx</td>
+      <td className="w-fit">`ubuntu`/`alpine`</td>
+      <td className="w-fit">-</td>
+      <td className="w-fit">
+- `nginx@1.22`, `nginx@latest`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">static</td>
+      <td className="w-fit">`ubuntu`/`alpine`</td>
+      <td className="w-fit">-</td>
+      <td className="w-fit">
+- `static`, `static@1.0`, `static@latest`
+</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Containers and virtual machines
-  
-      Service Type
-      Supported OS
-      Versions
-    
-    Build
-    Runtime
-  
-      Alpine
-      `alpine`
-      
-      Ubuntu
-      `ubuntu`
-      
-      Docker
-      `ubuntu`
-      -
-      
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th rowspan="2" className="">Service Type</th>
+      <th rowspan="2" className="">Supported OS</th>
+      <th colspan="2" className="w-full">Versions</th>
+    </tr>
+  <tr>
+    <th className="w-full">Build</th>
+    <th className="w-full">Runtime</th>
+  </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Docker</td>
+      <td className="w-fit">`alpine`</td>
+      <td className="w-fit">-</td>
+      <td className="w-fit">
+- `docker@26.1`, `docker@latest`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Alpine</td>
+      <td className="w-fit">`alpine`</td>
+      <td colspan="2" className="w-fit">
+- `alpine@3.23`, `alpine@latest`
+- `alpine@3.22`
+- `alpine@3.21`
+- `alpine@3.20`
+- `alpine@3.19`
+- `alpine@3.18`
+- `alpine@3.17`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Ubuntu</td>
+      <td className="w-fit">`ubuntu`</td>
+      <td colspan="2" className="w-fit">
+- `ubuntu@24.04`
+- `ubuntu@22.04`, `ubuntu@latest`
+</td>
+    </tr>
+  </tbody>
+</table>
 
 ----------------------------------------
 
 # Zerops Yaml > Cron
 
+
 Cron jobs are scheduled commands that execute automatically inside a service's containers based on defined timing rules.
+
 In Zerops, these jobs are configured in the `run` section of `zerops.yaml` file under the `crontab` key.
+
 ## Parameters
+
 ### command
 *string, REQUIRED*
+
 The shell command to execute at the scheduled time. This can be any valid command.
+
 ### timing
 *string, REQUIRED*
+
 The schedule for when the task should run, specified in standard cron format using five space-separated fields:
   - Minute (0–59)
   - Hour (0–23)
   - Day of the month (1–31)
   - Month (1–12)
   - Day of the week (0–7; both 0 and 7 represent Sunday)
+
 #### Examples
   - `"0 5 * * *"` – Runs daily at 5:00 AM.
   - `"*/10 * * * *"` – Runs every 10 minutes.
+
 ### allContainers
 *boolean, REQUIRED*
+
 **Options:**
 - `true` – Command runs on all containers.
 - `false` – Command runs on only one container.
+
 ### workingDir
 *string, REQUIRED*
+
 Specifies the directory where the command will be executed. If not set, it defaults to `/var/www`.
+
 ## Example Configurations
 Here’s a basic example of how to set up a cron job in your service's `zerops.yaml`:
+
 ```yaml
-run: 
+run:
   crontab:
     - command: "date >> /var/log/cron.log"
       timing: "0 * * * *"
 ```
 This configuration logs the current date to `/var/log/cron.log` every hour.
+
 ### Running on Multiple Containers
 By default, cron jobs run on a single container, even if multiple containers exist for the service. To execute a command across all containers, you can use the `allContainers` parameter:
+
 ```yaml
-run: 
+run:
   crontab:
     - command: "rm -rf /tmp/*"
       timing: "0 0 * * *"
       allContainers: true
 ```
 This example removes temporary files from all containers every day at midnight.
+
 ### Custom Working Directory
 You can also specify a custom working directory for your commands using the `workingDir` parameter:
+
 ```yaml
-run: 
+run:
   crontab:
     - command: "php artisan schedule:run"
       timing: "* * * * *"
       workingDir: /var/www/html
 ```
 In this case, the command runs every minute in the `/var/www/html` directory.
+
 ### Multiple Cronjobs
 It is possible to define multiple cron jobs as a YAML object list under the `crontab` key.
+
 ```yaml
 run:
   crontab:
@@ -27351,10 +41196,12 @@ run:
       ...
 ```
 
+
 ----------------------------------------
 
 # Zerops Yaml > Specification
 
+
 export const languages = [
     { name: "Node.js", link: "/nodejs/how-to/build-pipeline" },
     { name: "PHP", link: "/php/how-to/build-pipeline" },
@@ -27369,13 +41216,18 @@ export const languages = [
     { name: "Gleam", link: "/gleam/how-to/build-pipeline" },
     { name: "Nginx", link: "/nginx/how-to/build-pipeline" }
 ]
+
 The `zerops.yaml` file is crucial for defining how Zerops should [build and deploy](/features/pipeline) your application.
 Add the `zerops.yaml` file to the **root of your repository** and customize it to suit your application's needs.
+
 :::note Parameter Availability
 Not all parameters are available for every service type. Most parameters work across different runtime services, but some are specific to certain service types (e.g., documentRoot for webserver services, routing for Static services). This documentation covers zerops.yaml configuration for runtime services.
 :::
+
 ---
+
 ## Basic Structure
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -27386,7 +41238,9 @@ zerops:
     # required
     run: ...
 ```
+
 Multiple services can be defined in a single `zerops.yaml` (useful for monorepos):
+
 ```yaml
 zerops:
   - setup: app
@@ -27396,6 +41250,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   - setup: api
     # optional
     build: ...
@@ -27404,15 +41259,23 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration requires a `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Service Configuration
-### setup 
+
+### setup *[Required]*
+
 Contains the hostname of your service (must exist in Zerops).
+
 ```yaml
 setup: app
 ```
-### extends 
+
+### extends *[Optional]*
+
 The `extends` key allows you to inherit configuration from another service defined in the same `zerops.yaml` file. This is useful for creating environment-specific configurations while maintaining a common base.
+
 ```yaml
 zerops:
   - setup: base
@@ -27422,33 +41285,43 @@ zerops:
       deployFiles: ./dist
     run:
       start: npm start
+
   - setup: prod
     extends: base
     run:
       envVariables:
         NODE_ENV: production
+
   - setup: dev
     extends: base
     run:
       envVariables:
         NODE_ENV: development
 ```
+
 When using `extends`:
 - The `extends` value must refer to another service's `setup` value in the same file
 - The child service inherits all configuration from the base service
 - Configuration is merged at the section level (`build`, `run`, `deploy`)
 - You can override specific sections by redefining them
+
 :::tip
 Create a base service with common configuration and extend it for environment-specific services to keep your `zerops.yaml` file DRY (Don't Repeat Yourself).
 :::
-## Build Configuration 
-### base 
+
+## Build Configuration *[Optional]*
+
+### base *[Required]*
+
 Sets the base technology for the build environment. [See available options](/zerops-yaml/base-list).
+
 ```yaml
 build:
   base: nodejs@latest
 ```
+
 You can specify multiple technologies:
+
 ```yaml
 build:
   base:
@@ -27456,48 +41329,67 @@ build:
   prepareCommands:
     - zsc add python@3.9
 ```
-### os 
+
+### os *[Optional]*
+
 Sets the operating system for the build environment. Options:
+
 - `alpine` (default)
 - `ubuntu` (default for ubuntu service)
+
 Current versions:
+
 - {data.alpine.default}
 - {data.ubuntu.default}
+
 ```yaml
 build:
   os: ubuntu
 ```
-### prepareCommands 
+
+### prepareCommands *[Optional]*
+
 Customizes the build environment by installing additional dependencies or tools.
+
 ```yaml
 build:
   prepareCommands:
     - sudo apt-get update
     - sudo apt-get install -y some-package
 ```
+
 :::note
 `build.prepareCommands` run in the `/home/zerops` directory.
 :::
-### buildCommands 
+
+### buildCommands *[Optional]*
+
 Defines the commands to build your application.
+
 ```yaml
 build:
   buildCommands:
     - npm install
     - npm run build
 ```
+
 :::note
 `build.buildCommands` run in the `/build/source` directory.
 :::
+
 #### Running commands in a single shell instance:
+
 ```yaml
 buildCommands:
   - |
     npm install
     npm run build
 ```
-### deployFiles 
+
+### deployFiles *[Required]*
+
 Specifies which files or folders to deploy after a successful build.
+
 ```yaml
 build:
   deployFiles:
@@ -27505,27 +41397,40 @@ build:
     - package.json
     - node_modules
 ```
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Using wildcards:
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`.
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -27537,20 +41442,30 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
-### cache 
+
+### cache *[Optional]*
+
 Defines which files or folders to cache for subsequent builds.
+
 ```yaml
 build:
   cache: node_modules
 ```
+
 For more information, see our detailed [guide on build cache](/features/build-cache), complete with extensive examples.
-### addToRunPrepare 
+
+### addToRunPrepare *[Optional]*
+
 Defines files or folders to be copied from the build container to the prepare runtime container.
-### envVariables 
+
+### envVariables *[Optional]*
+
 Sets environment variables for the build environment.
+
 ```yaml
 build:
   envVariables:
@@ -27559,22 +41474,33 @@ build:
     DB_USER: db
     DB_PASS: ${db_password}
 ```
+
 :::info
 The `yamlPreprocessor` option in your project & service import YAML allows you to generate random secret values, passwords, and public/private key pairs. For more information, see the [yamlPreprocessor](/references/import-yaml/pre-processor) page.
 :::
-## Deploy Configuration 
-### temporaryShutdown 
+
+## Deploy Configuration *[Optional]*
+
+### temporaryShutdown *[Optional]*
+
 Controls the container replacement order during deployment.
+
 ```yaml
 deploy:
   temporaryShutdown: true
 ```
+
 - Type: `boolean`
 - Default: `false`
+
 **When `false` (default):** New containers are started before old containers are removed, ensuring zero-downtime deployment.
+
 **When `true`:** Old containers are removed before new containers are started, causing temporary downtime but using fewer resources during deployment.
-### readinessCheck 
+
+### readinessCheck *[Optional]*
+
 Defines a readiness check for your application. Requires either `httpGet` object or `exec` object.
+
 ```yaml
 deploy:
   readinessCheck:
@@ -27584,32 +41510,48 @@ deploy:
       path: /status
       host: my-host.zerops
       scheme: https
+
     # Common parameters
     failureTimeout: 60
     retryPeriod: 10
 ```
+
 Readiness checks work similarly to [health checks](#healthcheck-) but are specifically for deployment. They verify if a new deployment is ready to receive traffic.
+
 Available parameters:
+
 #### httpGet and exec
 The `httpGet` and `exec` options work the same way as in [health checks](#healthcheck-). See that section for detailed parameter descriptions.
-#### Common parameters 
+
+#### Common parameters *[Optional]*
 The following parameters can be used with either `httpGet` or `exec` readiness checks:
+
 - **failureTimeout** - Time in seconds until container is marked as failed.
 - **retryPeriod** - Time interval in seconds between readiness check attempts (equivalent to `execPeriod` in health checks).
+
 :::tip
 Unlike health checks which run continuously, readiness checks only run during deployments to determine when your application is ready to accept traffic.
 :::
-## Runtime Configuration 
-### base 
+
+## Runtime Configuration *[Required]*
+
+### base *[Optional]*
+
 Sets the base technology for the runtime environment. If not specified, the current version is maintained.
+
 ```yaml
 run:
   base: nodejs@latest
 ```
-### os 
+
+### os *[Optional]*
+
 Sets the operating system for the runtime environment. Options and versions are the same as for the build environment.
-### ports 
+
+### ports *[Optional]*
+
 Specifies the internal ports on which your application will listen.
+
 ```yaml
 run:
   ports:
@@ -27619,42 +41561,60 @@ run:
     - port: 8081
       ...
 ```
+
 Available parameters:
-#### port 
+
+#### port *[Required]*
 Defines the port number on which your application listens. Must be between *10* and *65435*, as ports outside this range are reserved for internal Zerops systems.
-#### protocol 
+
+#### protocol *[Optional]*
 Specifies the network protocol to use:
 - Allowed values: `TCP` *(default)* or `UDP`
-#### httpSupport 
+
+#### httpSupport *[Optional]*
 Indicates whether the port is running a web server:
 - Default value: `false`
 - Set to `true` if a web server is running on the port
 - Only available with TCP protocol
 - Used by Zerops for [public access](/features/access) configuration
-### prepareCommands 
+
+### prepareCommands *[Optional]*
+
 Customizes the runtime environment by installing additional dependencies or tools.
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
-### initCommands 
+
+### initCommands *[Optional]*
+
 Defines commands to run each time a new runtime container starts or restarts.
+
 ```yaml
 run:
   initCommands:
     - rm -rf ./cache
 ```
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
-### start 
+
+### start *[Required for some runtimes]*
+
 Defines the start command for your application.
+
 ```yaml
 run:
   start: npm start
 ```
-### startCommands 
+
+### startCommands *[Optional]*
+
 Defines start commands.
+
 Unlike `start`, you can define multiple commands that starts their own processes.
+
 ```yaml
 run:
   startCommands:
@@ -27668,13 +41628,21 @@ run:
       initCommands:
         - litestream restore -if-replica-exists -if-db-not-exists -config=litestream.yaml $DB_NAME
 ```
+
 See [start-commands-example](https://github.com/zeropsio/start-commands-example)
-### documentRoot 
+
+### documentRoot *[Optional]*
+
 Customizes the root folder for publicly accessible web server content (available only for webserver runtimes).
-### siteConfigPath 
+
+### siteConfigPath *[Optional]*
+
 Sets the custom webserver configuration (available only for webserver runtimes).
-### envVariables 
+
+### envVariables *[Optional]*
+
 Defines environment variables for the runtime environment.
+
 ```yaml
     run:
       base: nodejs@20
@@ -27684,8 +41652,11 @@ Defines environment variables for the runtime environment.
         DB_USER: db
         DB_PASS: ${db_password}
 ```
-### envReplace 
+
+### envReplace *[Optional]*
+
 Automatically replaces environment variable placeholders in your static files with their actual values during deployment.
+
 ```yaml
 run:
   envReplace:
@@ -27695,23 +41666,30 @@ run:
       - config/jwt/private.pem
       - ./config/
 ```
+
 Available parameters:
-#### delimiter 
+
+#### delimiter *[Required]*
 Characters that wrap your variable names in placeholders (e.g., `%%` means placeholders look like `%%VARIABLE%%`).
 - Type: `string` or `array of strings`
 - Supports multiple delimiters simultaneously
-#### target 
+
+#### target *[Required]*
 Files or directories to process for variable replacement.
 - Type: `string` or `array of strings`
 - Can be specific files or directories
+
 :::warning
 Directory targets only process files directly in the specified directory, not subdirectories for performance reasons. To process files in subdirectories, specify each subdirectory explicitly in the target array. For example, ./config/ processes only files in the config directory itself, not files in ./config/jwt/ or other subdirectories.
 :::
+
 **How it works:**
 1. Define placeholders in your files using the specified delimiters
 2. Set environment variables with matching names
 3. During deployment, Zerops finds and replaces placeholders with actual values
+
 **Example usage:**
+
 ```yaml
 run:
   envReplace:
@@ -27721,20 +41699,26 @@ run:
       - ./templates/
       - ./              # Only processes files in root, not subdirectories
 ```
+
 File content before replacement:
 ```
 # config/jwt/public.pem
 %%JWT_PUBLIC_KEY_CONTENT%%
 ```
+
 Environment variable:
 ```
 JWT_PUBLIC_KEY_CONTENT=-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA...
 -----END PUBLIC KEY-----
 ```
+
 The placeholder gets replaced with the actual JWT public key during deployment.
-### routing 
+
+### routing *[Optional]*
+
 Configures URL routing, redirects, and HTTP headers (only for Static services).
+
 ```yaml
 run:
   routing:
@@ -27749,31 +41733,38 @@ run:
         values:
           X-Frame-Options: "'DENY'"
 ```
+
 Available parameters:
-#### root 
+
+#### root *[Optional]*
 Sets a custom root directory for the service.
 - Type: `string`
-#### cors 
+
+#### cors *[Optional]*
 Enables CORS headers for cross-origin requests.
 - Type: `string`
 - Sets `Access-Control-Allow-Origin`, `Access-Control-Allow-Methods`, `Access-Control-Allow-Headers`, and `Access-Control-Expose-Headers`
 - Special case: `"*"` is automatically converted to `'*'`
-#### redirects 
+
+#### redirects *[Optional]*
 Defines URL redirects and rewrites.
 - Type: `array of objects`
 - Each redirect object supports:
-  - **from**  - Source path to match ([supports wildcards](/static/overview#wildcard-matching) with `*`)
-  - **to**  - Destination path
-  - **status**  - HTTP status code (required for absolute URLs)
-  - **preservePath**  - Preserve path after wildcard match
-  - **preserveQuery**  - Preserve query parameters
-#### headers 
+  - **from** *[Required]* - Source path to match ([supports wildcards](/static/overview#wildcard-matching) with `*`)
+  - **to** *[Required]* - Destination path
+  - **status** *[Optional]* - HTTP status code (required for absolute URLs)
+  - **preservePath** *[Optional]* - Preserve path after wildcard match
+  - **preserveQuery** *[Optional]* - Preserve query parameters
+
+#### headers *[Optional]*
 Sets custom HTTP headers for specific paths.
 - Type: `array of objects`
 - Each header object supports:
-  - **for**  - Path pattern to match
-  - **values**  - Object with header name/value pairs
+  - **for** *[Required]* - Path pattern to match
+  - **values** *[Required]* - Object with header name/value pairs
+
 **Example usage:**
+
 ```yaml
 run:
   routing:
@@ -27794,8 +41785,11 @@ run:
           X-Frame-Options: "'DENY'"
           Content-Security-Policy: '"default-src ''self''"'
 ```
-### healthCheck 
+
+### healthCheck *[Optional]*
+
 Defines a health check for your application.
+
 ```yaml
 run:
   healthCheck:
@@ -27810,33 +41804,44 @@ run:
       command: |
         curl -s http://localhost:8080/status > /tmp/status
         grep -q "OK" /tmp/status
+
     # Common parameters
     failureTimeout: 60
     disconnectTimeout: 30
     recoveryTimeout: 30
     execPeriod: 10
 ```
+
 Available parameters:
-#### httpGet 
+
+#### httpGet *[Optional]*
 Configures the health check to request a local URL using a HTTP GET method.
-- **port**  - Defines the port of the HTTP GET request.
-- **path**  - Defines the URL path of the HTTP GET request.
-- **host**  - The health check is triggered from inside of your runtime container so it uses the localhost (127.0.0.1). If you need to add a host to the request header, specify it in the host attribute.
-- **scheme**  - The health check is triggered from inside of your runtime container so no https is required. If your application requires a https request, set scheme: `https`.
-#### exec 
+
+- **port** *[Required]* - Defines the port of the HTTP GET request.
+- **path** *[Required]* - Defines the URL path of the HTTP GET request.
+- **host** *[Optional]* - The health check is triggered from inside of your runtime container so it uses the localhost (127.0.0.1). If you need to add a host to the request header, specify it in the host attribute.
+- **scheme** *[Optional]* - The health check is triggered from inside of your runtime container so no https is required. If your application requires a https request, set scheme: `https`.
+
+#### exec *[Optional]*
 Configures the health check to run a local command.
-- **command**  - Defines a local command to be run. The command has access to the same environment variables. A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example above.
-#### Common parameters 
+
+- **command** *[Required]* - Defines a local command to be run. The command has access to the same environment variables. A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example above.
+
+#### Common parameters *[Optional]*
 The following parameters can be used with either `httpGet` or `exec` health checks:
 - **failureTimeout** - Time in seconds until container fails after consecutive health check failures (reset by success).
 - **disconnectTimeout** - Time in seconds until container is disconnected and becomes publicly unavailable.
 - **recoveryTimeout** - Time in seconds until container is connected and becomes publicly available.
 - **execPeriod** - Time interval in seconds between health check attempts.
+
 :::tip
 Health checks continuously monitor your running application, while readiness checks verify if a new deployment is ready to receive traffic. For readiness checks, see the [readinessCheck section](#readinesscheck-).
 :::
-### crontab 
+
+### crontab *[Optional]*
+
 Defines scheduled commands to run as cron jobs within a service.
+
 ```yaml
 run:
   crontab:
@@ -27844,10 +41849,13 @@ run:
       timing: "0 * * * *"
       allContainers: false
 ```
+
 Setup cron jobs. See [examples](/zerops-yaml/cron).
+
 :::note
 For more detailed information on specific configurations, refer to the runtime-specific guides linked at the beginning of this document.
 :::
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
diff --git a/apps/docs/static/llms-small.txt b/apps/docs/static/llms-small.txt
index e1d1d9fbc..814c469a2 100644
--- a/apps/docs/static/llms-small.txt
+++ b/apps/docs/static/llms-small.txt
@@ -2,9 +2,13 @@
 
 # Alpine > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Alpine application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -13,45 +17,58 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: alpine@3.20
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
         - sudo apk add --no-cache something
         - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
-        - 
+        - <your build commands>
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: app
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: some_file
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: alpine@3.20
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Alpine environment by installing additional
       # dependencies to the base Alpine runtime environment.
       prepareCommands:
         - sudo apk add --no-cache something
         - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Alpine application is started.
       initCommands:
        - rm -rf ./cache
+
       # OPTIONAL. Your Alpine application start command
       start: ./app
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -62,6 +79,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -71,11 +89,25 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Alpine builds:
+
+- `alpine@3.23`, `alpine@latest`
+- `alpine@3.22`
+- `alpine@3.21`
+- `alpine@3.20`
+- `alpine@3.19`
+- `alpine@3.18`
+- `alpine@3.17`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -86,11 +118,17 @@ zerops:
       base: alpine@3.20
       ...
 ```
-  The base build environment contains {data.alpine.default}, Zerops command line tool, `git` and `wget`.
+
+<p>
+  The base build environment contains {data.alpine.default}, [Zerops command line tool](/references/cli), `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -104,18 +142,27 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - [Zerops command line tool](/references/cli)
 - `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -124,6 +171,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: alpine@3.20
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -131,20 +179,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/alpine/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -153,93 +212,136 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: alpine@3.20
+
       # OPTIONAL. Build your application
       buildCommands:
-        - 
+        - <your build commands>
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 For detailed information about build commands, refer to the documentation for your specific technology (e.g., [Node.js](/nodejs/how-to/build-pipeline), [Go](/go/how-to/build-pipeline), [Python](/python/how-to/build-pipeline), etc.).
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     cd src
     ./build.sh
 ```
+
 #### Run build commands as separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - cd src
   - ./build.sh
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/alpine/how-to/logs#build-log) to troubleshoot the error.
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -251,22 +353,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -275,6 +388,7 @@ zerops:
     build:
       base: alpine@3.20
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         MODE: production
@@ -283,12 +397,26 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/alpine/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Alpine version for your runtime.
+
 Following options are available for Alpine builds:
+
+- `alpine@3.23`, `alpine@latest`
+- `alpine@3.22`
+- `alpine@3.21`
+- `alpine@3.20`
+- `alpine@3.19`
+- `alpine@3.18`
+- `alpine@3.17`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -298,17 +426,24 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: alpine@3.20
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: alpine@3.20
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, Zerops command line tool, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -318,6 +453,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: alpine@3.20
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -327,29 +463,52 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to an Alpine service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access an Alpine service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Alpine runtime environment by installing additional dependencies or tools to the runtime base environment.
-  The base Alpine environment contains {data.alpine.default}, Zerops command line tool and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+
+<p>
+  The base Alpine environment contains {data.alpine.default}, [Zerops command line tool](/references/cli) and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -357,6 +516,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -366,26 +526,44 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/alpine/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
-  The prepare runtime container contains {data.alpine.default}, Zerops command line tool and `git` and `wget`.
+
+<p>
+  The prepare runtime container contains {data.alpine.default}, [Zerops command line tool](/references/cli) and `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -394,6 +572,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -403,15 +582,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -420,22 +604,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Alpine application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/alpine/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/alpine/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -450,56 +647,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/alpine/how-to/env-variables) in Zerops.
+
 ### start
+
 _OPTIONAL._ Defines the start command for your Alpine application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Your Alpine application start command
       start: ./app
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Your Alpine application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -507,30 +730,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Alpine application.
+
+        The command has access to the same [environment variables](/alpine/how-to/create#set-secret-environment-variables) as your Alpine application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Alpine application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -539,13 +779,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -554,40 +799,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/alpine/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -596,30 +863,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/alpine/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Alpine application.
+
+        The command has access to the same [environment variables](/alpine/how-to/create#set-secret-environment-variables) as your Alpine application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -631,80 +916,123 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/alpine/how-to/deploy-process#readiness-checks) in Zerops.
 
 ----------------------------------------
 
 # Alpine > How To > Build Process
 
-  
+
 ## Build process overview
+
 Zerops starts a temporary build container and performs the following actions:
+
 1. **Installs the build environment** - Sets up base system and  runtime
 2. **Downloads your application source code** - From [GitHub ↗](https://www.github.com), [GitLab ↗](https://www.gitlab.com) or via [Zerops CLI](/references/cli)
 3. **Optionally customizes the build environment** - Runs prepare commands if configured
 4. **Runs the build commands** - Executes your build process
 5. **Uploads the application artifact** - Stores build output to internal Zerops storage
 6. **Caches selected files** - Preserves specified files for faster future builds
+
 The build container is automatically deleted after the build has finished or failed.
+
 ## Build configuration
-Configure your  build process in your `zerops.yaml` file according to the full build & deploy  pipeline guide.
+
+Configure your  build process in your `zerops.yaml` file according to the  pipeline guide</VarLink>.
+
 ## Build environment
+
 ### Default  build environment
+
 The default  build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - [zCLI](/references/cli), Zerops command line tool
-- 
+-
+
 ### Customize build environment
-To install additional packages or tools, add one or more build.prepareCommands to your `zerops.yaml`.
+
+To install additional packages or tools, add one or more  to your `zerops.yaml`.
+
 :::info
 The application code is available in the `/build/source` folder in your build container before the prepare commands are triggered. This allows you to use any file from your application code in your prepare commands (e.g. a configuration file).
 :::
+
 ### Build hardware resources
+
 All runtime services use the same hardware resources for build containers:
-  
-      HW resource
-      Minimum
-      Maximum
-    
-      CPU cores
-      1
-      5
-    
-      RAM
-      8 GB
-      8 GB
-    
-      Disk
-      1 GB
-      100 GB
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>HW resource</strong></th>
+      <th className="w-fit"><strong>Minimum</strong></th>
+      <th className="w-fit"><strong>Maximum</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">CPU cores</td>
+      <td className="w-fit">1</td>
+      <td className="w-fit">5</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">RAM</td>
+      <td className="w-fit">8 GB</td>
+      <td className="w-fit">8 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Disk</td>
+      <td className="w-fit">1 GB</td>
+      <td className="w-fit">100 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 Build containers start with minimum resources and scale vertically up to maximum capacity as needed.
+
 ### Build time limit
+
 The time limit for the whole build pipeline is **1 hour**. After 1 hour, Zerops will terminate the build pipeline and delete the build container.
+
 :::info
 Build container resources are not charged separately. Limited build time is included in your [project core plan](/company/pricing#project-core-plans), with additional build time available if needed.
 :::
+
 ## Troubleshooting  builds
+
 :::tip Advanced troubleshooting
 For complex build issues that require investigation, you can enable [debug mode](/features/debug-mode) to pause the build process at specific points and inspect the build container state interactively.
 :::
+
 ### Build and prepare command failures
-If any build command or prepare command fails (returns non-zero exit code), the build is canceled. Check the build log to troubleshoot the error.
+
+If any  or  fails (returns non-zero exit code), the build is canceled. Check the  to troubleshoot the error.
+
 ### Build cache issues
+
 If you encounter unexpected build behavior or dependency issues, the problem might be related to cached build data. While Zerops maintains the build cache to speed up deployments, sometimes you may need to start fresh.
+
 To invalidate the build cache:
+
 1. Go to your service detail in Zerops GUI
 2. Choose **Pipelines & CI/CD Settings** from the left menu
 3. Click on the **Invalidate build cache** button
+
 This will force Zerops to run the next build clean, including all prepare commands.
+
 Learn more about [build cache behavior](/features/build-cache).
+
 ## More resources
+
 For more details about the build and deploy pipeline, including how to cancel builds and manage application versions, see the [general pipeline documentation](/features/pipeline).
+
 ## Next steps
-- Understand the deployment process
-- Learn how to customize the runtime environment
-- Explore build and runtime logs
+
+- Understand the
+- Learn how to
+- Explore
 
 ----------------------------------------
 
@@ -716,35 +1044,60 @@ For more details about the build and deploy pipeline, including how to cancel bu
 
 # Alpine > How To > Create
 
+
 Zerops provides a Alpine runtime service with extensive build support. Alpine runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Alpine service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Alpine service:
+
+[Video: /vids/services/golang.webm](/vids/services/golang.webm)
+
 ### Choose Alpine version
+
 Following Alpine versions are currently supported:
+
 :::info
 You can [change](/alpine/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/alpine/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Alpine service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Alpine service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/alpine/how-to/create#create-a-project-description-file)
 3. [Create a project with a Alpine and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -765,13 +1118,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Alpine service with default [auto scaling](/alpine/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/alpine/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -816,98 +1174,143 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain an Alpine service and a [PostgreSQL](/postgresql/overview) service.
+
 Alpine service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Alpine service will run with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Alpine service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/alpine/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/alpine/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/alpine/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/alpine/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Alpine service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -928,65 +1331,90 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Alpine service version 1 with default [auto scaling](/alpine/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Alpine > How To > Customize Runtime
 
-System packages: Install any packages you need via apk, such as imagemagick, ffmpeg, or chromium',
-  'Specific language versions: Install versions of Go, Node.js, PHP, Python, or other runtimes that are not available as dedicated Zerops services (e.g., older or cutting-edge versions)',
-  'Custom binaries: Add compiled binaries or tools not available in the default repositories',
-  'Development tools: Include debugging tools, profilers, or other utilities',
-  'Specific libraries: Install dependencies required by your application'
-]} />
+
 ## Build Custom Runtime Images
+
 Zerops allows you to build custom runtime images (CRI) when the default base runtime images don't meet your application's requirements. This is an optional phase in the [build and deploy pipeline](/features/pipeline#runtime-prepare-phase-optional).
+
 Alpine is a versatile base for running anything not explicitly offered as a dedicated Zerops runtime. You can install any packages and tools you need, treating it as a clean OS to customize however you want.
+
 It is also a great option when you need a specific version of a technology (like Go, Node.js, or PHP) that Zerops doesn't support by default—whether it's an older version for legacy projects or a newer release not yet available.
+
 ## Configuration
+
 ### Default  Runtime Environment
+
 The default  runtime environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - [zCLI](/references/cli)
-- 
+-
+
 ### When You Need a Custom Runtime Image
+
 Since Alpine serves as a general-purpose base, you'll likely want to customize it for your specific use case. Common scenarios include:
+
 :::important
 You should not include your application code in the custom runtime image, as your built/packaged code is deployed automatically into fresh containers.
 :::
+
 Here are examples of configuring custom runtime images in your `zerops.yml`:
+
 ### Basic  Setup
+
 ### Using Build Files in Runtime Preparation
+
 For complete configuration details, see the [runtime prepare phase configuration guide](/features/pipeline#configuration).
+
 ## Process and Caching
+
 ### How Runtime Prepare Works
 The runtime prepare process follows the same steps for all runtimes. See [how runtime prepare works](/features/pipeline#how-it-works) for the complete process details.
+
 ### Caching Behavior
 Zerops caches custom runtime images to optimize deployment times. Learn about [custom runtime image caching](/features/pipeline#custom-runtime-image-caching) including when images are cached and reused.
+
 ### Build Management
 For information about managing builds and deployments, see [managing builds and deployments](/features/pipeline#manage-builds-and-deployments).
+
 :::warning
 Shared storage mounts are not available during the runtime prepare phase.
 :::
+
 ## Troubleshooting
-If your `prepareCommands` fail, check the prepare runtime log for specific error messages.
+
+If your `prepareCommands` fail, check the  for specific error messages.
 
 ----------------------------------------
 
@@ -1040,26 +1468,54 @@ If your `prepareCommands` fail, check the prepare runtime log for specific error
 
 # Alpine > Overview
 
+
 [Alpine Linux ↗](https://alpinelinux.org/) is a lightweight, security-oriented Linux distribution based on musl libc and busybox, known for its small footprint and efficiency.
+
 Alpine services in Zerops provide a minimal base environment for running applications built with technologies that aren't officially supported by Zerops, or for custom setups requiring full control over the runtime environment while keeping resource usage low.
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## Feature Highlights
+
+- [Create Alpine service](/alpine/how-to/create) — Start with creating an Alpine service using GUI or zCLI.
+- [zerops.yaml](/alpine/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to configure your own app.
+- [Scaling configuration](/alpine/how-to/scaling) — Set up scaling of your Alpine service so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/alpine/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/alpine/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you built something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/alpine/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Bun > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Bun application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -1068,51 +1524,65 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: bun@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - bun i
         - bun run build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: bun@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customise the runtime Bun environment by installing additional
       # dependencies to the base Bun runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Bun application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Bun application start command
       start: bun start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -1123,6 +1593,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -1132,11 +1603,23 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Bun builds:
+
+- `bun@1.3.9`, `bun@1.3`, `bun@latest`
+- `bun@1.2.2`, `bun@1.2`
+- `bun@nightly`
+- `bun@canary`
+- `bun@1.1.34`, `bun@1.1(Ubuntu only)`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1147,14 +1630,20 @@ zerops:
       base: bun@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
   major version of Bun,
-  Zerops command line tool, `npm`,
+  [Zerops command line tool](/references/cli), `npm`,
   `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1168,34 +1657,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](build-pipeline#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Bun defined in the [base](build-pipeline#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1204,6 +1711,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: bun@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -1211,20 +1719,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1233,42 +1752,59 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: bun@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - bun i
         - bun run build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](build-pipeline#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](build-pipeline#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     bun i
     bun run build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - bun i
   - bun run build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - bun i --verbose
   - bun run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -1277,56 +1813,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -1338,22 +1899,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -1362,6 +1934,7 @@ zerops:
     build:
       base: bun@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -1370,12 +1943,24 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Bun version for your runtime.
+
 Following options are available for Bun runtimes:
+
+- `bun@1.3.9`, `bun@1.3`, `bun@latest`
+- `bun@1.2.2`, `bun@1.2`
+- `bun@nightly`
+- `bun@canary`
+- `bun@1.1.34`, `bun@1.1(Ubuntu only)`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1385,18 +1970,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: bun@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: bun@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Bun, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1406,6 +1998,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: bun@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -1415,36 +2008,58 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Bun service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Bun service](/features/access).
+
 Each port has following attributes:
+
 | parameter   | description                                                                                                                                                                                                                                                                                                            |
 | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | port        | Defines the port number. You can set any port number between _10_ and _65435_. Ports outside this interval are reserved for internal Zerops systems.                                                                                                                                                                   |
 | protocol    | **Optional.** Defines the protocol. Allowed values are `TCP` or `UDP`. Default value is `TCP`.                                                                                                                                                                                                                         |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Bun runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Bun environment contains {data.alpine.default} the selected
-  major version of Bun, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Bun, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1452,6 +2067,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -1461,27 +2077,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](build-pipeline#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the custom runtime cache go to `yyy`
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
-  The prepare runtime container contains {data.alpine.default}, the selected major version of Bun, Zerops command line tool and `npm`,
+
+<p>
+  The prepare runtime container contains {data.alpine.default}, the selected major version of Bun, [Zerops command line tool](/references/cli) and `npm`,
   `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -1490,6 +2124,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -1499,15 +2134,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -1516,22 +2156,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Bun application is started via the [start command](build-pipeline#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the [horizontal scaling](scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](build-pipeline#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -1546,57 +2199,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Bun application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Bun application start command
       start: bun start
 ```
+
 We recommend starting your Bun application using `bun start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Bun application start command
       start: bun start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -1604,25 +2284,32 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](create#set-secret-environment-variables) as your Bun application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Bun application start command
       start: bun start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -1631,13 +2318,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -1646,14 +2338,23 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
+
 <table className="w-full my-1.5">
   <thead>
     <tr>
@@ -1683,13 +2384,16 @@ If your application requires a https request, set <code>scheme: https</code></td
     </tr>
   </tbody>
 </table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -1698,25 +2402,33 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](create#set-secret-environment-variables) as your Bun application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -1728,8 +2440,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Bun > How To > Build Process
@@ -1746,34 +2460,58 @@ Read more about how the [readiness check works](deploy-process#readiness-checks)
 
 # Bun > How To > Create
 
+
 Zerops provides a powerful Bun runtime service with extensive build support. The Bun runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Bun environment up and running in no time.
+
 ## Create a Bun service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Bun service:
+
+[Video: /vids/services/bun.webm](/vids/services/bun.webm)
+
 ### Choose a Bun version
+
 Zerops supports the following Bun versions:
+
 :::info
 You can easily [upgrade](upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](env-variables#service-env-variables) in Zerops.
+
 ## Create a Bun service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Bun service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](create#create-a-project-description-file)
 3. [Create a project with a Bun and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -1795,13 +2533,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Bun service with default [auto scaling](scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -1846,102 +2589,170 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Bun service and a [PostgreSQL](/postgresql/overview) service.
+
 Bun service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](build-pipeline#ports). Bun service will run with custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
+
 | Parameter       | Description                                                                                                                     | Limitations             |
 | --------------- | ------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
 | **name**        | The name of the new project. Duplicates are allowed.                                                                            |                         |
 | **description** | **Optional.** Description of the new project.                                                                                   | Maximum 255 characters. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Bun and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Bun service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines  custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/bun/how-to/scaling#configure-scaling).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/bun/how-to/scaling#configure-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for  horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/bun/how-to/scaling#configure-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Bun service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -1962,33 +2773,37 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Bun service with default [auto scaling](scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
 ----------------------------------------
 
 # Bun > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'Global Bun tools: When you need CLI tools or utilities available system-wide',
-  'Native dependencies: When your Bun packages require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -2042,78 +2857,140 @@ System packages for processing: When your app processes images, videos, or files
 
 # Bun > Overview
 
+
 [Bun ↗](https:/bun.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-bun), a **_recipe_**, containing the most simple Bun web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Bun app running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Bun app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "bun" recipe on Zerops](https://app.zerops.io/recipe/?lf=bun)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-bun/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-bun
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: bun@1.1
     enableSubdomainAccess: true
     buildFromGit: https://github.com/zeropsio/recipe-bun
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://api-806-3000.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 {"message":"This is a simple, basic Bun application running in Zerops.io,\n          each request adds an entry to the PostgreSQL database and returns a count.\n          See the source repository (https://github.com/zeropsio/recipe-bun) for more information.","newEntry":"dfd1e873-bfc8-4f36-af07-e32561820b93","count":"1"}
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/bun/how-to/create) — Dive in all Zerops has to offer for your Bun application.
+- [Bun recipes](https://github.com/zeropsio?q=Bun&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Bun service](/bun/how-to/create) — Start with creating a Bun service using GUI or zCLI.
+- [Zerops.yaml](/bun/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/bun/how-to/scaling) — Set up scaling of your Bun application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/bun/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/bun/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Clickhouse > Overview
 
+
 Zerops provides a fully managed [ClickHouse](https://clickhouse.com/) columnar database optimized for blazing-fast analytical queries on massive datasets, making it ideal for data warehousing and real-time analytics applications.
+
 ## Supported Versions
+
 Currently supported ClickHouse version:
+
 Import configuration version:
+
+- `clickhouse@25.3`
+
 ## Service Configuration
+
 Our ClickHouse implementation features optimized default settings designed for analytical workloads and data warehousing use cases.
+
 ### Resource Allocation
+
 Zerops automatically allocates resources to your ClickHouse service based on demand within the limits defined in your [automatic scaling configuration](/features/scaling).
+
 ## High Availability and Deployment Modes
+
 :::important
 Deployment mode is selected during service creation and cannot be changed later.
 :::
+
 ### High-Availability (HA) Setup
+
 The recommended solution for production workloads and mission-critical analytics:
+
 * **3 data nodes** with automatic monitoring, repairs, and replication factor of 3
 * **Default cluster name:** `zerops` (currently 1 shard with 3 replicas)
+
 #### Replication Configuration
+
 The `Replicated` database engine handles replication automatically, but there are specific requirements you need to follow:
+
 **For Database Operations**
 Use this configuration when creating/managing databases:
+
 ```sql
 CREATE DATABASE uk ON CLUSTER '{cluster}'
 ENGINE = Replicated('/clickhouse/databases/{uuid}', '{shard}', '{replica}');
 ```
+
 **For Table Operations**
 Use `ENGINE = ReplicatedMergeTree` when creating tables (without the `ON CLUSTER '{cluster}'` clause):
+
 ```sql
 CREATE TABLE uk.uk_price_paid
 (
@@ -2133,11 +3010,14 @@ CREATE TABLE uk.uk_price_paid
     county    LowCardinality(String)
 ) ENGINE = ReplicatedMergeTree ORDER BY (postcode1, postcode2, addr1, addr2);
 ```
+
 For more details see:
 - https://clickhouse.com/docs/engines/database-engines/replicated
 - https://clickhouse.com/docs/engines/table-engines/mergetree-family/replication
 - https://clickhouse.com/docs/sql-reference/distributed-ddl
+
 You can use other `Replicated*` engines from the MergeTree family. Replication is only supported for tables in the MergeTree family:
+
 * `ReplicatedMergeTree`
 * `ReplicatedSummingMergeTree`
 * `ReplicatedReplacingMergeTree`
@@ -2145,102 +3025,153 @@ You can use other `Replicated*` engines from the MergeTree family. Replication i
 * `ReplicatedCollapsingMergeTree`
 * `ReplicatedVersionedCollapsingMergeTree`
 * `ReplicatedGraphiteMergeTree`
+
 User management (users, grants, etc.) is replicated by Keeper by default. The `ON CLUSTER '{cluster}'` clause is not needed when creating/deleting users or changing grants.
-The default `` database follows these practices. If you don't follow these recommendations, it is possible you will face issues in case of fail and repair scenario.
+
+The default `<service-hostname>` database follows these practices. If you don't follow these recommendations, it is possible you will face issues in case of fail and repair scenario.
+
 ### Single Container Installation
+
 Suitable for development and testing environments:
+
 * Consists of 1 ClickHouse node
 * Lower resource requirements
 * No automatic replication
+
 :::warning
 Use for development purposes or non-critical data only. **Make sure to have backups enabled** if using in production, as you can lose your data due to container volatility.
 :::
+
 ## Network Access & Protocols
+
 Zerops automatically configures secure authentication for your ClickHouse service.
+
 ### Default Database
-Zerops creates a default database with the same name as your service hostname (``) during service creation.
+Zerops creates a default database with the same name as your service hostname (`<service-hostname>`) during service creation.
+
 ### Default Users
+
 #### `zerops` User
 * Created automatically upon service creation
 * Has privileges for the default database
 * Password available as environment variable `password`
+
 #### `super` User
 * Administrative user for cluster management
 * Can create new databases, users, and manage permissions
 * Password available as environment variable `superUserPassword`
+
 ### Access Methods
+
 Services within the same project can access ClickHouse directly using:
 ```
-:
+<service-hostname>:<port>
 ```
+
 For HA cluster setups, you can also access specific data nodes:
 ```
-node-stable-.db..zerops:
+node-stable-<1..3>.db.<service-hostname>.zerops:<port>
 ```
+
 For external access, use `zcli` VPN to connect using the same connection strings.
+
 ClickHouse offers multiple interfaces for different use cases:
+
 #### Native TCP Protocol
 **Port:** `9000` (Environment variable: `port` or `portNative`)
+
 Optimal for high-performance applications and ClickHouse-native clients.
+
 More about it in [official ClickHouse docs](https://clickhouse.com/docs/interfaces/tcp).
+
 #### HTTP/HTTPS Interface
 **Port:** `8123` (Environment variable: `portHttp`)
+
 Ideal for web applications and REST API integrations.
+
 It is also possible to setup HTTPS domain access or enable subdomain for access from outside the project. Then you can access the database using following URL:
 - `https://clickhouse.my-awesome-domain.tld`
 - JDBC connection string example (use `ssl=true&sslmode=NONE` options):
 `jdbc:clickhouse:https://clickhouse.my-awesome-domain.tld:443/?ssl=true&sslmode=NONE`
+
 More about it in [official ClickHouse docs](https://clickhouse.com/docs/interfaces/http).
+
 #### MySQL Protocol
 **Port:** `9004` (Environment variable: `portMysql`)
+
 Enables connectivity from MySQL-compatible tools and applications.
+
 More about it in [official ClickHouse docs](https://clickhouse.com/docs/interfaces/mysql).
+
 #### PostgreSQL Protocol
 **Port:** `9005` (Environment variable: `portPostgresql`)
+
 Allows integration with PostgreSQL-compatible clients and ORMs.
+
 More about it in [official ClickHouse docs](https://clickhouse.com/docs/interfaces/postgresql).
+
 ## Backup and Recovery
+
 Zerops provides comprehensive backup functionality using ClickHouse's native backup capabilities.
+
 ### Backup Process
+
 * Backups are performed using ClickHouse SQL command `BACKUP ALL ...` with `super` user permissions
 * All databases are backed up (excluding system databases)
 * Backup files are stored as `tar.gz` archives
 * Contains the complete folder structure produced by the SQL backup command
+
 ### Restore Options
+
 #### Option 1: Custom S3 Bucket Restore
+
 1. Download backup from Zerops GUI or via API
 2. Extract the tar.gz archive and upload to your S3 bucket
 3. Restore using ClickHouse SQL commands:
+
 ```sql
 -- Restore specific table
 RESTORE TABLE mydb.mytable AS mydb.mytable2
 FROM S3('https://storage-prg1.zerops.io/mybucket/path/to/dir/with/untarred/backup',
         'my-access-key-id', 'my-secret-key');
+
 -- Restore all data
 RESTORE ALL FROM S3('https://storage-prg1.zerops.io/mybucket/path/to/backup',
                    'my-access-key-id', 'my-secret-key');
+
 -- see https://clickhouse.com/docs/operations/backup#configuring-backuprestore-to-use-an-s3-endpoint
 ```
+
 #### Option 2: Support-Assisted Restore
+
 Contact Zerops support on Discord, and we'll place the backup on the container's filesystem for restoration using the `File` driver (see [ClickHouse documentation](https://clickhouse.com/docs/operations/backup) for further info).
+
 :::note
 A simple GUI/API action for backup restoration is on our roadmap for future releases.
 :::
+
 ## Troubleshooting
+
 ### Common Issues
+
 #### Connection Problems
 * Verify you're using the correct port for your chosen protocol
 * Check that your service is running and healthy in the Zerops dashboard
 * For HA clusters, try connecting to specific nodes if the main endpoint fails
 * Ensure authentication credentials are correct
+
 #### Replication Issues
 * Verify you're using `ON CLUSTER '{cluster}'` for database operations
 * Confirm tables use `ReplicatedMergeTree` engines
+
 ## Learn More
+
 - [Official ClickHouse Documentation](https://clickhouse.com/docs) - Comprehensive guide to ClickHouse features and SQL syntax
 - [ClickHouse Replication Guide](https://clickhouse.com/docs/engines/table-engines/mergetree-family/replication) - Detailed replication concepts
 - [Distributed DDL Reference](https://clickhouse.com/docs/sql-reference/distributed-ddl) - Cluster operations documentation
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zerops)
 - Contact support via [email](mailto:support@zerops.io)
@@ -2249,9 +3180,13 @@ For advanced configurations or custom requirements:
 
 # Deno > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Deno application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -2260,49 +3195,63 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: deno@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - deno task build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - deno.jsonc
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: directory
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: deno@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customise the runtime Deno environment by installing additional
       # dependencies to the base Deno runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Deno application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Deno application start command
       start: deno task start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -2313,6 +3262,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -2322,11 +3272,20 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Deno builds:
+
+- `deno@2.0.0`, `deno@2`, `deno@latest`
+- `deno@1.45.5`, `deno@1`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2337,12 +3296,18 @@ zerops:
       base: deno@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Deno, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+  major version of Deno, [Zerops command line tool](/references/cli), `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2356,34 +3321,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Deno defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2392,6 +3375,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: deno@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -2399,20 +3383,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/deno/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2421,40 +3416,57 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: deno@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - deno task build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     deno test
     deno task build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - deno task build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/deno/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - npm i --verbose
   - npm run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -2463,56 +3475,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -2524,22 +3561,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -2548,6 +3596,7 @@ zerops:
     build:
       base: deno@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -2556,12 +3605,21 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/deno/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Deno version for your runtime.
+
 Following options are available for Deno builds:
+
+- `2.0`
+- `1.45`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2571,18 +3629,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: deno@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: deno@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Deno, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2592,6 +3657,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: deno@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -2601,36 +3667,58 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Deno service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Deno service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
+
 | parameter   | description                                                                                                                                                                                                                                                                                                            |
 | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | port        | Defines the port number. You can set any port number between _10_ and _65435_. Ports outside this interval are reserved for internal Zerops systems.                                                                                                                                                                   |
 | protocol    | **Optional.** Defines the protocol. Allowed values are `TCP` or `UDP`. Default value is `TCP`.                                                                                                                                                                                                                         |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Deno runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Deno environment contains {data.alpine.default} the selected
-  major version of Deno, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Deno, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2638,6 +3726,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -2647,27 +3736,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/deno/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the custom runtime cache go to `yyy`
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Deno, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Deno, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -2676,6 +3783,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -2685,15 +3793,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -2702,22 +3815,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Deno application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/deno/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/deno/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -2732,57 +3858,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/deno/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Deno application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Deno application start command
       start: deno task start
 ```
+
 We recommend starting your Deno application using `deno task start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Deno application start command
       start: deno task start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -2790,25 +3943,32 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/deno/how-to/create#set-secret-environment-variables) as your Deno application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Deno application start command
       start: deno task start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -2817,13 +3977,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -2832,14 +3997,23 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/deno/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
+
 <table className="w-full my-1.5">
   <thead>
     <tr>
@@ -2869,13 +4043,16 @@ If your application requires a https request, set <code>scheme: https</code></td
     </tr>
   </tbody>
 </table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -2884,25 +4061,33 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/deno/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/deno/how-to/create#set-secret-environment-variables) as your Deno application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -2914,88 +4099,136 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/deno/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Deno > How To > Build Process
 
-  
+
 ## Build process overview
+
 Zerops starts a temporary build container and performs the following actions:
+
 1. **Installs the build environment** - Sets up base system and Deno runtime
 2. **Downloads your application source code** - From [GitHub ↗](https://www.github.com), [GitLab ↗](https://www.gitlab.com) or via [Zerops CLI](/references/cli)
 3. **Optionally customizes the build environment** - Runs prepare commands if configured
 4. **Runs the build commands** - Executes your build process
 5. **Uploads the application artifact** - Stores build output to internal Zerops storage
 6. **Caches selected files** - Preserves specified files for faster future builds
+
 The build container is automatically deleted after the build has finished or failed.
+
 ## Build configuration
+
 Configure your Deno build process in your `zerops.yaml` file according to the [full build & deploy Deno pipeline guide](/deno/how-to/build-pipeline).
+
 ## Build environment
+
 ### Default Deno build environment
+
 The default Deno build environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - Selected version of Deno defined in `zerops.yaml` [build.base](/deno/how-to/build-pipeline#base) parameter
 - [zCLI](/references/cli), Zerops command line tool
 - Deno and Git
+
 ### Customize build environment
+
 To install additional packages or tools, add one or more [build.prepareCommands](/deno/how-to/build-pipeline#preparecommands) to your `zerops.yaml`.
+
 :::info
 The application code is available in the `/build/source` folder in your build container before the prepare commands are triggered. This allows you to use any file from your application code in your prepare commands (e.g. a configuration file).
 :::
+
 ### Build hardware resources
+
 All runtime services use the same hardware resources for build containers:
-  
-      HW resource
-      Minimum
-      Maximum
-    
-      CPU cores
-      1
-      5
-    
-      RAM
-      8 GB
-      8 GB
-    
-      Disk
-      1 GB
-      100 GB
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>HW resource</strong></th>
+      <th className="w-fit"><strong>Minimum</strong></th>
+      <th className="w-fit"><strong>Maximum</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">CPU cores</td>
+      <td className="w-fit">1</td>
+      <td className="w-fit">5</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">RAM</td>
+      <td className="w-fit">8 GB</td>
+      <td className="w-fit">8 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Disk</td>
+      <td className="w-fit">1 GB</td>
+      <td className="w-fit">100 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 Build containers start with minimum resources and scale vertically up to maximum capacity as needed.
+
 :::info
 Build container resources are not charged separately. Limited build time is included in your [project core plan](/company/pricing#project-core-plans), with additional build time available if needed.
 :::
+
 ### Build time limit
+
 The time limit for the whole build pipeline is **1 hour**. After 1 hour, Zerops will terminate the build pipeline and delete the build container.
+
 ## Troubleshooting Deno builds
+
 ### Build command failures
+
 If any [build command](/deno/how-to/build-pipeline#buildcommands) fails (returns non-zero exit code), the build is canceled. Check the [build log](/deno/how-to/logs#build-log) to troubleshoot the error.
+
 For Deno, if the error log doesn't contain specific error messages, try running your build with verbose output:
+
 ```yaml
 buildCommands:
   - deno cache main.ts
   - deno compile --allow-net --allow-read main.ts
 ```
+
 ### Prepare command failures
+
 If any [prepare command](/deno/how-to/build-pipeline#preparecommands) fails, check the [build log](/deno/how-to/logs#build-log) for specific error messages. Common issues include:
+
 - Missing permissions in Deno commands (add --allow-net, --allow-read, etc.)
 - Ubuntu package installation failures (use sudo apt-get update first)
 - Deno cache directory permissions
+
 ### Build cache issues
+
 If you encounter unexpected build behavior or dependency issues, the problem might be related to [cached build data](/features/build-cache). While Zerops maintains the build cache to speed up deployments, sometimes you may need to start fresh.
+
 To invalidate the build cache:
+
 1. Go to your service detail in Zerops GUI
 2. Choose **Pipelines & CI/CD Settings** from the left menu
 3. Click on the **Invalidate build cache** button
+
 This will force Zerops to run the next build clean, including all prepare commands. Learn more about [build cache behavior](/features/build-cache).
+
 :::tip Advanced troubleshooting
 For complex build issues that require investigation, you can enable [debug mode](/features/debug-mode) to pause the build process at specific points and inspect the build container state interactively.
 :::
+
 ## More resources
+
 For more details about the build and deploy pipeline, including how to cancel builds and manage application versions, see the [general pipeline documentation](/features/pipeline).
+
 ## Next steps
+
 - Understand the [deployment process](/deno/how-to/deploy-process)
 - Learn how to [customize the runtime environment](/deno/how-to/customize-runtime)
 - Explore [build and runtime logs](/deno/how-to/logs)
@@ -3010,34 +4243,58 @@ For more details about the build and deploy pipeline, including how to cancel bu
 
 # Deno > How To > Create
 
+
 Zerops provides a powerful Deno runtime service with extensive build support. The Deno runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Deno environment up and running in no time.
+
 ## Create a Deno service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Deno service:
+
+[Video: /vids/services/deno.webm](/vids/services/deno.webm)
+
 ### Choose a Deno version
+
 Zerops supports the following Deno versions:
+
 :::info
 You can easily [upgrade](/deno/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](/deno/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create a Deno service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Deno service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/deno/how-to/create#create-a-project-description-file)
 3. [Create a project with a Deno and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -3059,13 +4316,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Deno version 20 service with default [auto scaling](/deno/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/deno/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -3110,103 +4372,171 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Deno service and a [PostgreSQL](/postgresql/overview) service.
+
 Deno service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/deno/how-to/build-pipeline#ports). Deno service will run on version 20 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
+
 | Parameter       | Description                                                                                                                     | Limitations             |
 | --------------- | ------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
 | **name**        | The name of the new project. Duplicates are allowed.                                                                            |                         |
 | **description** | **Optional.** Description of the new project.                                                                                   | Maximum 255 characters. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Deno and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Deno service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/deno/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/deno/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/deno/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/deno/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Deno service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -3227,49 +4557,71 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Deno service version 20 with default [auto scaling](/deno/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Deno > How To > Customize Runtime
 
+
 ## Build Custom Runtime Images
+
 Zerops allows you to build custom runtime images (CRI) when the default base runtime images don't meet your Deno application's requirements. This is an optional phase in the [build and deploy pipeline](/features/pipeline#runtime-prepare-phase-optional).
+
 :::important
 You should not include your application code in the custom runtime image, as your built/packaged code is deployed automatically into fresh containers.
 :::
+
 ## Configuration
+
 ### Default Deno Runtime Environment
+
 The default Deno runtime environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - Selected version of Deno when the runtime service was created
 - [zCLI](/references/cli)
 - Deno and Git
+
 ### When You Need a Custom Runtime Image
+
 If your Deno application needs more than what's included in the default environment, you'll need to build a custom runtime image. Common scenarios include:
+
 - **System packages for processing**: When your app processes images, videos, or files (requiring packages like `sudo apt-get install -y imagemagick`)
 - **Global Deno tools**: When you need CLI tools or utilities available system-wide
 - **Native dependencies**: When your Deno modules require system libraries that aren't in the default environment
+
 Here are Deno-specific examples of configuring custom runtime images in your `zerops.yml`:
+
 ### Basic Deno Setup
-    
+
 ### Using Build Files in Runtime Preparation
+
 ```yaml
 build:
   addToRunPrepare:
@@ -3281,18 +4633,26 @@ run:
     - sudo apt-get install -y imagemagick
     - deno cache deps.ts
 ```
+
 For complete configuration details, see the [runtime prepare phase configuration guide](/features/pipeline#configuration).
+
 ## Process and Caching
+
 ### How Runtime Prepare Works
 The runtime prepare process follows the same steps for all runtimes. See [how runtime prepare works](/features/pipeline#how-it-works) for the complete process details.
+
 ### Caching Behavior
 Zerops caches custom runtime images to optimize deployment times. Learn about [custom runtime image caching](/features/pipeline#custom-runtime-image-caching) including when images are cached and reused.
+
 ### Build Management
 For information about managing builds and deployments, see [managing builds and deployments](/features/pipeline#manage-builds-and-deployments).
+
 :::warning
 Shared storage mounts are not available during the runtime prepare phase.
 :::
+
 ## Troubleshooting
+
 If your `prepareCommands` fail, check the [prepare runtime log](/deno/how-to/logs#prepare-runtime-log) for specific error messages.
 
 ----------------------------------------
@@ -3347,62 +4707,112 @@ If your `prepareCommands` fail, check the [prepare runtime log](/deno/how-to/log
 
 # Deno > Overview
 
+
 [Deno ↗](https://deno.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 :::tip
 Have you got any additional question? Join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-deno), a **_recipe_**, containing the most simple Deno web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Deno app running in Zerops — as few libraries as possible,
+
+### 🚀 No Fuss, Just Deploy with Speed!
+
+This is the most bare-bones example of Deno app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "deno" recipe on Zerops](https://app.zerops.io/recipe/?lf=deno)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-deno/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-deno
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: deno@1
     buildFromGit: https://github.com/zeropsio/recipe-deno
     enableSubdomainAccess: true
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://api-7f6-8000.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 {"message":"This is a simple, basic Deno / Oak application running in Zerops.io,\n      each request adds an entry to the PostgreSQL database and returns a count.\n      See the source repository (https://github.com/zeropsio/recipe-deno) for more information.","newEntry":"274b0cc1-5b6d-4351-b8ec-53cf82bd9d0f","count":1}
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/deno/how-to/create) — Dive in all Zerops has to offer for your Deno application.
+- [Deno recipes](https://github.com/zeropsio?q=deno&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Deno service](/deno/how-to/create) — Start with creating a Deno service using GUI or zCLI.
+- [Zerops.yaml](/deno/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/deno/how-to/scaling) — Set up scaling of your Deno application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/deno/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/deno/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Docker > Overview
 
+
 Zerops provides Docker support through dedicated Virtual Machine (VM) environments, ensuring maximum compatibility and isolation while maintaining integration with the broader Zerops ecosystem. This guide explains how to effectively use Docker services in Zerops, including best practices and important considerations.
+
 ## Why VMs
+
 While Zerops primarily uses native Linux containers for optimal performance, this VM-based approach allows you to run virtually any Docker container while maintaining Zerops' robust infrastructure management.
+
 You can learn more about [differences](/features/container-vs-vm) between Containers and Virtual Machines in Zerops.
+
 Before using Docker services, consider these important aspects:
+
 ### Virtual Machine Environment
+
 Docker services in Zerops operate in a full VM environment, which has several implications:
+
 - **Slower Boot Times**: VMs require more time to initialize due to full kernel boot
 - **Higher Resource Usage**: VMs include additional system overhead compared to native containers
 - **Scaling Limitations**:
@@ -3411,42 +4821,59 @@ Docker services in Zerops operate in a full VM environment, which has several im
     - Zerops automatically restarts the VM when resource values are changed in UI
 - **Storage Management**: Disk space can only be increased, not decreased without recreation
 - **Build Phase Limitations**: Build phase runs in containers, not in the VM environment
+
 ### Advantages
+
 Despite these limitations, Docker services offer some benefits:
+
 - **Broad Compatibility**: Run almost any Docker container with minimal modification
 - **Familiar Environment**: Standard Docker runtime environment
+
 ## Configuration Guide
+
 ### Supported Version
+
 Currently supported Docker versions:
-Import configuration version:
+
 ### Basic Structure
+
 Docker services in Zerops are configured through the `zerops.yaml` file. Here's a typical configuration pattern:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     run:
       base: docker@latest
       prepareCommands:
-        - docker image pull :  # Always use specific version tags
-      start: docker run --network=host :
+        - docker image pull <your-image>:<version>  # Always use specific version tags
+      start: docker run --network=host <your-image>:<version>
       ports:
-        - port: 
+        - port: <port-number>
           httpSupport: true
 ```
+
 :::important
 Always use specific version tags (like `1.0.0`) instead of `:latest`. Zerops caches the `prepareCommands` output, which means a new `:latest` image won't be automatically pulled on subsequent deployments unless the cache is manually cleared or the commands change.
 :::
+
 Refer to the [Docker recipe repository](https://github.com/zeropsio/recipe-docker) for an example configuration.
+
 :::note
 We are actively working on improving the speed of image caching after `run.prepareCommands` and reducing the startup time of runtime VMs. These improvements will be released in future updates.
 :::
+
 ### Network Configuration
+
 Docker services require the `--network=host` flag for proper integration with Zerops:
+
 - **Direct Port Management**: Ports are managed through `zerops.yaml`
 - **Simplified Configuration**: Avoids double port exposure in Docker and Zerops
 - **Native Performance**: Direct access to host networking
+
 ### Docker Compose Support
+
 For projects using Docker Compose, additional configuration is required:
+
 1. **File Deployment**:
    ```yaml title="zerops.yaml"
    build:
@@ -3454,6 +4881,7 @@ For projects using Docker Compose, additional configuration is required:
      deployFiles: ./docker-compose.yaml
      addToRunPrepare: ./docker-compose.yaml
    ```
+
 2. **Network Mode**:
    ```yaml title="docker-compose.yaml"
    services:
@@ -3461,15 +4889,21 @@ For projects using Docker Compose, additional configuration is required:
        image: your-image:1.0.0
        network_mode: host
    ```
+
 3. **Start Command**:
    ```yaml title="zerops.yaml"
    run:
      start: docker compose up --force-recreate
    ```
+
 ### Environment Variables
+
 When using Docker services, there's an additional layer to consider since environment variables defined in Zerops must be explicitly passed to your Docker containers.
+
 #### 1. Defining Variables in Zerops
+
 Define your environment variables in the `run.envVariables` section of your `zerops.yaml` (example uses [referenced](/features/env-variables#referencing-variables) variables):
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -3479,8 +4913,11 @@ zerops:
         DB_HOST: ${db_hostname}
         DB_PORT: ${db_port}
 ```
+
 #### 2. Passing Variables to Docker Containers
+
 For single containers, pass variables using the `-e` flag:
+
 ```yaml title="zerops.yaml"
 run:
   base: docker@latest
@@ -3488,10 +4925,13 @@ run:
     - docker image pull my-application:1.0.0  # Use specific version tags, not :latest
   start: docker run -e DB_HOST -e DB_PORT --network=host my-application:1.0.0
 ```
+
 :::important
 Always use specific version tags (like `1.0.0`) instead of `:latest`. Zerops caches the `prepareCommands` output, which means a new `:latest` image won't be automatically pulled on subsequent deployments unless the cache is manually cleared or the commands change.
 :::
+
 For Docker Compose setups, pass environment variables in your `docker-compose.yaml`:
+
 ```yaml title="docker-compose.yaml"
 services:
   api:
@@ -3501,8 +4941,11 @@ services:
       - DB_HOST
       - DB_PORT
 ```
+
 ## Implementation Examples
+
 ### Single Container
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -3515,10 +4958,13 @@ zerops:
         - port: 8000
           httpSupport: true
 ```
+
 :::important
 Always use specific version tags (like `1.0.0`) instead of `:latest`. Zerops caches the `prepareCommands` output, which means a new `:latest` image won't be automatically pulled on subsequent deployments unless the cache is manually cleared or the commands change.
 :::
+
 ### Single Service with Docker Compose
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: api
@@ -3535,6 +4981,7 @@ zerops:
         - port: 8000
           httpSupport: true
 ```
+
 ```yaml title="docker-compose.yaml (excerpt)"
 services:
   api:
@@ -3542,7 +4989,9 @@ services:
     network_mode: host
     # other configuration...
 ```
+
 ### Multiple Services with Docker Compose
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: apps
@@ -3559,36 +5008,49 @@ zerops:
         - port: 8000
           httpSupport: true
 ```
+
 ```yaml title="docker-compose.yaml (excerpt)"
 services:
   web:
     image: web-image:1.0.0
     network_mode: host
     # other configuration...
+
   api:
     image: api-image:1.0.0
     network_mode: host
     # other configuration...
 ```
+
 ## Best Practices
+
 #### Image Management
 - **Always use specific version tags** instead of `:latest` - This prevents caching issues as Zerops caches `prepareCommands` output
+
 #### Resource Planning
 - Account for VM overhead in resource allocation
 - Plan for longer initialization times
 - Consider the impact on scaling operations
+
 #### Migration Consideration
 - Evaluate if your workload could run on native containers
 - Consider gradual migration for complex applications
 - Balance development effort against operational benefits
+
 ## Limitations and Workarounds
+
 ### Build Phase
+
 Since the build phase runs in containers rather than VMs:
+
 - Use `run.prepareCommands` for Docker-specific build steps
 - Consider external CI/CD for complex Docker builds
 - Leverage pre-built images when possible
+
 ### Scaling Operations
+
 Docker services in Zerops have specific scaling characteristics that differ from native containers:
+
 #### Vertical Scaling
 - Resources must be defined with **fixed** values instead of min-max ranges
 - CPU, RAM, and disk are specified as single values:
@@ -3600,6 +5062,7 @@ Docker services in Zerops have specific scaling characteristics that differ from
   ```
 - Any change to these values through the UI triggers an automatic VM restart
 - Plan your resource allocation carefully to minimize scaling operations
+
 #### Horizontal Scaling
 - Still supports multiple containers through `minContainers` and `maxContainers`
 - Consider breaking large services into smaller components
@@ -3610,9 +5073,13 @@ Docker services in Zerops have specific scaling characteristics that differ from
 
 # Dotnet > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your .NET application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -3621,51 +5088,65 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: dotnet@6
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: dotnet@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 5000
+
       # OPTIONAL. Customize the runtime .NET environment by installing additional
       # dependencies to the base .NET runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your .NET application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your .NET application start command
       start: npm start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -3676,6 +5157,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -3685,11 +5167,23 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for .NET builds:
+
+- `dotnet@10`, `dotnet@latest`
+- `dotnet@9`
+- `dotnet@8`
+- `dotnet@7`
+- `dotnet@6`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3700,12 +5194,18 @@ zerops:
       base: dotnet@6
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of .NET, Zerops command line tool, `ASP .NET` and `git`.
+  major version of .NET, [Zerops command line tool](/references/cli), `ASP .NET` and `git`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3719,34 +5219,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of .NET defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `ASP .NET` and `git`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3755,6 +5273,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: dotnet@6
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -3762,20 +5281,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/dotnet/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3784,96 +5314,138 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: dotnet@6
+
       # OPTIONAL. Build your application
       buildCommands:
         - dotnet build -o app
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     sudo apt-get -y install dotnet-runtime-6.0 aspnetcore-runtime-6.0 dotnet-sdk-6.0 # already installed for .NET service
     dotnet build -o app
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - sudo apt-get -y install dotnet-runtime-6.0 aspnetcore-runtime-6.0 dotnet-sdk-6.0 # already installed for .NET service
   - dotnet build -o app
 ```
+
 #### Command exit code
-If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/dotnet/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the `--verbosity ` option.
+
+If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/dotnet/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the `--verbosity <LEVEL>` option.
+
 ```yaml
 buildCommands:
   - dotnet build --verbosity detailed
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -3885,22 +5457,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -3909,6 +5492,7 @@ zerops:
     build:
       base: dotnet@6
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         DOTNET_ENV: production
@@ -3917,12 +5501,24 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/dotnet/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current .NET version for your runtime.
+
 Following options are available for .NET builds:
+
+- `dotnet@10`, `dotnet@latest`
+- `dotnet@9`
+- `dotnet@8`
+- `dotnet@7`
+- `dotnet@6`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3932,18 +5528,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: dotnet@6
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: dotnet@6
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
-  selected major version of .NET, Zerops command line tool and `ASP .NET` and `git`.
+  selected major version of .NET, [Zerops command line tool](/references/cli) and `ASP .NET` and `git`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -3953,6 +5556,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: dotnet@6
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -3962,43 +5566,74 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a .NET service with hostname = "app" and port = 5000 from another service of the same project, simply use `app:5000`. Read more about [how to access a .NET service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the .NET runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base .NET environment contains {data.alpine.default}, the selected
-  major version of .NET, Zerops command line tool and `ASP .NET` and `git`. To install additional packages
+  major version of .NET, [Zerops command line tool](/references/cli) and `ASP .NET` and `git`. To install additional packages
   or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4006,6 +5641,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -4015,29 +5651,47 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/dotnet/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
   selected major version of .NET,
-  Zerops command line tool and
+  [Zerops command line tool](/references/cli) and
   `ASP .NET` and `git`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4046,6 +5700,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -4055,15 +5710,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -4072,22 +5732,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your .NET application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/dotnet/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/dotnet/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -4102,56 +5775,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/dotnet/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your .NET application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your .NET application start command
       start: cd app && dotnet dnet.dll
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your .NET application start command
       start: cd app && dotnet dnet.dll
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -4159,30 +5858,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your .NET application.
+
+        The command has access to the same [environment variables](/dotnet/how-to/create#set-secret-environment-variables) as your .NET application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your .NET application start command
       start: cd app && dotnet dnet.dll
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -4191,13 +5907,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -4206,40 +5927,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/dotnet/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -4248,30 +5991,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/dotnet/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your .NET application.
+
+        The command has access to the same [environment variables](/dotnet/how-to/create#set-secret-environment-variables) as your .NET application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -4283,8 +6044,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/dotnet/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Dotnet > How To > Build Process
@@ -4301,35 +6064,60 @@ Read more about how the [readiness check works](/dotnet/how-to/deploy-process#re
 
 # Dotnet > How To > Create
 
+
 Zerops provides a .NET runtime service with extensive build support. .NET runtime is highly scalable and customisable to suit both development and production.
+
 ## Create .NET service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new .NET service:
+
+[Video: /vids/services/dotnet.webm](/vids/services/dotnet.webm)
+
 ### Choose .NET version
+
 Following .NET versions are currently supported:
+
 :::info
 You can [change](/dotnet/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/dotnet/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create .NET service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new .NET service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/dotnet/how-to/create#create-a-project-description-file)
 3. [Create a project with a .NET and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -4350,13 +6138,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one .NET version 6 service with default [auto scaling](/dotnet/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/dotnet/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -4401,113 +6194,172 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a .NET service and a [PostgreSQL](/postgresql/overview) service.
+
 .NET service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/dotnet/how-to/build-pipeline#ports). .NET service will run on version 6 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains .NET and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
+
         See what [.NET service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/dotnet/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/dotnet/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/dotnet/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/dotnet/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add .NET service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -4528,33 +6380,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one .NET service version 6 with default [auto scaling](/dotnet/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Dotnet > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'Native libraries: When your .NET packages require system libraries that aren\'t in the default environment',
-  'Development tools: When you need additional debugging or profiling tools',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -4608,13 +6465,21 @@ System packages for processing: When your app processes images, videos, or files
 
 # Dotnet > Overview
 
+
 [.NET ↗](https://dotnet.microsoft.com/en-us/) is the free, open-source, cross-platform framework for building modern apps and powerful cloud services..
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-dotnet-hello-world), a **_recipe_**, containing the most simple .NET web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of .NET running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of .NET running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "dotnet" recipe on Zerops](https://app.zerops.io/recipe/?lf=dotnet)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-dotnet-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -4626,86 +6491,145 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-dotnet-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/dotnet/how-to/create) — Dive in all Zerops has to offer for your .NET application.
+
 ## Feature Highlights
+
+- [Create .NET service](/dotnet/how-to/create) — Start with creating a .NET service using GUI or zCLI.
+- [zerops.yaml](/dotnet/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/dotnet/how-to/scaling) — Set up scaling of your .NET application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/dotnet/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/dotnet/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/dotnet/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Elasticsearch > Overview
 
+
 Deploy [Elasticsearch](https://www.elastic.co/elasticsearch/) instances in Zerops with flexible scaling options, from standalone nodes to highly available clusters.
+
 ## Supported Versions
+
 Currently supported Elasticsearch versions:
+
 Import configuration version:
+
+- `elasticsearch@9.2`
+- `elasticsearch@8.16`
+
 ## Connection Details
+
 - **Port**: 9200
 - **Protocol**: HTTP only
 - **Internal Access**: `http://{hostname}:9200`
 - **Basic auth security**
     - **User**: `elastic`
     - **Password**: randomly generated during service creation, find under **Access Details** in service detail
+
 #### Example
 ```sh
 curl -u elastic:generatedpassword http://elasticsearch:9200
 ```
+
 ## Configuration Options
+
 ### Plugin Management
+
 You can configure Elasticsearch plugins using a comma-separated list in your environment secrets:
+
 ```yaml
 envSecrets:
   PLUGINS: "analysis-icu,ingest-attachment"
 ```
+
 **Plugin Configuration Details:**
 - Defines plugins to install at service startup
 - **Format**: `plugin1,plugin2,...`
 - Service automatically installs specified plugins during initialization
 - Removing a plugin from this list triggers uninstallation on service restart
+
 ### JVM Heap Allocation
+
 Control the JVM heap size as a percentage of container memory:
+
 ```yaml
 envSecrets:
   HEAP_PERCENT: "75"
 ```
+
 **Heap Configuration Details:**
 - Value represents the percentage of container memory allocated to JVM heap
 - **Default**: 50% of available container memory
 - **Valid range**: 1-100
 - To increase available memory, adjust the service's RAM allocation in scaling configuration
+
 :::note Requires Restart
 Changes to HEAP_PERCENT require a service restart to take effect.
 :::
+
 ## Backup
+
 Elasticsearch backups are created using `elasticdump`:
+
 - **Format**: `.gz` (per index/component dump)
 - **Tooling**: `elasticdump`
 - **Compression**: Gzip compressed JSON data
+
 For backup configuration, scheduling, retention policies, and management options, see the [Zerops Backups](/features/backup) documentation.
+
 ### Restoring Backups
+
 To restore an Elasticsearch backup:
+
 1. **Download** the backup file (`.gz`) from the Zerops UI
 2. **Extract** the compressed files to access the JSON data
 3. **Prepare** your target environment (clean existing indices or use a new instance)
 4. **Restore** using either:
    - **elasticdump tool**: Use the same tool that created the backup for restoration via Zerops VPN or during deployment
    - **Elasticsearch API**: Import the data through REST API [calls](https://www.elastic.co/docs/deploy-manage/tools/snapshot-and-restore/restore-snapshot)
+
 For assistance with the restoration process, contact Zerops support.
+
 ## Example Configuration
+
 ```yaml
 services:
   - hostname: elasticsearch
@@ -4715,7 +6639,9 @@ services:
       PLUGINS: "analysis-icu,ingest-attachment"
       HEAP_PERCENT: "75"
 ```
+
 ## Related Resources
+
 - [Elasticsearch Official Documentation](https://www.elastic.co/guide/index.html)
 - [Available Elasticsearch Plugins](https://www.elastic.co/guide/en/elasticsearch/plugins/current/index.html)
 
@@ -4723,9 +6649,13 @@ services:
 
 # Elixir > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Elixir application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -4734,49 +6664,63 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: elixir@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - mix deps.get --only prod
         - mix compile
         - mix release
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: _build/prod/rel/app/
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: elixir@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customise the runtime Elixir environment by installing additional
       # dependencies to the base Elixir runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Elixir application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Elixir application start command
       start: npm start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -4787,6 +6731,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -4796,11 +6741,19 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Elixir builds:
+
+- `1.16`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4811,12 +6764,18 @@ zerops:
       base: elixir@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Elixir, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+  major version of Elixir, [Zerops command line tool](/references/cli), `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4830,34 +6789,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Elixir defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4866,6 +6843,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: elixir@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -4873,20 +6851,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/elixir/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -4895,42 +6884,59 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: elixir@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     npm i
     npm run build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - npm i
   - npm run build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/elixir/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - npm i --verbose
   - npm run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -4939,56 +6945,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -5000,22 +7031,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -5024,6 +7066,7 @@ zerops:
     build:
       base: elixir@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -5032,12 +7075,20 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/elixir/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Elixir version for your runtime.
+
 Following options are available for Elixir builds:
+
+- `1.16`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5047,18 +7098,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: elixir@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: elixir@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Elixir, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5068,6 +7126,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: elixir@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -5077,36 +7136,58 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Elixir service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Elixir service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
+
 | parameter   | description                                                                                                                                                                                                                                                                                                            |
 | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | port        | Defines the port number. You can set any port number between _10_ and _65435_. Ports outside this interval are reserved for internal Zerops systems.                                                                                                                                                                   |
 | protocol    | **Optional.** Defines the protocol. Allowed values are `TCP` or `UDP`. Default value is `TCP`.                                                                                                                                                                                                                         |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Elixir runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Elixir environment contains {data.alpine.default} the selected
-  major version of Elixir, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Elixir, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5114,6 +7195,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -5123,27 +7205,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/elixir/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the custom runtime cache go to `yyy`
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Elixir, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Elixir, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -5152,6 +7252,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -5161,15 +7262,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -5178,22 +7284,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Elixir application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/elixir/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/elixir/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -5208,57 +7327,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/elixir/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Elixir application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Elixir application start command
       start: npm start
 ```
+
 We recommend starting your Elixir application using `npm start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Elixir application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -5266,25 +7412,32 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/elixir/how-to/create#set-secret-environment-variables) as your Elixir application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Elixir application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -5293,13 +7446,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -5308,14 +7466,23 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/elixir/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
+
 <table className="w-full my-1.5">
   <thead>
     <tr>
@@ -5345,13 +7512,16 @@ If your application requires a https request, set <code>scheme: https</code></td
     </tr>
   </tbody>
 </table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -5360,25 +7530,33 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/elixir/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/elixir/how-to/create#set-secret-environment-variables) as your Elixir application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -5390,8 +7568,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/elixir/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Elixir > How To > Build Process
@@ -5408,34 +7588,58 @@ Read more about how the [readiness check works](/elixir/how-to/deploy-process#re
 
 # Elixir > How To > Create
 
+
 Zerops provides a powerful Elixir runtime service with extensive build support. The Elixir runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Elixir environment up and running in no time.
+
 ## Create a Elixir service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Elixir service:
+
+[Video: /vids/services/elixir.webm](/vids/services/elixir.webm)
+
 ### Choose a Elixir version
+
 Zerops supports the following Elixir versions:
+
 :::info
 You can easily [upgrade](/elixir/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](/elixir/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create a Elixir service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Elixir service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/elixir/how-to/create#create-a-project-description-file)
 3. [Create a project with a Elixir and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -5457,13 +7661,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Elixir version 20 service with default [auto scaling](/elixir/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/elixir/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -5508,103 +7717,171 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Elixir service and a [PostgreSQL](/postgresql/overview) service.
+
 Elixir service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/elixir/how-to/build-pipeline#ports). Elixir service will run on version 20 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
+
 | Parameter       | Description                                                                                                                     | Limitations             |
 | --------------- | ------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
 | **name**        | The name of the new project. Duplicates are allowed.                                                                            |                         |
 | **description** | **Optional.** Description of the new project.                                                                                   | Maximum 255 characters. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Elixir and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Elixir service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/elixir/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
-        Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
-        Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
-### Create a project based on the description.yaml
-When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/elixir/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
+        Current maximum value = 10.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/elixir/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
+        Current maximum value = 10.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/elixir/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
+### Create a project based on the description.yaml
+
+When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Elixir service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -5625,33 +7902,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Elixir service version 20 with default [auto scaling](/elixir/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Elixir > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'Erlang libraries: When you need additional Erlang libraries not included by default',
-  'Native dependencies: When your Mix dependencies require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -5705,124 +7987,196 @@ System packages for processing: When your app processes images, videos, or files
 
 # Elixir > Overview
 
+
 [Elixir ↗](https://elixir.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-elixir), a **_recipe_**, containing the most simple Elixir web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Elixir app running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Elixir app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "elixir" recipe on Zerops](https://app.zerops.io/recipe/?lf=elixir)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-elixir/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-elixir
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: elixir@1.16
     enableSubdomainAccess: true
     buildFromGit: https://github.com/zeropsio/recipe-elixir
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://api-808-4000.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 {"message":"This is a simple Elixir application running in Zerops.io, each request adds an entry to the PostgreSQL database and returns a count. See the source repository (https://github.com/zeropsio/recipe-elixir) for more information.","newEntry":"e64be640-d6c2-4be8-93ac-d1e40e56fa06","count":1}
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/elixir/how-to/create) — Dive in all Zerops has to offer for your Elixir application.
+- [Elixir recipes](https://github.com/zeropsio?q=elixir&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Elixir service](/elixir/how-to/create) — Start with creating a Elixir service using GUI or zCLI.
+- [Zerops.yaml](/elixir/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/elixir/how-to/scaling) — Set up scaling of your Elixir application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/elixir/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/elixir/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/elixir/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Features > Access
 
+
 Zerops provides multiple ways to access your services, whether you need internal communication between services, secure access from your development machine, or public access from the internet.
+
 :::note
 By default, your services are not publicly accessible until you configure external access. Internal communication between services within the same project works automatically.
 :::
+
 ## How Zerops Networking Works
+
 Every Zerops project includes a **shared networking infrastructure** that handles all access methods:
+
 **Private Project Network:**
 - All services within a project share a dedicated private network
 - Services communicate directly using hostnames and internal ports
 - Traffic stays isolated within your project
+
 **Public Access Infrastructure:**
 - **Core (L3) Balancer** manages IP addresses and direct port access
 - **L7 HTTP Balancer** handles domain routing and SSL termination
   - Can be extensively configured for advanced routing, performance optimization, and custom behaviors
   - See the [L7 Balancer Configuration Guide](/references/networking/l7-balancer-config) for detailed options
 - Both are shared across all services in your project
+
 **Secure External Access:**
 - **Built-in VPN** provides secure tunnel access to your project's private network
 - Useful for development, debugging, and administration
+
 ## Internal Access
+
 :::tip Complete Internal Access Setup
 See the [Internal access reference guide](/references/networking/internal-access).
 :::
+
 Services within the same project can communicate directly using hostnames and internal ports. No additional configuration required.
+
 **Example:** Connect to your `api` service on port 3000:
 ```
 http://api:3000
 ```
+
 **Key points:**
 - Use service hostname as the address
 - Use HTTP (not HTTPS) for internal communication
 - Access internal ports defined in your service configuration
 - Communication is automatically isolated from other projects
+
 ### Environment Variables
+
 Zerops automatically creates environment variables to help with internal connections between services.
+
 ## VPN Access
 :::tip Complete VPN Setup
 See the [VPN reference guide](/references/networking/vpn).
 :::
+
 Connect securely to your project's internal network from your local machine:
+
 ```bash
 # Connect to your project
-zcli vpn up 
+zcli vpn up <project-id>
+
 # Access services using internal hostnames
 curl http://api:3000/health
+
 # Disconnect when done
 zcli vpn down
 ```
+
 ## Public Access
+
 :::tip Complete Public Access Setup
 See the [Public access reference guide](/references/networking/public-access).
 :::
+
 Make your services accessible from the internet using one of three methods:
+
 ### Zerops Subdomain
 **Best for:** Development and testing
+
 - Quick setup with automatic `.zerops.app` subdomains
 - Each service gets its own unique subdomain
 - Automatic SSL certificate management
 - Shared infrastructure (has limitations for production use)
+
 ### Custom Domain
 **Best for:** Production deployments
+
 - Use your own domain names
 - Better performance with dedicated balancer
 - Full control over SSL and routing
 - Requires DNS configuration
+
 ### Direct Port Access
 **Best for:** Non-HTTP protocols and specialized use cases
+
 - Direct access to specific ports on your services
 - Supports any protocol (TCP/UDP)
 - Optional firewall configuration
 - Uses your project's IP addresses
+
 ## Next Steps
+
 - **Internal access setup:** [Internal Access Reference Guide](/references/networking/internal-access)
 - **Public access configuration:** [Public Access Reference Guide](/references/networking/public-access)
 - **VPN setup and troubleshooting:** [VPN Reference Guide](/references/networking/vpn)
@@ -5832,162 +8186,232 @@ Make your services accessible from the internet using one of three methods:
 
 # Features > Backup
 
+
 Zerops provides an automated, secure backup system for supported services. This guide covers how to configure, manage, and restore your backups.
+
 ## Supported Services
+
 Zerops provides automated backup functionality for the following services. For specific backup format details and restore instructions, visit each service's documentation: [MariaDB](/mariadb/how-to/backup), [PostgreSQL](/postgresql/how-to/backup), [Qdrant](/qdrant/overview), [Elasticsearch](/elasticsearch/overview), [NATS](/nats/overview), [Meilisearch](/meilisearch/overview), and [Shared Storage](/shared-storage/how-to/backup).
+
 ## Managing Backups in the UI
+
 By default, your data is backed up automatically **every day** between 00:00:00 UTC and 01:00:00 UTC, unless you update your settings.
+
 To manage backups, go to the service detail and choose **Backups List & Configuration** in the left menu.
+
 From this section, you can:
 - Create a one-time backup
 - Change the frequency/disable of automatic backups
 - Configure retention policies and limits
-  
+
 ### Backup Frequency Options
+
 Available schedules:
 - **No backups**: Disable automatic backups (not recommended)
 - **Once a day**: Daily backups at a specified time
 - **Once a week**: Weekly backups on a specific day and time
 - **Once a month**: Monthly backups on a specific day and time
 - **Custom CRON**: Define a custom schedule using CRON syntax
+
 For the Custom CRON option, you can use the following syntax:
-  
-      Field name
-      Allowed values
-    
-      Minute
-      0-59
-    
-      Hour
-      0-23
-    
-      Day
-      1-31
-    
-      Month
-      1-12
-    
-      Week Day
-      0–7; both 0 and 7 represent Sunday
-    
+
+<table className="w-full">
+  <thead>
+    <tr>
+      <th className="whitespace-nowrap w-fit">Field name</th>
+      <th className="w-full">Allowed values</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr className="text-left">
+      <td className="w-fit">Minute</td>
+      <td className="w-fit">0-59</td>
+    </tr>
+    <tr className="text-left">
+      <td className="w-fit">Hour</td>
+      <td className="w-fit">0-23</td>
+    </tr>
+    <tr className="text-left">
+      <td className="w-fit">Day</td>
+      <td className="w-fit">1-31</td>
+    </tr>
+    <tr className="text-left">
+      <td className="w-fit">Month</td>
+      <td className="w-fit">1-12</td>
+    </tr>
+    <tr className="text-left">
+      <td className="w-fit">Week Day</td>
+      <td className="w-fit">0–7; both 0 and 7 represent Sunday</td>
+    </tr>
+  </tbody>
+</table>
+
 Examples:
 - `0 2 * * *` - Every day at 2:00 AM
 - `0 4 * * 0` - Every Sunday at 4:00 AM
 - `0 0 1 * *` - First day of every month at midnight
 - `0 */6 * * *` - Every 6 hours
+
 ### Backup Tagging
+
 Zerops uses tags to categorize and manage backups:
+
 **Time-Based Tags** (assigned automatically):
 - `daily`: Every automatic backup
 - `weekly`: First backup of each week (Monday UTC)
 - `monthly`: First backup of each month (1st UTC)
+
 **User Tags** (custom labels you create):
 - Used for organization and identification (e.g., `v2.1-release`, `before-migration`, `monthly-snapshot`)
 - Add when creating manual backups - up to 24 characters (letters, numbers, `:-_`)
+
 **Protected Tags** (configured in retention policy):
 - Backups with these tag names are exempt from automatic deletion, regardless of storage limits
 - Define in the backup retention configuration section of the UI and add when creating manual backups
+
 :::important
 Manual backups don't get automatic time-based tags. Always add a protected tag to preserve critical manual backups.
 :::
+
 ### View and Manage Backup Files
+
 In this section, you can:
 - Create manual backups
 - View all backups with their timestamps and sizes
 - Download backups
 - Delete backups
-  
+
 :::note
 When creating manual backups via the UI, you'll see immediate feedback. If the backup takes longer than 10 seconds, the process continues in the background. You can verify completion by refreshing the backup list or checking service logs.
 :::
+
 ## Storage and Limits
+
 ### Project Storage Quotas
+
 Each Zerops project has a **technical maximum backup storage limit of 1 TiB**:
 - Only full backups are stored
 - If a backup would exceed the storage limit, it will not be stored
 - This quota is shared across all service backups within the project
+
 ### Billing
 - **Lightweight Project Core**: 5 GB backup storage and 100 GB egress included
 - **Serious Project Core**: 25 GB backup storage and 3 TB egress included
+
 When you exceed your plan's free limits, **additional charges apply** according to our [pricing](/company/pricing#overage-costs).
+
 ### Retention Policy and Configuration
+
 Zerops manages which backups are kept using a retention policy that you can customize through the UI:
+
 **Default Time-Based Retention** (minimums):
 - At least 7 daily backups
 - At least 4 weekly backups
 - At least 3 monthly backups
+
 **Default Resource Limits** (maximums):
 - Max 50 total backups per service
 - Storage limited to your project's 1 TiB technical maximum (with billing for usage beyond free tier)
+
 **Customization Options:**
 You can modify these defaults in the backup retention configuration interface:
 - **Set Protected Tags**: Define tag names that prevent automatic deletion of backups
 - **Configure Maximum Limits**: Adjust total number of backups and storage size limits per service
 - **Customize Minimum Retention**: Change how many daily, weekly, and monthly backups to keep
 - **Set Type-Specific Limits**: Control maximum backups for each type (0 means unlimited, subject to total limits)
+
 :::important
 Backups with [protected tags](#backup-tagging) and the minimum required time-based backups will always be kept, even if they exceed the limits above. This ensures your critical recovery points are preserved.
 :::
+
 If you need more storage space, contact our support team.
+
 ### When Deleting Services or Projects
+
 Deleted services/projects have their backups kept for a 7-day grace period before final removal.
+
 ## Command Line Interface
+
 You can also manage backups using the Zerops CLI (zCLI):
+
 ```bash
 # Create a backup
 zcli backup create myServiceName
+
 # Create a backup with tags (including protection)
 zcli backup create myServiceName --tags pre-deploy,protected
 ```
+
 Check `zcli backup --help` for current commands.
+
 :::note
 zCLI currently focuses on creation; listing/deletion/tag management is primarily via UI.
 :::
+
 ## Restoring Backups
+
 Restoration involves downloading backups and using service-specific methods. Zerops facilitates the backup creation and download; the restore action uses service-specific tools and APIs.
+
 1. **Download**: Find the backup in the UI (by date/tag) and download it
 2. **Prepare**: Set up your target environment (clean existing data or use a new instance)
 3. **Restore**: Use service-specific tools via Zerops VPN, run the restore during deployment, or use the service API if available. For service-specific restore instructions, see each service's documentation linked in the [Supported Services](#supported-services) section above.
+
 :::info Continuous Improvement
 We're working on enhancing the restore experience, potentially including more automated options in the future.
 :::
+
 For assistance with restoration, contact Zerops support.
+
 ## High Availability (HA)
+
 For multi-node HA services:
 - **Automatic Backups**: Run on a randomly selected healthy node
 - **Manual Backups**: Typically run on the primary/designated node (check logs)
 - **Cluster State**: Other nodes stay operational
+
 ## Security
+
 Backups are protected with end-to-end encryption:
+
 - **Unique Encryption**: Each project gets its own encryption key (X25519)
 - **Secure Process**: Data is encrypted immediately as backups are created
 - **Zero-Trust**: Even Zerops staff cannot access your raw backup data
 - **Isolated Storage**: Backups are stored separately from your regular data
 - **Secure Download**: Backups are only decrypted when you download them
+
 :::important
 When a project is deleted, the encryption key is permanently destroyed after 7 days, making the backup data unrecoverable.
 :::
+
 ## Best Practices
+
 1. **Create backups before major changes**:
    - Always create a manual backup with a protected tag before database migrations, deployments, or large data operations
    - Use descriptive tags like `pre-migration` or `pre-release-v2`
+
 2. **Manage storage efficiently**:
    - Regularly check usage in the Project Overview & Service Backup tabs to monitor free tier usage and stay within the 1 TiB technical limit
    - Remove unnecessary backups, especially those with [protected tags](#backup-tagging)
    - Adjust [retention policies](#retention-policy-and-configuration) based on your recovery needs
    - Regularly review and clean up old backups to optimize storage usage and minimize overage costs
+
 3. **Test your restore process** periodically in a non-production environment to ensure you can recover when needed
+
 ## Troubleshooting
+
 ### Storage Quota Issues
 **Cause**: High backup frequency, long retention periods, or many protected tags can lead to exceeding free tier limits or approaching technical maximums.
+
 **Solutions**:
 1. **Review & Prune**: Delete unnecessary manual backups or remove protected status from older backups
 2. **Adjust Retention Policy**: Reduce minimum retention counts if your recovery requirements allow
 3. **Optimize Schedule**: Reduce backup frequency if daily backups aren't essential
 4. **Monitor Costs**: Check usage against your free tier (5GB/25GB) to avoid unexpected overage charges
 5. **Contact Support**: If you need assistance managing storage
+
 ### Backup Failures
 **Cause**: Service health issues, resource exhaustion, or platform problems.
+
 **Solutions**:
 1. **Check Service Logs**: Look for error messages around the scheduled backup time
 2. **Verify Service Health**: Ensure the service is running properly with adequate resources
@@ -5998,35 +8422,52 @@ When a project is deleted, the encryption key is permanently destroyed after 7 d
 
 # Features > Build Cache
 
+
 > Zerops implements a sophisticated two-layer caching strategy that optimizes build times while maintaining complete control over the build environment. This documentation explores the architecture, configuration patterns, and practical implementation of the build cache system.
+
 ## Architecture Overview
+
 The build cache operates through two distinct layers:
+
 1. **Base Layer**: Comprises the OS, installed dependencies, and prepare commands
 2. **Build Layer**: Contains the state after executing build commands
+
 The layers work together to create an efficient and predictable build environment, though they are currently coupled in their cache invalidation behavior (invalidating one layer affects the other).
+
 ### Cache Implementation
+
 The caching mechanism is implemented through an efficient file movement strategy. This approach ensures near-instantaneous cache operations through simple directory relocation within the container, implementing the following characteristics:
+
 - Files are moved between `/build/source` and `/build/cache` using container-level rename operations
 - No packaging, compression, or network transfer is involved
 - Cache preservation is achieved through simple directory relocation within the container
 - Files maintain their original state and permissions throughout the process
+
 :::note
 See detailed [build process lifecycle](#build-process-lifecycle).
 :::
+
 ## Configuration Guide
+
 ### Essential zerops.yaml Fields
+
 The following fields in `zerops.yaml` affect build cache behavior:
+
 **Direct Cache Configuration**:
 - `build.cache`: Explicitly defines what should be cached through paths or patterns
+
 **Cache Invalidation Triggers**:
 These parameters trigger cache invalidation when modified:
 - `build.os`: Base operating system selection
 - `build.base`: Pre-installed software stacks and runtimes
 - `build.prepareCommands`: System preparation and dependency installation
 - `build.cache`: Changes to cache configuration
+
 **Build Artifact Generation**:
 - `build.buildCommands`: Generates the build artifact that will be deployed.
+
 ## Cache Configuration Patterns
+
 ### Pattern 1: System-Wide Cache Control
 ```yaml
 build:
@@ -6034,20 +8475,25 @@ build:
   # OR
   cache: false  # Intended to disable all caching
 ```
+
 The boolean values provide system-wide cache control:
+
 `cache: true`:
 - Preserves the entire build container state
 - Maintains system-level package installations
 - Ideal for globally installed packages (Python/PHP packages, Go modules)
+
 `cache: false`:
 - Intended to disable all caching
 - Currently, due to layer coupling, only files within `/build/source` are not cached
 - Everything outside `/build/source` remains cached (see [Common Pitfalls: Layer Coupling](#current-pitfalls))
+
 ### Pattern 2: Path-Specific Caching
 ```yaml
 # Single path
 build:
   cache: node_modules
+
 # Multiple paths
 build:
   cache:
@@ -6055,16 +8501,21 @@ build:
     - package-lock.json
     - .build
 ```
+
 Execution flow:
 1. Source code extraction to `/build/source`
 2. Build command execution
 3. Specified path preservation in `/build/cache`
 4. Cached content restoration (no-clobber mode - source files take precedence)
+
 :::tip
 Ideal for non-versioned dependencies in your working directory (e.g., `node_modules`, `vendor`, `.venv`).
 :::
+
 ## Path Pattern Reference
+
 Zerops supports [Go's filepath.Match](https://pkg.go.dev/path/filepath#Match) syntax. Consider this example structure:
+
 ```
 ├── node_modules/
 ├── package.json
@@ -6074,6 +8525,7 @@ Zerops supports [Go's filepath.Match](https://pkg.go.dev/path/filepath#Match) sy
     ├── file2.txt
     └── file3.md
 ```
+
 Pattern examples and matches:
 ```yaml
 build:
@@ -6082,33 +8534,44 @@ build:
     - "package*"          # Matches: package.json, package-lock.json
     - "node_modules"      # Matches: entire node_modules directory recursively
 ```
+
 :::note
 All patterns resolve relative to `/build/source`. Path variations like `./node_modules`, `node_modules`, and `node_modules/` are treated identically.
 :::
+
 ## Build Process Lifecycle
+
 1. **Initialization Phase**
    - Build container startup
    - Builder process launch
    - Source code loading into `/build/source`
+
 2. **Cache Restoration Phase**
    - Cached file movement to `/build/source` (no-clobber mode)
    - Source file precedence handling
    - Conflict logging (no build interruption)
    - Cache directory cleanup
+
 3. **Build Execution Phase**
    - Build command processing
    - Artifact packaging (`build.deployFiles`)
+
 4. **Cache Preservation Phase**
    - Specific cache files movement outside `/build/source`
    - `/build/source` directory cleanup
    - Container termination
+
 ## Cache Invalidation Reference
+
 The build cache invalidates under these conditions:
+
 1. **Manual Triggers**
    - API call: `DELETE /service-stack/{id}/build-cache`
    - GUI: Manual cache clear action
+
 2. **Version Management**
    - Backup app version activation via `PUT /app-version/{id}/deploy`
+
 3. **Configuration Changes**
    Any modifications to:
    ```yaml
@@ -6117,8 +8580,11 @@ The build cache invalidates under these conditions:
    build.prepareCommands
    build.cache
    ```
+
 ### Current Pitfalls
+
 The current implementation has some important characteristics:
+
 1. **Layer Coupling**
    ```yaml
    build:
@@ -6131,6 +8597,7 @@ The current implementation has some important characteristics:
      cache: false
    ```
    Even with `cache: false`, Go modules outside `/build/source` remain cached.
+
 2. **Cascade Invalidation**
    ```yaml
    build:
@@ -6145,7 +8612,9 @@ The current implementation has some important characteristics:
        - node_modules
    ```
    Modifying `prepareCommands` invalidates both layers, including cached `node_modules`.
+
 ## Real-World Implementation Examples
+
 ### Node.js Project with TypeScript
 ```yaml
 build:
@@ -6159,6 +8628,7 @@ build:
     - .turbo
     - package-lock.json
 ```
+
 ### Go Project with Multiple Dependencies
 ```yaml
 build:
@@ -6170,6 +8640,7 @@ build:
     - go build -o bin/app cmd/main.go
   cache: true  # Caches entire Go modules directory
 ```
+
 ### PHP/Laravel Project
 ```yaml
 build:
@@ -6181,147 +8652,227 @@ build:
     - vendor
     - composer.lock
 ```
+
 ## Debugging and Monitoring
+
 * **Build Logs**
    - Cache operations are detailed in build logs
    - File conflicts during restoration are logged
    - Cache preservation status is visible
+
 ## Implementation Best Practices
+
 ### Cache Strategy Optimization
+
 1. **Layer Management**
    - Maintain stable `prepareCommands` to prevent cache invalidation
    - Group related prepare commands logically
+
 2. **Performance Optimization**:
    - Cache package manager lock files alongside dependency directories
    - Use system-wide caching (`cache: true`) for languages with global package managers
+
 3. **Performance Tuning**
    - Leverage system-wide caching for complex builds
    - Monitor build logs for cache operations and potential conflicts
    - Use explicit patterns for precise control
    - Don't over-optimize – the system handles large caches efficiently
+
 ## Future Development
+
 Planned system enhancements include:
 - Layer independence implementation
 - Granular cache control mechanisms
 - Enhanced layer management capabilities
 - Improved cache invalidation patterns
 
+
 ----------------------------------------
 
 # Features > Cdn
 
+
 Zerops CDN is a global content delivery network that brings your static content closer to your users, resulting in faster load times and improved user experience. Built on Nginx and Cloudflare geo-steering technology, our CDN automatically routes users to the nearest server location based on their DNS request.
+
 ## Key Benefits
+
 - **Global Reach**: Serve content from strategic locations across the world
 - **Reduced Latency**: Content is delivered from the server closest to your users
 - **Simple Integration**: No complex configuration required
+
 ## Global CDN Infrastructure
+
 Zerops CDN operates across **6 strategic regions** to ensure your content is always delivered from a location close to your users:
-  
-      Region
-      Location
-      Coverage Area
-    
-      EU
-      CZ
-      Prague, Czech Republic
-      Primary European coverage + failover for all regions
-    
-      DE
-      Falkenstein, Germany
-    
-      UK
-      London, United Kingdom
-      UK and surrounding areas
-    
-      AU
-      Sydney, Australia
-      Australia and Oceania
-    
-      SG
-      Singapore, Singapore
-      Southeast Asia
-    
-      CA
-      Beauharnois, Canada
-      North America
-    
-### Geo-Steering Technology
-Zerops CDN's geo-steering technology automatically routes users to the server location closest to them. Here's how it works:
-* **Automatic routing**: Users are directed to the optimal CDN node based on their geographic location
-* **Quick failover**: The DNS TTL is set to just 30 seconds, allowing fast recovery if a node fails
-* **Redundancy**: If any node becomes unavailable, Cloudflare automatically redirects traffic to the next closest node
-* **Reliable backup**: The EU region serves as the ultimate fallback - if all other nodes go down, EU will always be served in DNS
-## CDN Modes and Implementation
-Zerops CDN currently supports two distinct usage modes (with a third mode coming soon), each designed for specific content delivery needs.
-### Object Storage Mode
-Perfect for efficiently delivering media files, documents, and other static assets stored in Zerops [Object Storage](/object-storage/overview) to users across different geographical regions.
-**Setup process:**
-1. Create an Object Storage service or select an existing one
-2. Enable the CDN option for this service
-3. Set appropriate public read access policies for objects you want to serve via CDN
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="w-fit" colspan="2">Region</th>
+      <th className="w-fit">Location</th>
+      <th className="w-fit">Coverage Area</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold" rowspan="2">EU</td>
+      <td className="w-fit font-semibold">CZ</td>
+      <td className="w-fit">Prague, Czech Republic</td>
+      <td className="w-full" rowspan="2">Primary European coverage + failover for all regions</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">DE</td>
+      <td className="w-fit">Falkenstein, Germany</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold" colspan="2">UK</td>
+      <td className="w-fit">London, United Kingdom</td>
+      <td className="w-full">UK and surrounding areas</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold" colspan="2">AU</td>
+      <td className="w-fit">Sydney, Australia</td>
+      <td className="w-full">Australia and Oceania</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold" colspan="2">SG</td>
+      <td className="w-fit">Singapore, Singapore</td>
+      <td className="w-full">Southeast Asia</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold" colspan="2">CA</td>
+      <td className="w-fit">Beauharnois, Canada</td>
+      <td className="w-full">North America</td>
+    </tr>
+   </tbody>
+</table>
+
+### Geo-Steering Technology
+Zerops CDN's geo-steering technology automatically routes users to the server location closest to them. Here's how it works:
+
+* **Automatic routing**: Users are directed to the optimal CDN node based on their geographic location
+* **Quick failover**: The DNS TTL is set to just 30 seconds, allowing fast recovery if a node fails
+* **Redundancy**: If any node becomes unavailable, Cloudflare automatically redirects traffic to the next closest node
+* **Reliable backup**: The EU region serves as the ultimate fallback - if all other nodes go down, EU will always be served in DNS
+
+## CDN Modes and Implementation
+
+Zerops CDN currently supports two distinct usage modes (with a third mode coming soon), each designed for specific content delivery needs.
+
+### Object Storage Mode
+
+Perfect for efficiently delivering media files, documents, and other static assets stored in Zerops [Object Storage](/object-storage/overview) to users across different geographical regions.
+
+**Setup process:**
+1. Create an Object Storage service or select an existing one
+2. Enable the CDN option for this service
+3. Set appropriate public read access policies for objects you want to serve via CDN
+
 **Accessing content:**
 ```txt
 https://storage.cdn.zerops.app/your-bucket/path/to/file
 ```
+
 :::tip
 Access the storage CDN URL via the `storageCdnUrl` **project** environment variable `${storageCdnUrl}/your-bucket/path/to/file`.
 :::
+
 ### Static Mode
+
 Ideal for caching and delivering static website assets like HTML, CSS, JavaScript, and images served from your custom domains.
+
 **Setup process:**
 1. Configure domain access for your service through the L7 HTTP Balancer section
 2. Access domain settings via the **three dots menu** or **gear icon** next to your domain entry
 3. In the "Project Domain Access Modification" dialog, enable the **"Enable CDN for static files"** toggle
 4. Optionally enable "Automatically install SSL Certificates" if not already configured
+
 **Accessing content:**
 ```txt
 https://static.cdn.zerops.app/your-domain.com/path/to/file
 ```
+
 :::tip
 Access the static CDN URL via the `staticCdnUrl` **project** environment variable `${staticCdnUrl}/your-domain.com/path/to/file`.
 :::
+
 :::warning Wildcard Domains Not Supported
 Static CDN cannot be activated for wildcard domains (e.g., *.example.com). You must use specific domain names.
 :::
+
 ### API Mode *(Coming Soon)*
+
 Designed for caching API responses to reduce load on your backend services and deliver faster responses to clients.
+
 **Environment variable:** Once available, you'll be able to access the API CDN URL via the `apiCdnUrl` **project** environment variable.
+
 :::warning
 API Mode is currently under development and will be available in a future release.
 :::
+
 ### HTML Implementation Examples
+
 Here's how to integrate CDN URLs in your HTML code:
+
 ```html
+<!-- Compare: Direct Object Storage vs. CDN-accelerated Storage -->
+<!-- Direct from Object Storage -->
+
+<!-- Via CDN for faster global delivery -->
+
+<!-- Using environment variables in templates -->
+
+<!-- Compare: Direct Domain vs. CDN-accelerated Domain -->
+<!-- Direct from your domain -->
+<script src="/static/js/main.js"></script>
+
+<!-- Via CDN for faster global delivery -->
+<script src="https://static.cdn.zerops.app/your-domain.com/static/js/main.js"></script>
 ```
+
 ### Testing Specific CDN Nodes
+
 For testing or debugging purposes, you can bypass the automatic geo-steering and access a specific CDN node directly:
+
 ```
 https://{region}-{mode}.cdn.zerops.app/path/to/content
 ```
+
 Available region prefixes: `cz`, `de`, `au`, `sg`, `uk`, and `ca`
+
 **Examples:**
 - Test Australia node: `https://au-storage.cdn.zerops.app/my-bucket/test.jpg`
 - Test UK node: `https://uk-static.cdn.zerops.app/my-domain.com/index.html`
+
 ## Managing CDN Content
+
 ### Cache Lifecycle
+
 Content served through Zerops CDN follows this lifecycle:
+
 1. **First Request**: When a user requests content not yet in the CDN cache, the request goes to the origin server (your Zerops service), and the response is cached at the CDN node
 2. **Subsequent Requests**: Further requests for the same content are served directly from the CDN cache, reducing latency and origin server load
 3. **Cache Expiration**: By default, content remains cached for 30 days unless explicitly purged
 4. **Automatic Management**: When CDN storage reaches capacity, the least recently used content is automatically removed
+
 :::note Important Cache Behavior
 Zerops CDN implements a fixed 30-day TTL policy. Currently, HTTP caching headers such as `Cache-Control`, `Expires`, `Pragma`, etc. do not influence CDN caching behavior. To refresh content sooner than the 30-day period, use the [purge API](#api-reference).
+
 Your `Cache-Control` headers will still affect browser caching behavior.
 :::
+
 ### When to Purge Cache
+
 You should consider purging cached content when:
+
 - **Content Updates**: You've updated content but kept the same URL (e.g., updated images, CSS files)
 - **Deployment Rollouts**: You've deployed a new version of your application
 - **Emergency Removal**: You need to immediately remove content that was accidentally made public
 - **Testing Changes**: You want to ensure users see the latest version during testing
+
 ### Purging Cached Content
+
 Zerops provides multiple ways to manage and purge cached content before its normal expiration:
+
 - **Command Line**: Use the `zsc cdn purge` [command](/references/zsc#cdn) available in all Zerops containers:
   ```sh
   # Purge all content for a domain
@@ -6331,84 +8882,115 @@ Zerops provides multiple ways to manage and purge cached content before its norm
   # Purge specific file
   zsc cdn purge example.com "/path/to/my-file$"
   ```
+
   :::important
     - This command must be executed in any container within the project that has the CDN-enabled domain active
     - Currently only works for [Static Mode](#static-mode) CDN
   :::
+
 - **API Endpoints**: For programmatic control, use the [API endpoints](#api-reference). Here are ready-to-use curl examples for quickly purging content in your scripts:
+
   ```sh
   # Static mode: Purge all content for a domain
   curl --location --request PUT "https://api.app-prg1.zerops.io/api/rest/public/project/$PROJECT_ID/purge-cdn/static/$DOMAIN/*" \
   --header "Authorization: Bearer $USER_OR_ACCESS_TOKEN"
   ```
+
   ```sh
   # Storage mode: Purge all content for object storage
   curl --location --request PUT "https://api.app-prg1.zerops.io/api/rest/public/service-stack/$OBJECT_STORAGE_SERVICE_ID/purge-cdn/*" \
   --header "Authorization: Bearer $USER_OR_ACCESS_TOKEN"
   ```
+
 #### Purge Pattern Examples
-  
-      Pattern
-      Description
-      Example
-    
-      `/*`
-      Purges all content
-      Useful after major updates
-    
-      `/images/*`
-      Purges all content in a directory
-      Clear all cached images
-    
-      `/css/main.css$`
-      Purges a specific file
-      Update a single CSS file
-    
-      `/2023*`
-      Purges content starting with pattern
-      Clear content with date prefix
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="w-fit">Pattern</th>
+      <th className="w-fit">Description</th>
+      <th className="w-fit">Example</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">`/*`</td>
+      <td className="w-fit">Purges all content</td>
+      <td className="w-full">Useful after major updates</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">`/images/*`</td>
+      <td className="w-fit">Purges all content in a directory</td>
+      <td className="w-full">Clear all cached images</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">`/css/main.css$`</td>
+      <td className="w-fit">Purges a specific file</td>
+      <td className="w-full">Update a single CSS file</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">`/2023*`</td>
+      <td className="w-fit">Purges content starting with pattern</td>
+      <td className="w-full">Clear content with date prefix</td>
+    </tr>
+   </tbody>
+</table>
+
 :::warning Pattern Rules
 - Wildcards (`*`) must be at the end of the pattern
 - Specific files must include `$` at the end
 - Nested wildcards (e.g., `/dir/*.jpg`) are not supported
 :::
+
 ## API Reference
+
 Zerops provides a comprehensive set of API endpoints to manage your CDN configuration and content. For complete information about base URLs, authorization, and general API usage, please refer to our [API specification](/references/api).
+
 The endpoint links below will take you to the Swagger documentation with detailed request/response schemas and examples:
+
 ### CDN Management API
+
 - **[Enable CDN for Storage ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStack/EnableStorageCdn)** `PUT /api/rest/public/service-stack/{id}/cdn`
 - **[Disable CDN for Storage ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStack/DisableStorageCdn)** `DELETE /api/rest/public/service-stack/{id}/cdn`
 - **[Create Object Storage with CDN ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStackObjectStorage/CreateObjectStorageV1)** `POST /api/rest/public/service-stack/object_storage_v1`
 - **[Create Domain Routing with CDN ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicPublicHttpRouting/CreatePublicHttpRouting)** `POST /api/public/public-http-routing`
 - **[Update Domain Routing with CDN ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicPublicHttpRouting/UpdatePublicHttpRouting)** `PUT /api/public/public-http-routing/{id}`
+
 ### Cache Purge API
+
 - **[Purge Storage Mode Cache ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicServiceStack/PurgeStorageCdn)** `PUT /api/rest/public/service-stack/{id}/purge-cdn/{path}`
 - **[Purge Static Mode Cache ↗](https://api.app-prg1.zerops.io/api/rest/public/swagger/#/PublicProject/PurgeStaticCdn)** `PUT /api/rest/public/project/{id}/purge-cdn/static/{domain}/{path}`
-- **Purge Api Mode Cache *(Coming soon)*** 
+- **Purge Api Mode Cache *(Coming soon)***
+
 ## Troubleshooting
+
 Having issues with your CDN? Here are solutions to the most common problems:
+
 #### Content Not Updated After Changes
 * **Issue:** You've updated content, but users still see the old version.
 * **Possible Cause:** The CDN cache is continuing to serve the previously cached version.
 * **Solution:**
     - Use the [purge API](#api-reference) with the specific content path
     - For immediate changes, use versioned file names (e.g., `style.v2.css` instead of just `style.css`)
+
 #### Content Not Being Cached
 * **Issue:** Your content isn't being cached by the CDN.
 * **Possible Cause:** Missing public read permissions on objects.
 * **Solution:**
     - For object storage: Check bucket and object access policies
     - Verify the object is accessible directly before attempting CDN access
+
 :::note
 Remember that only publicly accessible objects will be cached by the CDN. Private objects will always be fetched directly from the origin.
 :::
+
 #### Environment Variables Not Available
 * **Issue:** You can't access the new CDN-related project level environment variables in your containers.
 * **Possible Cause:** When new environment variables are created, existing services need to be restarted to access them. Services created before the CDN feature release require special handling.
 * **Solution:**
     - For services created after CDN release: Restart the service to apply the new environment variables
     - For services created before CDN release: Add and then remove a dummy environment variable in the project settings adn restart the service
+
 #### Unexpected 404 Errors
 * **Issue:** Users receive 404 errors when accessing content via CDN.
 * **Possible Cause:** Incorrect CDN URL formatting or missing content at origin.
@@ -6416,77 +8998,407 @@ Remember that only publicly accessible objects will be cached by the CDN. Privat
     - Double-check your [URL structure](#) (pay attention to domain names and paths)
     - Verify content exists at the origin before attempting CDN access
     - Test accessing the content directly from origin first
+
 **Correct URL patterns:**
 - Object Storage: `https://storage.cdn.zerops.app/your-bucket/path/to/file`
 - Static Mode: `https://static.cdn.zerops.app/your-domain.com/path/to/file`
+
 ---
+
 *Need help implementing CDN in your project? Join our [Discord community](https://discord.gg/zeropsio) where our team and other Zerops users can assist you!*
 
+----------------------------------------
+
+# Features > Coding Agents
+
+
+Zerops was built on the idea of **environment parity** — giving developers the full development lifecycle, from remote development to highly available production, with the observability and developer tools for maximum flexibility, and sensible defaults so the configs stay reasonable. Turns out that's **exactly what coding agents need** to produce and iterate on production-ready applications.
+
+## What is it
+
+An **[MCP server](/zcp/overview)** for your agents — with an optional remote cloud development environment container to run them in — that makes use of the flexibility and processes Zerops provides. There's no "Zerops system prompt" hogging your context window. The MCP server is a thin layer that makes **your agent a Zerops platform power user** — when needed — so it understands:
+
+- how networking, scaling, debugging, build & deployment, environment variables, and service provisioning work on the platform
+- the development loop: start a dev server → implement → deploy to stage → verify
+
+The depth of the platform underneath is what gives the agent room to actually work. A single agent can scaffold and iterate on projects with multiple runtimes (`app`, `api`, `worker`) backed by multiple [managed services](/features/infrastructure) (object storage `storage`, Postgres `db`, Elasticsearch `search`, NATS `broker`, Valkey `cache`) — just as easily as it can work on a simple Next.js presentational website.
+
+A **[recipe ecosystem](https://app.zerops.io/recipes)** covering the most popular frameworks — pre-prepared for the whole lifecycle — gives the agent a baseline to start from, or a guide for setting up any stack on Zerops.
+
+```text
+  ┌─ ZCP MCP ────┐    ┌─ recipes for any stack ────────────────────────────────┐
+  │              │    │                                                        │
+  │  Claude Code │    │                                                        │
+  │     Codex    │    │   Bun, Deno, Node.js, Go, Java, Python, Rust, Gleam    │
+  │  Gemini CLI  ├───►│                                                        │
+  │   opencode   │    │ Ruby, PHP, .NET, Laravel, Next.js, Nuxt, Astro, Svelte │
+  │              │    │                                                        │
+  └───────┬──────┘    │   React, Vue, Angular, Solid, Qwik, Analog, Nest.js    │
+          │           │                                                        │
+          │           │                                                        │
+          │           └────────────────────────────────────────────────────────┘
+          │
+          │    zcp with agent has root ssh access to runtime services,
+          │      runs dev server on dev, deploys to stage, verifies
+          │
+          ├───────────────────────────────────────────────────────────────┐
+          │                                                               │
+┌─ complex project ────────────────────────────────────────┐    ┌─ simple project ───┐
+│         │                                                │    │         │          │
+│         ▼                                                │    │         ▼          │
+│  ┌────────────┐                                          │    │    ┌──────────┐    │
+│  │    zcp     │                                          │    │    │   zcp    │    │
+│  │   Ubuntu   │                                          │    │    │  Ubuntu  │    │
+│  └────────────┘                                          │    │    └──────────┘    │
+│                                                          │    │                    │
+│  ┌────────────┐      ┌────────────┐      ┌────────────┐  │    │    ┌──────────┐    │
+│  │   appdev   │      │   apidev   │      │ workerdev  │  │    │    │  appdev  │    │
+│  │    Bun     │      │   Golang   │      │   Python   │  │    │    │ Node.js  │    │
+│  └────────────┘      └────────────┘      └────────────┘  │    │    └──────────┘    │
+│                                                          │    │                    │
+│  ┌────────────┐      ┌────────────┐      ┌────────────┐  │    │    ┌──────────┐    │
+│  │  appstage  │      │  apistage  │      │workerstage │  │    │    │ appstage │    │
+│  │    Bun     │      │   Golang   │      │   Python   │  │    │    │ Node.js  │    │
+│  └────────────┘      └────────────┘      └────────────┘  │    │    └──────────┘    │
+│                                                          │    └────────────────────┘
+│  ┌────────┐ ┌────────┐ ┌────────┐ ┌────────┐ ┌────────┐  │
+│  │   db   │ │ search │ │ broker │ │ cache  │ │storage │  │
+│  │Postgres│ │Elastic │ │  NATS  │ │ Valkey │ │   S3   │  │
+│  └────────┘ └────────┘ └────────┘ └────────┘ └────────┘  │
+└──────────────────────────────────────────────────────────┘
+
+```
+
+:::tip[Platform-first, not agent-first]
+
+Most coding-agent platforms went agent-first, then bolted on infrastructure — where it runs, how it reaches the database, how its output becomes production-ready, which third-party services to wire up. **Zerops went platform-first.** The complete development lifecycle existed before coding agents did; we taught them to operate it — **not just how to call APIs, but how to ship software the way a senior developer would.**
+
+:::
+
+## Main features
+
+### Your agent, your subscription
+
+Bring whichever agent you already use. Claude Code today; Codex, Gemini CLI, opencode, and any MCP-capable client next. The container is a regular Ubuntu — install your own CLI tools, drop in your `.claude` / `.cursor` configs, attach your IDE over SSH. **Zerops doesn't resell tokens or proxy your model calls** — sign in with your own Anthropic / OpenAI / Google subscription and the agent talks to its provider directly.
+
+### An ordinary Zerops project underneath
+
+The agent operates inside a normal Zerops project — same shape as production. Managed databases (PostgreSQL, MariaDB, ClickHouse), key-value stores (KeyDB, Valkey), search (Elasticsearch, Meilisearch, Typesense), vector store (Qdrant), message queues (NATS, Kafka), object and shared storage, managed Nginx — all on a private network, addressable by hostname. The same pipeline that deploys here can deploy to a separate HA production project with no `zcp` service attached. Not a sandbox the work outgrows.
+
+### Human ↔ agent handover
+
+The agent and the human share the same workspace — same filesystem, same SSH key, same Cloud IDE in the browser, same remote-dev attach from your local IDE. Take over mid-session, set something up before the agent runs, debug in the same container the agent just left. Nothing reaches production until you merge the PR — the agent opens it, you gate it.
+
+### Recipes for any stack
+
+Runtimes for Bun, Deno, Node.js, Go, Python, Rust, Java, .NET, PHP, Elixir, Gleam — with curated recipes for the framework on top: Next.js, Nuxt, Astro, Svelte, React, Vue, Angular, Solid, Qwik, Analog, NestJS, Laravel, and more. Pick a recipe, select the **AI Agent** environment, and the project comes up with a working dev runtime, a stage runtime, the right managed services wired in, and a coding agent briefed on the Zerops surface.
+
+## How it works in practice
+
+The agent reaches your project's private network one of two ways:
+
+- **Remote** — a `zcp` service deployed into the project runs the agent. You attach to it with Claude Code's IDE extension, with any IDE that supports remote development (Cursor, Windsurf, VS Code Remote), or by running [`zcli vpn up`](/references/networking/vpn) and ssh-ing into `zcp` to drive the rest of the project from a shell.
+- **Local** — install the `zcp` MCP on your machine and run `zcli vpn up` to join the network. From there your IDE, agent, and shell can ssh directly into any container.
+
+Either way, the agent reaches [managed services by hostname](/references/networking/internal-access) (`db:5432`, `cache:6379`), deploys through the [Zerops pipeline](/features/pipeline), and reads logs and events the same way you would.
+
+**Remote (zcp service)**
+
+```text
+                      https://my-app.com
+                               │
+                               ▼
+┌────────────────────────────────────────────────────────────┐
+│        Zerops development project (private network)        │
+│ ┌─────────────────┐  ┌──────────┐  ┌──────────┐            │
+│ │ project ctrl    │  │  stats   │  │  logger  │            │
+│ │ + L3 balancer   │  │          │  │          │            │
+│ │ + firewall      │  │          │  │          │            │
+│ └────────┬────────┘  └──────────┘  └──────────┘            │
+│          │                                                 │
+│ ┌────────┴────────┐                                        │
+│ │   L7 balancer   │                                        │
+│ │     (Nginx)     │                    control plane       │
+│ └────────┬────────┘               ssh into other services  │
+│          │                        dev runtime fs mounted   │
+│          ├─────────────────┬─────────────────┐             │
+│   ┌──────┴──────┐  ┌───────┴───────┐  ┌──────┴──────┐      │
+│   │ appdev:3000 │  │ appstage:3000 │  │ zcp service │      │
+│   │ dev runtime │  │ stage runtime │  │ agent + MCP │      │
+│   └──────┬──────┘  └───────┬───────┘  └──────┬──────┘      │
+│          │                 │                 │             │
+│          └─────────────────┼─────────────────┘             │
+│                            │                               │
+│             ┌──────────────┴────────────┐                  │
+│             │                           │                  │
+│      ┌──────┴──────┐             ┌──────┴──────┐           │
+│      │ db:5432     │             │ cache:6379  │           │
+│      │ Postgres    │             │ Valkey      │           │
+│      └─────────────┘             └─────────────┘           │
+│                                                            │
+└────────────────────────────────────────────────────────────┘
+```
+
+**Local (zcli vpn up)**
+
+```text
+                      https://my-app.com
+                               │
+                               ▼
+┌────────────────────────────────────────────────────────────┐
+│        Zerops development project (private network)        │
+│ ┌─────────────────┐  ┌──────────┐  ┌──────────┐            │
+│ │ project ctrl    │  │  stats   │  │  logger  │            │
+│ │ + L3 balancer   │  │          │  │          │            │
+│ │ + firewall      │  │          │  │          │            │
+│ └────────┬────────┘  └──────────┘  └──────────┘            │
+│          │                                                 │
+│ ┌────────┴────────┐                                        │
+│ │   L7 balancer   │                                        │
+│ │     (Nginx)     │                                        │
+│ └────────┬────────┘                                        │
+│          │                                                 │
+│          ├─────────────────┐                               │
+│   ┌──────┴──────┐  ┌───────┴───────┐                       │
+│   │ appdev:3000 │  │ appstage:3000 │                       │
+│   │ dev runtime │  │ stage runtime │                       │
+│   └──────┬──────┘  └───────┬───────┘                       │
+│          │                 │                               │
+│          └────────┬────────┘                               │
+│                   │                                        │
+│             ┌─────┴─────────────────────┐                  │
+│             │                           │                  │
+│      ┌──────┴──────┐             ┌──────┴──────┐           │
+│      │ db:5432     │             │ cache:6379  │           │
+│      │ Postgres    │             │ Valkey      │           │
+│      └─────────────┘             └─────────────┘           │
+│                                                            │
+└──────────────────────────────▲─────────────────────────────┘
+                               │
+                               │ VPN tunnel
+                               │
+              ┌────────────────┴────────────────┐
+              │ IDE / terminal                  │
+              │ + agent                         │
+              │ + zcp MCP                       │
+              │                                 │
+              │ $ curl zerops.io/zcp/install.sh │
+              │ $ zcp init                      │
+              │ $ zcli vpn up                   │
+              └─────────────────────────────────┘
+```
+
+The agent runs through two workflows. **Bootstrap** settles which services and runtime targets the app needs. **Develop** is the short work loop — edit code on `appdev`, deploy to `appstage`, check it's reachable, verify behavior against `db:5432` and `cache:6379`, fix from evidence. A session ends with a URL you can open, or a specific blocker — failure category, attempts, what's still needed. Same hostnames, same managed services, same pipeline as production — just at smaller scale. See [Workflows in depth](/zcp/reference/agent-workflow) for both.
+
+```text
+    zcp (local or remote)
+             │
+             ▼
+    edit code on appdev   ◀────────────────────────┐
+       └ dev server, hot reload                    │
+             │                                     │
+             ▼                                     │
+    deploy to appstage                             │
+             │                                     │
+             ▼                                     │
+    check reachability                             │
+             │                                     │
+             ▼                                     │
+    verify behavior   ─── fail ─────┐              │
+             │                      │              │
+             │ pass                 ▼              │
+             ▼               read logs / events    │
+    URL (proof)             fix from evidence ─────┘
+```
+
+Once the loop produces verified work, the agent doesn't push to production. It hands off — through whichever path your team uses: a tag push, a protected-branch merge, a manual `zcli` release, a pull request, or a CI job. **A human gates the release**, and the production deploy runs into a [separate production project](/zcp/security/production-policy) that has no `zcp` service at all.
+
+```text
+      Dev project                 GitHub                  Prod project
+
+┌─────────────────────┐       ┌──────────────┐       ┌─────────────────────┐
+│  appdev             │       │              │       │   app    (HA)       │
+│  appstage           │       │  Pull        │       │                     │
+│                     │ push  │  Request     │ CI/CD │   db     (HA)       │
+│  db, cache          │ ────▶ │              │ ────▶ │                     │
+│                     │       │  + human     │       │   cache  (HA)       │
+│  zcp service        │       │    review    │       │                     │
+│                     │       │              │       │   (no zcp service)  │
+└─────────────────────┘       └──────────────┘       └─────────────────────┘
+```
+
+## Where does this fit in the agent landscape
+
+With the model clear, here's where ZCP sits among adjacent tools. People say "agent infrastructure," "infra for Claude agents," "agent hosting," or "agent sandboxes" to mean different things — usually one of the categories below.
+
+#### PaaS MCPs
+
+_AWS MCP servers · Railway MCP · Fly.io MCP · Render MCP_
+
+Most major PaaS providers have shipped an MCP — provision services, deploy code, list resources, read operational state. Great for "let my agent ship to my Railway account." These are *deploy and operate* surfaces, driven from outside the platform — and they reflect what's underneath: platforms optimized for day-one deploy that tuck the infrastructure behind a wall. Once an agent needs to actually *develop* against that infrastructure — debug a failed health check, follow real logs, hit Postgres from inside the network, inspect what a build is doing, run the dev loop before it ships anything — the wall stops it. That's by design on those platforms, not a missing feature.
+
+#### Cloud VPS MCPs
+
+_Hetzner Cloud MCP · DigitalOcean MCP · Linode MCP · raw SSH/server MCPs_
+
+"Let your agent manage your Hetzner VPS." An MCP gives the agent access to a Linux box — provision it, SSH in, install Docker and Postgres and nginx, set up systemd units, point a domain at it. Maximum control, lowest cost, full Linux to play with. The same reason senior developers reach for managed platforms applies here: even if you *can* harden SSH, write nginx configs, tune `pg_hba.conf`, rotate TLS, set firewall rules, run fail2ban, and stay on top of CVEs across kernel, OpenSSL, Docker, Postgres, and nginx — you usually don't want to. Each layer is its own domain with its own gotchas, each is a security surface that drifts the moment you stop tending it, and every project becomes a snowflake. Hand that work to an agent and you also hand it the blast radius: misconfigured firewall, debug endpoint left open, port 5432 exposed to the internet, keys never rotated. ZCP is the inverse trade-off — the **guardrails** of a managed platform. Private networking, TLS, isolated services, safe defaults, managed backups, no exposed ports unless you opt in — all built in. The agent operates through [project-scoped MCP tools](/zcp/reference/mcp-operations) instead of `sudo` on a fresh Ubuntu box, so the mistakes that matter on a VPS aren't reachable from where it sits.
+
+#### Cloud dev environments with AI
+
+_GitHub Codespaces + Copilot Workspace · Gitpod · Coder_
+
+A managed Linux container in the cloud with your editor and an AI assistant attached. Solves "where the agent runs" so state survives between sessions and machine setup stops being a question. The `zcp` service is the closest thing in this category — managed Linux container, Cloud IDE, your agent of choice — except it lives *inside* a Zerops project, addressing the project's runtimes, database, and cache by hostname, with deploys and logs as primitives the agent can call.
+
+#### Bundled agent platforms
+
+_Replit Agent · Lovable · Bolt.new · v0 · Devin · OpenHands_
+
+The agent, the workspace, the stack, and (often) the hosting target are fused into one closed product. Fast for prototypes. Decisions are made for you. Switching agents usually means switching platforms, and production-grade primitives — a real dev/stage/prod release flow, private networking, observability — tend to be limited or absent. **ZCP doesn't bundle**: the agent and model stay yours on your own subscription, and the platform underneath is normal Zerops with the full stack of managed services, networking, deploys, and observability.
+
+#### Local coding agents
+
+_Cursor · Windsurf · Zed · Claude Code · Codex CLI · Aider · Cline_
+
+The agent runs on your machine, edits your local checkout, runs local commands. Excellent at code changes. Anything beyond your machine — databases, networking, deploy targets, runtime logs — is yours to wire in. Install the ZCP MCP locally and run `zcli vpn up`, and any of these agents can now reach a real Zerops project alongside your local code: services addressed by hostname, deploys, logs, events.
+
+#### Code-execution sandboxes
+
+_E2B · Modal · Daytona · CodeSandbox SDK_
+
+Ephemeral Linux environments that AI *applications* spin up — often per request — to execute generated code safely. The right primitive when you're building a product that needs a model to run untrusted code and hand back the output. They're a building block for AI applications, not somewhere a coding agent settles in to iterate on your project. Different shape from ZCP; they show up here because the names cluster nearby.
+
+#### Agent SDKs and frameworks
+
+_Cloudflare Agents · Vercel AI SDK · Mastra · Anthropic Agent SDK_
+
+Libraries for building and shipping agents to *your* users — tool calling, memory, orchestration, model providers, sometimes hosting. They're how somebody would build a product like ZCP, not where a coding agent runs against a project. Same disambiguation — adjacent on the shelf, different shape.
+
+## Where to start
+
+- [Quickstart](/zcp/quickstart) — AI Agent recipe, Claude Code, and a real product change in about five minutes.
+- [ZCP MCP overview](/zcp/overview) — What the `zcp` MCP gives the agent, where it runs, and how a run ends in proof or a blocker.
+- [Remote or local setup](/zcp/setup/choose-workspace) — Choose where the `zcp` MCP runs — inside Zerops with bundled tools, or beside your local editor.
+- [Build and ship](/zcp/workflows/build-with-zcp) — Runtime layout, development, delivery, packaging, and production release.
+
+
 ----------------------------------------
 
 # Features > Container Vs Vm
 
+
 Ever wondered why container technologies like Docker took over the development world so quickly? Let's break down the real differences between traditional VMs and containers - and why you might want to use one over the other.
+
 ## Key Distinctions
+
 **Containers** are like lightweight packages that contain just your app and what it needs to run, sharing resources with your main system.
+
 **Virtual Machines** are like having a whole computer inside your computer. Complete with its own operating system, memory, and everything else.
+
 ### Why Developers Love Containers
+
 #### They're Fast
 - Start up in seconds (not minutes)
 - Take up way less space
 - You can run many more of them on the same hardware
+
 #### They're Consistent
 - Works on your machine? Will work on everyone's machine
 - No more "but it works locally" problems
 - Same environment from development to production
+
 #### They're Simple
 - Easy to share with your team
 - Quick to update and modify
 - Less configuration headaches
+
 ### When VMs Still Make Sense
+
 Sometimes you actually want a full computer-within-a-computer:
+
 - You need to run a completely different operating system
 - You're dealing with legacy applications that need specific system configurations
 - You require maximum isolation for security reasons
+
 ### Real-World Comparison
+
 Think of it like this:
 - **Containers** are like apartments in a well-managed building (shared infrastructure, efficient, but with some limitations)
 - **VMs** are like having your own house (complete control, but with more overhead)
+
 ## Containers and VMs in Zerops
+
 ### Why Zerops Uses Both
+
 At Zerops, we use **containers** as our primary runtime environment - they're fast, efficient, and perfect for most modern development workflows. We've optimized our container infrastructure to handle nearly every type of application you might need to run.
+
 However, we also provide **VMs** when you need them, particularly for Docker-based workloads where the additional isolation is essential. Docker containers are a special case - in Zerops, they actually need to run inside VMs for proper security and isolation. While it's technically possible to run Docker in containers using privileged mode, this creates security vulnerabilities.
+
 ### When to Use What
-  
+
+<div className="grid grid-cols-1 md:grid-cols-2 gap-1 mt-1">
+  <div className="flex-1">
+  <h4 className="flex items-center gap-1 mb-0">
     Go with Containers when:
-  
-        Building modern web applications
-      
-        Working with microservices
-      
-        Need quick deployment and vertical scaling
-      
-        Want efficient resource usage
-      
+  </h4>
+  <ul className="list-none p-0 m-0 flex flex-col gap-0.5">
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Building modern web applications</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Working with microservices</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Need quick deployment and vertical scaling</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Want efficient resource usage</span>
+      </li>
+  </ul>
+  </div>
+  <div className="flex-1">
+  <h4 className="flex items-center gap-1 mb-0">
     Consider VMs when:
-  
-        Running legacy applications
-      
-        Need complete OS isolation
-      
-        Require specific hardware access
-      
-        Need to run Docker containers
-      
+  </h4>
+  <ul className="list-none p-0 m-0 flex flex-col gap-0.5">
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Running legacy applications</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Need complete OS isolation</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Require specific hardware access</span>
+      </li>
+      <li className="flex items-center gap-0.5">
+        <div className="w-0.5 min-w-0.5 shrink-0 aspect-square rounded-full bg-gray-400 flex items-center justify-center scale-75" />
+        <span>Need to run Docker containers</span>
+      </li>
+  </ul>
+  </div>
+</div>
+
 ### Resource Allocation
+
 Both containers and VMs in Zerops can have guaranteed resources:
 - Specific CPU cores
 - Dedicated memory
 - Controlled disk space
+
 The difference isn't in resource guarantee capabilities, but rather in how these resources are managed and isolated.
+
 ## The Bottom Line
+
 For most modern development work, containers are the way to go. They're faster, more efficient, and easier to work with. VMs still have their place, but unless you have a specific reason to use them, containers will usually make your life easier.
+
 *Remember: The goal is to spend less time managing infrastructure and more time building great applications. Choose the tool that lets you do that most effectively.*
+
 :::tip Pro Tip
 Not sure which to choose? Start with containers. You can always switch to VMs if you discover you need them for specific use cases.
 :::
@@ -6495,127 +9407,198 @@ Not sure which to choose? Start with containers. You can always switch to VMs if
 
 # Features > Debug Mode
 
+
 This document describes the debug mode configuration capabilities for service stacks in Zerops, allowing developers to pause execution at specific points during build and runtime processes for debugging purposes.
+
 ## Overview
+
 Debug mode introduces control over two distinct phases of deployment:
+
 - **Build phase** - When the `buildCommands` are executed
 - **Runtime prepare phase** - When the `prepareCommands` are executed
+
 For each phase, you can choose when to pause the execution:
 - **Disable** - No pausing, execution proceeds normally
 - **Before first command** - Execution stops before running any commands
 - **After last command** - Execution stops after all commands complete
 - **On command fail** - Execution stops when a command fails
+
 Each phase can be configured with its own debug settings without affecting the other phase.
+
 :::warning Important
 The entire build process, including any time spent in debug mode, has a maximum duration of 60 minutes. After this time limit is reached, the build process is automatically cancelled.
 :::
+
 ## Configuration
+
 The debug mode configuration can be found in your service detail under the **Pipelines & CI/CD settings**.
-  
+
 ## Debug Control
+
 When execution is paused in debug mode, you have several commands available to control the debugging process. Each command serves a specific purpose and affects the deployment process differently.
+
 ### Debug Pause Points
+
 There are three key points where execution can pause during deployment:
 - ➠ **Disable** - Do not pause
 - ↪ **Before First Command** - Paused before any commands run
 - ✖ **On Command Failure** - Paused when a command fails
 - ✔ **After Last Command** - Paused after all commands complete
+
 ### Available Commands
+
 #### Continuing Execution
 To proceed with the normal deployment process, use:
 ```bash
 zsc debug continue
 ```
-  
-      Pause Point
-      Behavior
-    
-      ↪ Before First Command
-      Begins running commands for the current phase until next possible pause point
-    
-      ✖ On Command Failure
-      Skips the failed command and continues deployment
-    
-      ✔ After Last Command
-      Moves to the next phase (from build to runtime prepare) or completes deployment
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Pause Point</th>
+      <th className="w-full">Behavior</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">↪ <i>Before First Command</i></td>
+      <td className="w-fit">Begins running commands for the current phase until next possible pause point</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✖ <i>On Command Failure</i></td>
+      <td className="w-fit">Skips the failed command and continues deployment</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✔ <i>After Last Command</i></td>
+      <td className="w-fit">Moves to the next phase (from build to runtime prepare) or completes deployment</td>
+    </tr>
+  </tbody>
+</table>
+
 #### Marking Success
 To force a successful deployment status, use:
 ```bash
 zsc debug success
 ```
-  
-      Pause Point
-      Behavior
-    
-      ↪ Before First Command
-      Ends current phase without running any commands
-    
-      ✖ On Command Failure
-      Ignores the failure and ends current phase with success
-    
-      ✔ After Last Command
-      Concludes current phase with a successful status
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Pause Point</th>
+      <th className="w-full">Behavior</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">↪ <i>Before First Command</i></td>
+      <td className="w-fit">Ends current phase without running any commands</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✖ <i>On Command Failure</i></td>
+      <td className="w-fit">Ignores the failure and ends current phase with success</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✔ <i>After Last Command</i></td>
+      <td className="w-fit">Concludes current phase with a successful status</td>
+    </tr>
+  </tbody>
+</table>
+
 :::note
 Requires valid `deployFiles` to work properly (fails otherwise).
 :::
+
 #### Forcing Failure
 To terminate the deployment with a failure status, use:
 ```bash
 zsc debug fail
 ```
-  
-      Pause Point
-      Behavior
-    
-      ↪ Before First Command
-      Marks current phase as failed without running commands
-    
-      ✖ On Command Failure
-      Ends deployment with original error
-    
-      ✔ After Last Command
-      Overwrites successful execution with failed status and ends deployment
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th className="">Pause Point</th>
+      <th className="w-full">Behavior</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">↪ <i>Before First Command</i></td>
+      <td className="w-fit">Marks current phase as failed without running commands</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✖ <i>On Command Failure</i></td>
+      <td className="w-fit">Ends deployment with original error</td>
+    </tr>
+    <tr>
+      <td className="w-fit">✔ <i>After Last Command</i></td>
+      <td className="w-fit">Overwrites successful execution with failed status and ends deployment</td>
+    </tr>
+  </tbody>
+</table>
+
 Each phase can be configured independently to pause at any of the points described above, giving you precise control over your debugging workflow. The 60-minute timeout ensures deployments don't remain blocked indefinitely.
+
 ## Usage Examples
+
 ### Example 1: Debugging Build Failures
-  
-      Build phase
-      ✖ On Command Failure
-    
-      Prepare runtime phase
-      ➠ Disable
-    
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <tbody>
+    <tr>
+      <td className="w-fit"><b>Build phase</b></td>
+      <td className="w-fit">✖ <i>On Command Failure</i></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><b>Prepare runtime phase</b></td>
+      <td className="w-fit">➠ <i>Disable</i></td>
+    </tr>
+  </tbody>
+</table>
+
 This configuration allows you to:
 1. Inspect the container state after a failure
 2. Make necessary adjustments
 3. Use `zsc debug continue` to resume or `zsc debug fail` to abort
+
 ### Example 2: Validating Runtime Setup
-  
-      Build phase
-      ➠ Disable
-    
-      Prepare runtime phase
-      ✔ After Last Command
-    
-## Best Practices
-#### Targeted Debugging
-- Enable debug mode only for the specific phase you need to investigate
-- This minimizes disruption to the deployment process
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <tbody>
+    <tr>
+      <td className="w-fit"><b>Build phase</b></td>
+      <td className="w-fit">➠ <i>Disable</i></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><b>Prepare runtime phase</b></td>
+      <td className="w-fit">✔ <i>After Last Command</i></td>
+    </tr>
+  </tbody>
+</table>
+
+## Best Practices
+
+#### Targeted Debugging
+- Enable debug mode only for the specific phase you need to investigate
+- This minimizes disruption to the deployment process
 - Helps maintain clear debugging sessions
+
 #### Clean Up
 - Always remember to disable debug mode after completing your debugging session
 - Set both phases to **Disable**
 - Prevents unexpected pauses in future deployments
+
 #### Production Consideration
 - Be cautious when using debug mode in production environments
 - Paused executions can block deployments
 - Consider using separate development services for extended debugging sessions
+
 #### Timeout Awareness
 - Be mindful of the 60-minute maximum debug pause time (plan debugging sessions accordingly)
+
 ## Technical Considerations
+
 - Debug mode settings persist until explicitly changed
 - Build phase and runtime prepare phase operate independently
 - Debug commands are only available when execution is paused
@@ -6625,14 +9608,23 @@ This configuration allows you to:
 
 # Features > Env Variables
 
+
 Zerops manages environment variables at two scopes: service level and project level. These variables are handled automatically without requiring `.env` files.
+
 **On this page:** [Service Variables](#service-variables) · [Project Variables](#project-variables) · [Referencing Variables](#referencing-variables) · [Variable Isolation](#environment-variable-isolation) · [Restrictions](#variable-restrictions) · [Examples](#environment-variable-examples)
+
 ## Service Variables
+
 Variables that are specific to individual [services](/features/infrastructure#services).
+
 ### User-Defined Variables
+
 You can define service-level variables in two ways:
+
 #### 1. Build & Runtime Variables
+
 These variables are defined with `envVariables` attribute in the [build](/zerops-yaml/specification#envvariables-) or [run](/zerops-yaml/specification#envvariables--1) section of your `zerops.yaml` file and are accessible within their respective containers.
+
 ```yaml title="zerops.yaml"
 ...
   build:
@@ -6649,21 +9641,30 @@ These variables are defined with `envVariables` attribute in the [build](/zerops
       DB_USER: db
       DB_PASS: password
 ```
+
 See how to [reference variables](#referencing-variables) between services and between build and runtime environments. All variables must follow the [naming restrictions](#variable-restrictions).
+
 :::note
 Your application must be redeployed when updating environmental variables in `zerops.yaml`.
 :::
+
 #### 2. Secret Variables
+
 For storing sensitive data you don't want in your source repository. They can be updated without redeployment (though services need to be reloaded).
+
 Secret variables can be managed through:
+
 ##### GUI Interface
+
 Navigate to service details and find **Environment variables** in the menu. You can:
 - Add individual variables using the "Add secret variable" button
 - Edit individual variables through the menu that appears on hover
 - Use the bulk editor for managing multiple variables in .env format
-    
+
 ##### Import Configuration
+
 Create secret variables for a service with `envSecrets` attribute. See the complete [import.yaml structure](/references/import).
+
 ```yaml title="import.yaml"
 services:
   ...
@@ -6671,25 +9672,40 @@ services:
     S3_ACCESS_KEY_ID: 'your-secret-s3-key'
     S3_ACCESS_SECRET: 'your-s3-access-secret'
 ```
+
 ### System-Generated Variables
+
 Zerops automatically generates variables based on service type.
+
 These variables cannot be deleted and are always listed at the bottom of the environment variables page. Some are read-only (like `hostname`), while others can be edited (like `PATH`).
+
 These variables can also be [referenced](#referencing-variables).
+
 ## Project Variables
+
 Variables that apply across all services within a [project](/features/infrastructure#projects). These provide a way to share common configuration across services.
+
 They work similarly to service secret variables but at project scope - they're managed through the GUI and can be updated without redeployment (though services need to be reloaded).
+
 :::important
 Project variables are **automatically inherited** by all services in the project — both in build and runtime environments. You do not need to [reference](#referencing-variables) them in your `zerops.yaml`.
 :::
+
 ### User-Defined Variables
+
 You can set project-wide variables through:
+
 #### GUI Interface
+
 Access **Project environment variables** in your project detail to:
 - Add individual variables one by one
 - Edit individual variables
 - Use the bulk editor with .env format
+
 #### Import Configuration
+
 Create project variables with `envVariables` attribute. See the complete [import.yaml structure](/references/import).
+
 ```yaml title="import.yaml"
 project:
   ...
@@ -6697,55 +9713,89 @@ project:
     LOG_LEVEL: info
     API_VERSION: v1
 ```
+
 These variables will be automatically available in all services without any additional configuration.
+
 ### System-Generated Variables
+
 Zerops automatically generates project-level variables that are also automatically available in all services.
+
 ### Overriding Project Variables
+
 If you need a different value for a specific service, you can override a project variable by defining a service-level variable with the same key. See [Variable Precedence](#variable-precedence) for details on how conflicts are resolved.
+
 ```yaml title="zerops.yaml"
 run:
   envVariables:
     LOG_LEVEL: debug  # Overrides the project-level LOG_LEVEL for this service only
 ```
+
 ## Environment Variable Isolation
+
 A security feature that controls the **visibility** of environment variables across services within a project. This affects how [referencing variables](#referencing-variables) across services works.
+
 By default, Zerops isolates environment variables between services to enhance security and prevent unintended access to sensitive information. This isolation can be configured at both project and service levels.
+
 ### Isolation Modes
+
 Zerops supports two isolation modes:
-  
-      Mode
-      Description
-    
-      service
-      Default mode. Variables are isolated to their respective services. Services can only access their own variables and must explicitly reference variables from other services.
-    
-      none
-      Legacy mode. All variables from all services are automatically shared and accessible via prefixing.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Mode</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><code>service</code></td>
+      <td className="w-full"><strong>Default mode.</strong> Variables are isolated to their respective services. Services can only access their own variables and must explicitly reference variables from other services.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><code>none</code></td>
+      <td className="w-full"><i>Legacy mode.</i> All variables from all services are automatically shared and accessible via prefixing.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### Configuring Isolation
+
 #### Project-Level Isolation
+
 Zerops automatically creates the `envIsolation` project variable with the default value `service`. You only need to modify this if you want to disable isolation:
+
 ```yaml title="import.yaml"
 project:
   envIsolation: none  # Disables isolation, sharing all variables
 ```
+
 This can also be set through the Project Environment Variables section in the GUI.
+
 #### Service-Level Override
+
 Individual services can override the project-level isolation setting:
+
 ```yaml title="import.yaml"
 services:
   - hostname: db
     envIsolation: none  # This service's variables will be visible to all services
 ```
+
 :::tip
 You might set a database service to `envIsolation: none` to expose its connection details to other services, without having to manually reference them, while keeping the rest of your services isolated.
 :::
+
 :::note
 In import YAML, `envIsolation` can also be nested under `envVariables`/`envSecrets`. (If both are present, the nested version takes precedence).
 :::
+
 ### Accessing Variables Across Services
+
 #### With Isolation Enabled (`service` mode)
+
 When isolation is enabled, you must explicitly create reference variables to access variables from other services:
+
 ```yaml title="zerops.yaml"
 # In the 'app' service:
 run:
@@ -6753,48 +9803,70 @@ run:
     # Create a local reference to the 'password' variable from the 'db' service
     DB_PASSWORD: ${db_password}
 ```
+
 This approach gives you complete control over which variables are shared between services.
+
 #### With Isolation Disabled (`none` mode)
+
 When isolation is disabled, variables are automatically available across all services with the service name prefix:
+
 ```yaml
 # In any service, you can directly access:
 ${db_password}  # Accesses the 'password' variable from the 'db' service
 ```
+
 ### Best Practices for Variable Isolation
+
 1. **Use Default Isolation**: Keep the default `service` isolation for enhanced security.
 2. **Explicit References**: Create explicit references only for variables that need to be shared.
 3. **Naming Conventions**: Use clear naming patterns for reference variables (e.g. `DB_PASSWORD` for a reference to `db_password`).
 4. **Service-Level Exceptions**: Use service-level isolation overrides sparingly and only for services that need to expose their variables widely.
+
 ## Referencing Variables
+
 You can reference other variables using the `${variable_name}` syntax. This is used to reference **service-level variables**, not project variables (which are already automatically inherited).
+
 ### Within Same Service
+
 ```yaml
 envVariables:
   id: 42069
   hostname: app
   name: ${id}-${hostname}  # Results in: 42069-app
 ```
+
 ### Across Services
+
 How this works depends on your [environment variable isolation](#environment-variable-isolation) setting:
+
 **With Isolation Enabled** (`service` mode - default)
+
 Create an explicit reference in the destination service:
+
 ```yaml
 # In the 'app' service
 envVariables:
   # Creating a reference to the 'connectionString' from 'dbtest' service
   dbConnection: ${dbtest_connectionString}
 ```
+
 **With Isolation Disabled** (`none` mode)
+
 Variables from other services are automatically injected into the container and available using the service prefix format `servicename_variablename`:
+
 ```yaml
 # In any container, you can directly access variables from other services:
 # ${dbtest_connectionString}
 ```
+
 ### Between Build and Runtime Environments
+
 Build and runtime are two distinct environments in Zerops. Each environment can have its own set of variables, and you can use the same variable names in both environments since they are separate. Due to this separation, variables defined in one are not automatically accessible in the other.
+
 To share variables between environments, you need to use specific prefixes:
 - Use `RUNTIME_` prefix to access runtime variables during build
 - Use `BUILD_` prefix to access build variables during runtime
+
 ```yaml title="zerops.yaml"
 build:
   envVariables:
@@ -6803,35 +9875,52 @@ run:
   envVariables:
     API_KEY: "12345-abcde"       # Referenced in build with RUNTIME_ prefix
 ```
+
 ### Project Variables — No Reference Needed
+
 [Project variables](#project-variables) are **automatically available** in all services. Do not use the `${...}` syntax to reference them:
+
 ```yaml
 # ❌ Wrong - this shadows the project variable
 envVariables:
   PROJECT_NAME: ${PROJECT_NAME}
+
 # ✅ Correct - just use the project variable directly in your app
 # It's already available without any configuration
 ```
+
 If a project variable is named `LOG_LEVEL`, your application can read it directly — you don't need to add anything to your `zerops.yaml`.
+
 ## Variable Restrictions
+
 All environment variables must follow these restrictions:
+
 ### Key
 - Alphanumeric characters only (use `_` to separate words)
 - Must be unique within their scope
 - Case-sensitive
+
 ### Value
 - ASCII characters only
 - No EOL characters
+
 ## Variable Management
+
 ### Variable Precedence
+
 When the same environment variable key exists in multiple places, Zerops follows these precedence rules:
+
 1. Service-level variables take precedence over project variables
 2. Within service-level:
    - Build/runtime variables override secret variables
    - Build and runtime containers are separate environments
+
 ## Environment Variable Examples
+
 ### Variable Isolation Example
+
 Consider a project with three services: `api`, `db`, and `cache`:
+
 ```yaml title="Project structure"
 project:
   name: my-project
@@ -6851,114 +9940,313 @@ services:
       password: cacheServerPass
       port: 6379
 ```
+
 With this setup:
 - The `api` service can only access the specific `db` and `cache` variables it explicitly references
 - The `db` service cannot see any variables from `api` or `cache`
 - The `cache` service cannot see any variables from `api` or `db`
+
 If we changed the project's `envIsolation` to `none`, all services would be able to see all variables from all other services (prefixed with the service name).
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
 
 # Features > Infrastructure
 
+
 Zerops organizes your infrastructure into three hierarchical levels: **projects**, **services**, and **containers**. This structure provides secure networking, resource isolation, and scalable application deployment.
+
 ## Projects
+
 A project is the top-level entity in Zerops, functioning as a private network where services can communicate internally and share environment variables. Each project provides essential infrastructure including load balancing, routing, and container orchestration.
+
 ### Key Project Features
+
 - **Private Networking**: All services within a project share a secure network
 - **Environment Variables**: Services can access shared environment variables
 - **IPv6/IPv4 Addressing**: Each project receives an IPv6 address, with optional IPv4 addressing
 - **Integrated Security**: Built-in firewall and SSL certificate management
+
 :::tip Project Organization
 Consider your project strategy carefully. Create separate projects for different environments (dev/staging/prod) or consolidate related applications in a single project to optimize resources and simplify networking.
 :::
+
 ### Project Core Options
+
 When you create a project, it requires a functioning **core** that includes logger and statistics services, HTTP routing with automatic SSL certificate management, and IP routing with integrated firewall.
+
 Zerops offers two core types to match different needs and budgets:
+
 #### Lightweight Core
+
 Single-container solution perfect for development projects and smaller production workloads. Includes project controller, L3 balancer, firewall, logger, statistics, and HTTP handling in one efficient package.
+
 :::tip Ideal For
 Development environments, low-traffic applications, personal projects, budget-conscious teams.
 :::
+
 #### Serious Core
+
 Enterprise-grade infrastructure with separated core services across multiple containers for true redundancy and high availability.
+
 :::tip Ideal For
 Production applications, high-traffic websites, mission-critical business applications, teams requiring maximum uptime.
 :::
+
 #### Features Comparison
-  
-      Lightweight Core
-      Serious Core
-    
-      Infrastructure
-      Single container (limited redundancy)
-      Multi-container (highly available)
-    
-      SSL Termination
-      
-      Automatic Certificate Generation
-      
-      Proxy / Load Balancer
-      
-      IPv6 Address
-      
-      Build Time
-      15 hours
-      150 hours
-    
-      Backup Space
-      5 GB
-      25 GB
-    
-      Egress
-      100 GB
-      3 TB
-    
-      Failover Protection
-      Limited
-      Comprehensive
-    
+
+<table className="w-full">
+  <thead>
+    <tr>
+      <th className="w-fit"></th>
+      <th className="w-fit"><strong>Lightweight Core</strong></th>
+      <th className="w-fit"><strong>Serious Core</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Infrastructure</td>
+      <td className="w-fit">Single container (limited redundancy)</td>
+      <td className="w-fit">Multi-container (highly available)</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">SSL Termination</td>
+      <td className="w-fit"></td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Automatic Certificate Generation</td>
+      <td className="w-fit"></td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Proxy / Load Balancer</td>
+      <td className="w-fit"></td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">IPv6 Address</td>
+      <td className="w-fit"></td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Build Time</td>
+      <td className="w-fit">15 hours</td>
+      <td className="w-fit">150 hours</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Backup Space</td>
+      <td className="w-fit">5 GB</td>
+      <td className="w-fit">25 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Egress</td>
+      <td className="w-fit">100 GB</td>
+      <td className="w-fit">3 TB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Failover Protection</td>
+      <td className="w-fit">Limited</td>
+      <td className="w-fit">Comprehensive</td>
+    </tr>
+  </tbody>
+</table>
+
 For detailed pricing information on both core types, visit our [pricing page](/company/pricing#project-core-plans).
+
 #### Project Core Upgrade
+
 You can upgrade from Lightweight Core to Serious Core for enhanced reliability and increased resources.
+
 :::warning Important
 The core upgrade is a **partially destructive process** that will temporarily disrupt your project's operations. Plan upgrades during maintenance windows.
 :::
+
 **What happens during upgrade:**
 - All project logs and statistics will be lost (forwarded logs/statistics are not affected)
 - Services will be network-unavailable during the process (avg. 35 seconds but can take longer)
 - $10 project core fee will be charged upon upgrade
 - Free project resources will reset to Serious Core limits
 - Project IP addresses remain unchanged
+
 :::important
 If you encounter issues, **contact support immediately** and try running the process again.
 :::
+
 ## Services
+
 Services encapsulate your containers and provide specific functionality within a project. A project can contain unlimited services, each with its own purpose.
+
 **Service types include:**
 - Runtimes, Linux Containers & Docker
 - Databases, Search Engines & Messages Brokers
 - Storages
 - *System services (needed for fully functioning project core)*
+
 **Management options:**
 - **Fully managed**: Zerops handles scaling, routing, and repairs automatically (Databases and Storages)
 - **Partially managed**: You maintain control over certain management aspects (Runtimes)
+
 Services within a project communicate via internal hostnames and can share environment variables for seamless integration.
+
 ## Containers
+
 Containers are the most granular level of the Zerops architecture. Each service consists of one or more containers that work together to deliver functionality.
+
 **Container deployment:**
 - Single containers for simple applications
 - Multiple containers for High Availability (HA) mode (e.g. fully managed MariaDB service in HA mode uses 3 containers for the database cluster and 2 for proxies)
+
 **Container capabilities:**
 - Use predefined images or custom configurations
 - Can be exposed publicly via Zerops subdomains, custom domains, or public ports
 - Operate within service resource constraints with automatic scaling
 
+----------------------------------------
+
+# Features > Local Remote Development
+
+
+Zerops development is network-first. Keep your editor on your laptop, work fully inside Zerops, or use a native editor over SSH — in each case you join the same project-private network with the same hostnames, credentials, managed services, and deploy pipeline that staging and production use. What changes between environments is policy: credentials, resources, access rules, data, and release authority — not the platform underneath.
+
+## How development on Zerops works
+
+Every project ships with a private network. Services reach each other by hostname (`db:5432`, `api:3000`, `redis:6379`), with credentials injected as environment variables.
+
+The development question is how you get onto that network. Three paths give you the same project-private reach, with different filesystem, tooling, and credential boundaries.
+
+- **Local + VPN.** Your laptop joins the private network via WireGuard. Editor, toolchain, and processes stay where they are. A hosted workspace is not required.
+- **Cloud IDE.** A Linux workspace in the project, accessed through VS Code Server in the dashboard. Zero local setup.
+- **Native IDE over SSH.** SSH from your local VS Code, JetBrains Gateway, Cursor, or plain `ssh` into a workspace or directly into a runtime service container.
+
+Switch paths without reprovisioning the project. A teammate on Local + VPN and another in the Cloud IDE are hitting the same `db:5432`.
+
+```text
+   Laptop + editor          Browser tab          Laptop + native IDE
+          │                      │                        │
+     zcli vpn up          VS Code Server             zcli vpn up
+     (WireGuard)          on the project             + ssh apidev
+          │                      │                        │
+          └──────────────────────┴────────────────────────┘
+                                 │
+                                 ▼
+         ┌─────────── project private network ───────────┐
+         │                                               │
+         │     api:3000      db:5432      cache:6379     │
+         │                                               │
+         └───────────────────────────────────────────────┘
+```
+
+## Local + VPN
+
+**Best for:** keeping your existing editor, dotfiles, and toolchain — and offloading just the dependencies that are painful to run locally.
+
+```bash
+zcli vpn up <project-id>
+
+psql "postgresql://app:secret@db:5432/myapp"
+redis-cli -h cache -p 6379
+ssh apidev
+```
+
+Your laptop can reach project services by hostname: Postgres, Valkey, S3-compatible storage, runtime containers, and any other service in the project. You can keep your normal dev loop and point it at `db:5432` instead of a local mock or Docker Compose dependency.
+
+You do not need a hosted workspace, `zcli push`, or a new editor for this path.
+
+**Source control.** Use git on your laptop the way you always have. Commits, pushes, SSH agent against GitHub, your existing credentials — nothing about Zerops sits between you and the remote.
+
+:::info Complete VPN setup
+See the [VPN reference guide](/references/networking/vpn).
+:::
+
+## Cloud IDE in Zerops
+
+**Best for:** zero local setup, working from a machine that isn't yours, or wanting a pristine environment that doesn't touch your laptop.
+
+A hosted workspace is a normal Zerops service in the project. It gives you a project-contained Linux environment with private-network access, optional Browser VS Code, `zcli`, git tooling, database CLIs, and shell utilities.
+
+The workspace can also mount runtime service files, so you can inspect or edit code that runs in another container without moving it to your laptop:
+
+```bash
+ls /var/www/apidev
+ls /var/www/frontenddev
+vim /var/www/apidev/src/server.ts
+```
+
+The dev server in the runtime container hot-reloads, the database is the same `db:5432`, and staging deploys still go through the Zerops deploy pipeline.
+
+The Cloud IDE itself is configurable. Two access methods:
+
+- **VPN Only.** The IDE is reachable through `zcli vpn up`, no public exposure. Most secure.
+- **Public Access.** The IDE is reachable on a `.zerops.app` subdomain, gated by an auto-generated password.
+
+**Source control.** The hosted workspace isn't on your laptop, so your local SSH keys don't follow it. Two patterns work:
+
+- **GitHub via `gh`.** The GitHub CLI is preinstalled. Run `gh auth login` once and `gh` handles HTTPS auth, PR creation, and review flows from the container.
+- **Token in env vars.** Save a fine-grained personal access token to the workspace service's secret environment variables; `git` reads it through a credential helper.
+
+Either pattern keeps your token in the workspace service, not in your project's source.
+
+## Native IDE over SSH
+
+**Best for:** native editor UX without carrying the toolchain or databases on your laptop.
+
+Once `zcli vpn up` is connected, every container on the project's private network is reachable from your laptop over SSH. Any editor that speaks Remote SSH can use it: VS Code Remote SSH, JetBrains Gateway, Cursor, Zed, or plain `vim`.
+
+```bash
+ssh apidev               # any runtime service in the project
+ssh frontenddev
+```
+
+In this path, a hosted workspace is convenient but not required. You can connect straight to `apidev`, edit the source there, and run the dev server in the same container. A hosted workspace is only a convenience layer when you want shared tools, runtime file mounts, or Cloud IDE.
+
+**Source control.** SSH agent forwarding works the same way it does to any other machine. Add your local SSH key to your agent (`ssh-add`), and `git push` from inside `apidev` or the workspace service uses your laptop's GitHub key over the forwarded agent socket — no token storage required.
+
+```ssh-config
+# Local ~/.ssh/config
+Host apidev.zerops
+    HostName apidev
+    ForwardAgent yes
+```
+
+:::info SSH access details
+See the [SSH reference guide](/references/networking/ssh).
+:::
+
+## Picking a path
+
+|                       | Local + VPN        | Cloud IDE                  | Native IDE over SSH               |
+| --------------------- | ------------------ | -------------------------- | --------------------------------- |
+| Editor runs           | Local              | Browser                    | Local                             |
+| Toolchain             | Local              | Hosted workspace           | Hosted workspace or service container |
+| Network entry         | WireGuard VPN      | Browser into the project   | WireGuard VPN, then SSH           |
+| Hosted workspace required | No              | Yes                        | No (convenience)                  |
+| Git auth              | Local credentials  | `gh` or token in env       | SSH agent forwarding              |
+| Best for              | Keeping your setup | Disposable environments    | Native UX, lighter laptop         |
+| Best for              | Keeping your setup | Disposable environments    | Native UX, lighter laptop         |
+
+## Why this is not just a cloud IDE
+
+If you've used GitHub Codespaces or Gitpod, Cloud IDE looks similar: a Linux container in the cloud, accessed from a browser or local IDE. Two structural differences matter.
+
+**You don't have to be in the editor.** Codespaces and Gitpod are editor-first. Zerops is network-first. Cloud IDE is one way to reach the project's private network; `zcli vpn up` lets you skip the editor environment entirely and consume the project's managed services from your existing local setup. The hosted workspace itself is just another Zerops service — SSH in, install packages, run processes, configure it however you want.
+
+**Your dev environment runs the same platform as production.** On a CDE, your dev container is one platform and the deployment target is another — making "works on my machine" a fact of life. On Zerops, dev Postgres, queue, cache, or object storage is the same managed service type the app meets later in stage and prod, on the same private network, with the same `zerops.yaml`. Policy differs across environments; the platform underneath doesn't.
+
+## Where to start
+
+- [VPN reference](/references/networking/vpn) — Connect your laptop to a Zerops project-private network.
+- [SSH reference](/references/networking/ssh) — Use a native editor or shell over SSH.
+- [Build & deploy pipeline](/features/pipeline) — Build and deploy from the same project model.
+- [Infrastructure for Coding Agents](/features/coding-agents) — The sibling feature: agents working on Zerops projects through the same access model.
+
+
 ----------------------------------------
 
 # Features > Pipeline
 
+
 export const languages = [
     { name: "Node.js", link: "/nodejs/how-to/build-pipeline" },
     { name: "PHP", link: "/php/how-to/build-pipeline" },
@@ -6973,6 +10261,7 @@ export const languages = [
     { name: "Gleam", link: "/gleam/how-to/build-pipeline" },
     { name: "Nginx", link: "/nginx/how-to/build-pipeline" }
 ]
+
 export const customizeBuild = [
     { name: "Node.js", link: "/nodejs/how-to/build-process#build-environment" },
     { name: "PHP", link: "/php/how-to/build-process#build-environment" },
@@ -6987,6 +10276,7 @@ export const customizeBuild = [
     { name: "Gleam", link: "/gleam/how-to/build-process#build-environment" },
     { name: "Nginx", link: "/nginx/how-to/build-process#build-environment" }
 ]
+
 export const customizeRuntime = [
     { name: "Node.js", link: "/nodejs/how-to/customize-runtime" },
     { name: "PHP", link: "/php/how-to/customize-runtime" },
@@ -7001,9 +10291,13 @@ export const customizeRuntime = [
     { name: "Gleam", link: "/gleam/how-to/customize-runtime" },
     { name: "Nginx", link: "/nginx/how-to/customize-runtime" }
 ]
+
 ## Configure the pipeline
+
 Zerops provides a customizable build and runtime environment for your application. Start by adding a [zerops.yaml](/zerops-yaml/specification) file to the **root of your repository** and modify it to fit your application.
+
 Here is a basic example for a Node.js application:
+
 ```yaml
 zerops:
   - setup: api
@@ -7018,104 +10312,158 @@ zerops:
       base: nodejs@20
       start: npm start
 ```
+
 The zerops.yaml in your repository tells Zerops how to build and deploy your application. When the build & deploy pipeline triggers for the Node.js service named `api`, Zerops will:
+
 1. Create a build environment with Node.js v.20 preinstalled
 2. Run build commands: `npm i`, `npm run build`
 3. Create a runtime environment with Node.js v.20 preinstalled
 4. Deploy the built artifact from the `./dist` folder to runtime containers
 5. Cache the `./node_modules` folder for faster subsequent builds
 6. Start your application using `npm start`
+
 Learn more about `zerops.yaml` parameters for your runtime:
+
 ## Trigger the pipeline
-  
+
 ### Continuous deployment
+
 Set up automatic builds triggered by Git events. You can establish continuous deployment in two ways:
+
 * **New Service:** Create a new runtime service and connect it to your GitHub or GitLab repository during the service creation process.
 * **Existing Services:** Go to the service detail and choose **Pipelines & CI/CD settings** from the left menu. Click **Connect with a GitHub repository** or **Connect with a GitLab repository** to link your repository.
+
 Once connected, Zerops will automatically build and deploy your application with each push to the selected branch or when you create a new tag.
-  
+
 ### On-demand deployment
+
 Trigger builds and deployments manually when needed using either the CLI or GUI.
+
 #### Using Zerops CLI
+
 - **Build and deploy:** `zcli service push` - Uploads code and triggers the full pipeline
 - **Deploy only:** `zcli service deploy` - Skips build, deploys pre-built artifacts
+
 See [CLI commands documentation](/references/zcli/commands#service-operations) for all parameters.
+
 #### Using Zerops GUI
+
 In **Pipelines & CI/CD settings** section of your service detail:
+
 - **Re-deploy last pipeline** - With optional secret env variable updates
 - **Trigger new pipeline** - From git repo or with custom configuration
+
 #### Using import YAML
-Add `buildFromGit: ` to your service configuration for one-time build during import. See [import documentation](/references/import#service-basic-configuration).
+
+Add `buildFromGit: <repo-url>` to your service configuration for one-time build during import. See [import documentation](/references/import#service-basic-configuration).
+
 ## Build phase
-  
+
 Zerops starts a temporary build container and executes these steps:
+
 1. **Install build environment** - Sets up the runtime and tools
 2. **Download source code** - From [GitHub ↗](https://www.github.com), [GitLab ↗](https://www.gitlab.com) or via [Zerops CLI](/references/cli)
 3. **Customize environment** - Runs optional preparation commands
 4. **Execute build commands** - Compiles and packages your application
 5. **Upload artifacts** - Stores build output in internal Zerops storage
 6. **Cache files** - Optionally [caches](/features/build-cache) selected files for faster future builds
+
 Zerops automatically deletes the build container after the build finishes or fails.
+
 ### Build hardware resources
+
 All runtime services use the same hardware resources for build containers:
-  
-      HW resource
-      Minimum
-      Maximum
-    
-      CPU cores
-      1
-      5
-    
-      RAM
-      8 GB
-      8 GB
-    
-      Disk
-      1 GB
-      100 GB
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>HW resource</strong></th>
+      <th className="w-fit"><strong>Minimum</strong></th>
+      <th className="w-fit"><strong>Maximum</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">CPU cores</td>
+      <td className="w-fit">1</td>
+      <td className="w-fit">5</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">RAM</td>
+      <td className="w-fit">8 GB</td>
+      <td className="w-fit">8 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Disk</td>
+      <td className="w-fit">1 GB</td>
+      <td className="w-fit">100 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 Build containers start with minimum resources and scale vertically up to maximum capacity as needed.
+
 :::info
 Build container resources are not charged. Build costs are covered by the standard Zerops [project fee](https://zerops.io/#pricing).
 :::
+
 ### Build time limit
+
 The entire build pipeline has a **1 hour** time limit. After 1 hour, Zerops terminates the build pipeline and deletes the build container.
+
 ### Customize the build environment
+
 All runtime services start with a default build environment based on the [build.base](/zerops-yaml/specification#base-) attribute in `zerops.yaml`. Install additional packages or tools by adding [build.prepareCommands](/zerops-yaml/specification#preparecommands-) to your configuration.
+
 Learn more about customizing build environments:
+
 ## Runtime prepare phase (optional)
-  
+
 When your application requires additional system packages, libraries, or tools in the runtime environment, Zerops allows you to build a custom runtime image. This optional phase occurs after the build phase and before deployment.
+
 ### When to use custom runtime images
+
 Build custom runtime images when you need:
 - System packages or libraries for runtime operations (e.g., `sudo apk add imagemagick` for image processing)
 - Library dependencies for interpreted languages or dynamically linked binaries
 - System-level tools or utilities your application requires
 - Customized base operating system or additional software layers
+
 ### Configuration
+
 Configure custom runtime images in your `zerops.yml` file using these fields:
+
 #### `run.os` + `run.base`
+
 Specify the operating system and base packages for your custom runtime image:
+
 ```yaml
 run:
   os: alpine # or ubuntu
   base: nodejs@20 # specify your runtime and version
 ```
+
 #### `run.prepareCommands`
+
 Define commands that customize your runtime image. These commands run inside a fresh base container:
+
 ```yaml
 run:
   prepareCommands:
     - sudo apk add --no-cache imagemagick
     - sudo apt-get update && apt-get install -y some-package  # for Ubuntu
 ```
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 Zerops creates the custom runtime image from this container after all commands complete successfully.
+
 #### `build.addToRunPrepare`
+
 Copy specific files from the build phase to the runtime prepare phase. This is useful when you need source files during runtime preparation:
+
 ```yaml
 build:
   addToRunPrepare:
@@ -7123,16 +10471,23 @@ build:
     - requirements.txt
     - config/runtime-setup.sh
 ```
+
 These files are packed immediately after `build.buildCommands` finish and become available during the runtime prepare phase.
+
 ### How it works
+
 When you trigger the first deploy with defined [run.prepareCommands](/zerops-yaml/specification#preparecommands--1), Zerops:
+
 1. **Creates prepare container** - Based on `run.os` and `run.base`
 2. **Copies build files** - Files specified in [build.addToRunPrepare](/zerops-yaml/specification#addtorunprepare-) (if any)
 3. **Runs prepare commands** - Executes [run.prepareCommands](/zerops-yaml/specification#preparecommands--1) in order
 4. **Creates runtime image** - Builds custom runtime image from the prepared container
 5. **Uses for deployment** - Deploys your application using this custom runtime image
+
 ### Custom runtime image caching
+
 Zerops caches custom runtime images to optimize deployment times. The runtime prepare phase is skipped and cached images are reused when:
+
 - It is not the first deployment of your service
 - None of these `zerops.yaml` fields changed since the last deployment:
   - `run.os` or `run.base`
@@ -7140,61 +10495,94 @@ Zerops caches custom runtime images to optimize deployment times. The runtime pr
   - `build.addToRunPrepare`
 - File contents specified in `build.addToRunPrepare` remain unchanged
 - The custom runtime image cache hasn't been manually invalidated
+
 #### Manual cache invalidation
+
 To invalidate the custom runtime image cache, go to your service detail in the Zerops GUI, choose **Pipelines & CI/CD settings** section from the left menu, and click on the button under **Pipeline #**. Then click on the **Clear runtime prepare image** button.
+
 Learn more about building custom runtime images:
+
 :::warning
 Do not include your application code in the custom runtime image, as your built application code is deployed automatically into fresh containers.
+
 Shared storage mounts are also not available during the runtime prepare phase.
 :::
+
 ## Deploy phase
-  
+
 ### Application artifacts
+
 After the [build phase](#build-phase) completes, Zerops stores the application artifact in internal storage and deletes the build container.
+
 For [manual deployments](#manual-deploy-using-zerops-cli) using Zerops CLI, the application artifact is also uploaded to internal storage.
+
 Zerops uses the stored artifact to deploy identical versions of your application whenever a new container starts:
+
 - During new application version deployments
 - When applications [scale horizontally](/features/scaling#horizontal-scaling-runtime-services-linux-containers-and-docker)
 - When runtime containers fail and new containers start automatically
+
 ### First deploy
+
 For initial deployments, Zerops starts one or more runtime containers based on your service [auto scaling settings](/features/scaling).
+
 Zerops executes these steps for each new container:
+
 1. **Install runtime environment** - Sets up the runtime (or uses a custom runtime image if configured)
 2. **Download application artifact** - Retrieves build output from internal storage
 3. **Run initialization** - Executes optional [init commands](/zerops-yaml/specification#initcommands-)
 4. **Start application** - Launches your app using the [start command](/zerops-yaml/specification#startcommands-)
 5. **Check readiness** - Waits for [readiness check](/zerops-yaml/specification#readinesscheck-) to succeed (if configured)
 6. **Activate container** - Container becomes active and receives incoming requests
+
 Services with multiple containers deploy in parallel.
+
 :::info
 If your application needs initialization in each runtime container, add [init commands](/zerops-yaml/specification#initcommands-) to `zerops.yaml`.
 :::
+
 :::caution
 Do not use `initCommands` for runtime environment customization. See [how to build custom runtime images](#runtime-prepare-phase-optional).
 :::
+
 ### Subsequent deploys
+
 For applications with existing running versions, Zerops starts new containers matching the count of existing containers.
+
 Zerops executes the same steps as the first deployment for each new container. Your service briefly contains both new and old versions during this process.
+
 Old containers are then removed from the project balancer to stop receiving new requests. The processes inside old containers terminate and Zerops gradually deletes all old containers.
+
 ### Readiness checks
+
 If your application is not ready to handle requests immediately after starting via the [start command](/zerops-yaml/specification#startcommands-), configure a [readiness check](/zerops-yaml/specification#readinesscheck-) in your `zerops.yaml`.
+
 When readiness checks are defined, Zerops:
+
 1. **Starts your application**
 2. **Performs readiness check**
 3. **Waits and retries** - If check fails, waits 5 seconds and repeats step 2
 4. **Activates container** - If check succeeds, marks container as active
+
 Runtime containers with pending readiness checks do not receive incoming requests - only active containers handle traffic.
+
 If readiness checks fail for 5 minutes, Zerops marks the container as failed, deletes it, creates a new container, and repeats the deployment process.
+
 **Readiness check types:**
+
 - `httpGet` - Succeeds when URL returns HTTP `2xx` status (5-second timeout, follows `3xx` redirects)
 - `exec.command` - Succeeds when command returns status code 0 (5-second timeout)
+
 Read the [runtime log](/nodejs/how-to/logs#runtime-log) to troubleshoot failed readiness checks.
+
 ## Manual deploy using Zerops CLI
-  
-Start deploy-only pipelines using the [Zerops CLI](/references/cli). The `zcli service deploy` command uploads and deploys your application in Zerops. Use this when you have your own build process. For building applications in Zerops, use [continuous](#continuous-deployment) or [on-demand](#on-demand-deployment) deployment instead.
+
+Start deploy-only pipelines using the [Zerops CLI](/references/cli). The [`zcli service deploy`](/references/zcli/commands#deploy) command uploads and deploys your application in Zerops. Use this when you have your own build process. For building applications in Zerops, use [continuous](#continuous-deployment) or [on-demand](#on-demand-deployment) deployment instead.
+
 ```sh
 Usage:
   zcli service deploy pathToFileOrDir [flags]
+
 Flags:
       --archive-file-path string   If set, zCLI creates a tar.gz archive with the application code in the required path relative
                                  to the working directory. By default, no archive is created.
@@ -7210,109 +10598,159 @@ Flags:
       --zerops-yaml-path string    Sets a custom path to the zerops.yaml file relative to the working directory. By default zCLI
                                  looks for zerops.yaml in the working directory.
 ```
+
 `pathToFileOrDir` defines paths to directories and/or files relative to the working directory. The working directory defaults to the current directory and can be changed using the `--working-dir` flag.
+
 Place `zerops.yaml` in the working directory.
+
 :::info
 You can modify the deploy pipeline anytime by updating the `zerops.yaml` in your working directory.
 :::
+
 ## Manage builds and deployments
+
 ### Cancel running build
+
 When you need to cancel an incorrect running build, use the Zerops GUI. Go to the service detail, open the running processes list, and click **Open pipeline detail**. Then click **Cancel build**.
-  
+
 :::caution
 Build cancellation is only available before the build pipeline finishes. Once the build completes, deployment cannot be cancelled.
 :::
+
 ### Application versions
+
 Zerops keeps the 10 most recent versions of your application in internal storage.
+
 Access the application versions list in Zerops GUI by going to service detail and choosing the **Pipelines & CI/CD settings** section from the left menu. The active version is highlighted - click the button below to show all archived versions.
-  
+
 Access pipeline details from the additional menu. Pipeline details contain:
+
 - Pipeline configuration (`zerops.yaml`) used for the selected version
 - Build log (if available)
 - Prepare runtime log (if available)
+
 You can download the build artifact for selected versions or manually delete inactive versions.
+
 ### Restore an archived version
+
 Restore archived versions by choosing **Activate** from the additional menu. Zerops will deploy the selected version and archive the currently active version.
+
 Environment variables restore to their state from the last moment when the selected version was active.
 
 ----------------------------------------
 
 # Features > Rbac
 
+
 Zerops provides granular access control through a role-based permission system, allowing you to precisely manage who can access and modify your organization's resources. This system operates at two levels: **organization-wide roles** and **per-project role overrides**.
+
 ## Core Concepts
+
 When a user performs an action on a project or its resources, Zerops first checks for a project-specific role override. If none exists, the organization role applies:
+
 #### Organization Role
 The primary role assigned to a user, determining their **default permissions** across the entire organization and all its projects.
+
 #### Project Role Override
 An optional per-project permission that **supersedes the organization role** for that specific project and its resources (services, containers, environment variables, routing, etc.).
+
 ## User Roles
+
 Zerops supports four user roles, listed from highest to lowest permission level:
-    
-        Role
-        Organization Access
-        Default Project Access
-        Can Create Projects
-        Can Manage Team
-    
-        Owner
-        Full (incl. billing)
-        Full
-        ✓
-        All roles
-    
-        Admin
-        Full (excl. billing)
-        Full
-        ✓
-        Developer, Guest
-    
-        Developer
-        None
-        None (per-project only)
-        ✓
-        ✗
-    
-        Guest
-        None
-        None (per-project only)
-        ✗
-        ✗
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit font-semibold">Role</th>
+        <th className="w-fit font-semibold">Organization Access</th>
+        <th className="w-fit font-semibold">Default Project Access</th>
+        <th className="w-fit font-semibold">Can Create Projects</th>
+        <th className="w-fit font-semibold">Can Manage Team</th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit"><strong>Owner</strong></td>
+        <td className="w-fit">Full (incl. billing)</td>
+        <td className="w-fit">Full</td>
+        <td className="w-fit">✓</td>
+        <td className="w-fit">All roles</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Admin</strong></td>
+        <td className="w-fit">Full (excl. billing)</td>
+        <td className="w-fit">Full</td>
+        <td className="w-fit">✓</td>
+        <td className="w-fit">Developer, Guest</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Developer</strong></td>
+        <td className="w-fit">None</td>
+        <td className="w-fit">None (per-project only)</td>
+        <td className="w-fit">✓</td>
+        <td className="w-fit">✗</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Guest</strong></td>
+        <td className="w-fit">None</td>
+        <td className="w-fit">None (per-project only)</td>
+        <td className="w-fit">✗</td>
+        <td className="w-fit">✗</td>
+    </tr>
+    </tbody>
+</table>
+
 ### Owner
+
 :::note
 Every organization must have at least one Owner at all times.
 :::
+
 The **Owner** role has unrestricted access to all organization resources:
+
 - Full access to billing, invoices, and payment management
 - Can invite, edit, and remove users of any role
 - Automatic *Full access* to all projects
 - Can create unlimited projects
 - Minimum access level on any project is *Read only*
+
 ### Admin
+
 The **Admin** role provides comprehensive access without billing permissions:
+
 - Cannot view or manage billing information
 - Can invite, edit, and remove users with Developer or Guest roles only
 - Cannot manage other Admins or Owners
 - Automatic *Full access* to all projects
 - Can create unlimited projects
 - Minimum access level on any project is *Read only*
+
 ### Developer
+
 The **Developer** role is designed for team members who need to work on specific projects:
+
 - No access to organization-level settings
 - No default access to any projects — access must be granted per-project
 - Can create new projects (automatically receives full access to projects they create)
 - Cannot invite or manage other team members
+
 ### Guest
+
 The **Guest** role provides the most restricted access:
+
 - No access to organization-level settings
 - No default access to any projects — access must be granted per-project
 - Cannot create new projects
 - Cannot invite or manage other team members
+
 ## Project Access Levels
+
 When granting project access (either as a default for Owners/Admins or as an override for any role), two permission levels are available:
+
 ### Full Access
+
 Users with full access to a project can:
+
 - Start, stop, and restart services
 - Deploy applications
 - Create, edit, and delete services
@@ -7323,208 +10761,315 @@ Users with full access to a project can:
 - Download backups and deployed code
 - Manage project settings and routing
 - Delete the project
+
 ### Read Only
+
 Users with read-only access to a project can:
+
 - View project structure and service status
 - View logs and metrics
 - View deployment history
 - View non-sensitive environment variables
 - View backup existence and metadata
 - View VPN public keys (but not create new key pairs)
+
 Users with read-only access **cannot**:
+
 - Make any changes to project configuration
 - Start, stop, or deploy services
 - Access SSH web terminal or file browser
 - Download backups or deployed code
 - View sensitive environment variables (displayed as `REDACTED`)
 - Create VPN key pairs
+
 :::info Coming Soon
 **Sensitive Environment Variables**: You will soon be able to mark specific environment variables as sensitive. These variables will be stored encrypted and hidden from users with read-only access, providing additional security for credentials and secrets.
 :::
+
 ## Managing Team Members
+
 Access team management at **Organization → Team**.
+
 ### Inviting New Members
+
 1. Navigate to the Team section
 2. Click **Invite Member**
 3. Enter the user's email address
 4. Select their organization role (Owner, Admin, Developer, or Guest)
 5. Send the invitation
+
 If the email belongs to an existing Zerops account, they'll receive an invitation to join your organization. If not, they'll be invited to create an account and will set up their password upon accepting.
+
 ### Editing Member Permissions
+
 You can modify a team member's permissions in two ways:
+
 **From the Team section**:
 - Edit the user's organization role
 - Configure their access to all projects at once
+
 **From Project Settings**:
 - Manage access for all users to that specific project
 - Useful when onboarding a team to a new project
+
 ### Role Change Restrictions
+
 - Users cannot modify their own role
 - Admins can only modify users with Developer or Guest roles
 - A user cannot be demoted if they have integration tokens with higher permissions — those tokens must be modified or deleted first
 - At least one Owner must exist in the organization at all times
+
 ## Project Role Overrides
+
 Project role overrides allow you to customize access for specific projects without changing a user's organization-wide role.
+
 ### Common Use Cases
+
 **Restricting Admin access to production**:
 An Admin who should have full access to development projects but only read-only access to production can have a Read only override set on the production project.
+
 **Granting Developer access to specific projects**:
 A Developer (who has no default project access) can be granted Full access to the projects they work on, while remaining unable to see other projects.
+
 **Temporary project access for Guests**:
 A Guest user (perhaps an external contractor) can be granted Read only or Full access to specific projects for the duration of their engagement.
+
 ### How Overrides Work
+
 :::note
 Owners and Admins cannot be set to "No access" on any project — the minimum override available for these roles is Read only.
 :::
-    
-        Organization Role
-        Without Override
-        With Full Access Override
-        With Read Only Override
-    
-        Owner
-        Full access
-        Full access
-        Read only
-    
-        Admin
-        Full access
-        Full access
-        Read only
-    
-        Developer
-        No access
-        Full access
-        Read only
-    
-        Guest
-        No access
-        Full access
-        Read only
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Organization Role</strong></th>
+        <th className="w-fit"><strong>Without Override</strong></th>
+        <th className="w-fit"><strong>With Full Access Override</strong></th>
+        <th className="w-fit"><strong>With Read Only Override</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit">Owner</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Read only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Admin</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Read only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Developer</td>
+        <td className="w-fit">No access</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Read only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Guest</td>
+        <td className="w-fit">No access</td>
+        <td className="w-fit">Full access</td>
+        <td className="w-fit">Read only</td>
+    </tr>
+    </tbody>
+</table>
+
 ## Integration Tokens
+
 Integration tokens provide programmatic access to the Zerops API, ideal for CI/CD pipelines, automation scripts, and third-party integrations.
+
 ### Token Access Levels
-    
-        Token Type
-        Description
-    
-        Full access to all projects
-        Can perform all operations on all current and future projects
-    
-        Read access to all projects
-        Can view all projects and their resources, but cannot make changes
-    
-        Custom access per project
-        No default access; each project must be explicitly added with Full or Read only permission
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Token Type</strong></th>
+        <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit"><strong>Full access to all projects</strong></td>
+        <td className="w-fit">Can perform all operations on all current and future projects</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Read access to all projects</strong></td>
+        <td className="w-fit">Can view all projects and their resources, but cannot make changes</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><strong>Custom access per project</strong></td>
+        <td className="w-fit">No default access; each project must be explicitly added with Full or Read only permission</td>
+    </tr>
+    </tbody>
+</table>
+
 ### Creating Tokens
+
 Access token management at **Settings → Access Tokens Management**.
+
 1. Click **Create Token**
 2. Enter a descriptive name for the token
 3. Select the access level
 4. If using custom per-project access, add each project and set its permission level
 5. Create the token
+
 :::warning
 The token value is displayed only once upon creation. Store it securely — you cannot retrieve it later.
 :::
+
 ### Token Permission Constraints
+
 Tokens cannot have higher permissions than the user who creates them:
-    
-        Your Role
-        Available Token Types
-    
-        Owner
-        Full access, Read access, Custom per project
-    
-        Admin
-        Full access, Read access, Custom per project
-    
-        Developer
-        Custom per project only
-    
-        Guest
-        Custom per project only
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Your Role</strong></th>
+        <th className="w-fit"><strong>Available Token Types</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit">Owner</td>
+        <td className="w-fit">Full access, Read access, Custom per project</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Admin</td>
+        <td className="w-fit">Full access, Read access, Custom per project</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Developer</td>
+        <td className="w-fit">Custom per project only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Guest</td>
+        <td className="w-fit">Custom per project only</td>
+    </tr>
+    </tbody>
+</table>
+
 ### Managing Tokens
+
 :::note
 Admins can manage tokens created by Developers and Guests, but cannot manage tokens created by other Admins or Owners.
 :::
+
 - **View**: Owners and Admins can see all tokens; Developers and Guests can only see their own tokens
 - **Edit**: A token's name, access level, or per-project permissions can be modified at any time
 - **Regenerate**: Creates a new token value while preserving all settings (the old token immediately stops working)
 - **Delete**: Permanently removes the token
+
 ---
+
 ## API Access & Advanced Configuration
+
 The Zerops API provides additional flexibility beyond what's available in the dashboard. This section covers capabilities accessible only through the API.
+
 :::info
 For complete API documentation, see the [Zerops OpenAPI Specification](/references/api).
 :::
+
 ### Backend Role System
+
 The API uses a more granular role system than the dashboard interface:
-    
-        Dashboard Role
-        API Role Code
-        Notes
-    
-        Owner
-        OWNER
-        Includes canViewFinances, canEditFinances, and canCreateProjects flags (always enabled)
-    
-        Admin
-        ADMIN
-        Includes canCreateProjects flag (always enabled)
-    
-        Developer
-        NO_ACCESS
-        With canCreateProjects: true
-    
-        Guest
-        NO_ACCESS
-        With canCreateProjects: false
-    
-        —
-        BASIC_USER
-        Available via API only
-    
-        —
-        READ_ONLY
-        Available via API only
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Dashboard Role</strong></th>
+        <th className="w-fit"><strong>API Role Code</strong></th>
+        <th className="w-fit"><strong>Notes</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit">Owner</td>
+        <td className="w-fit"><code>OWNER</code></td>
+        <td className="w-fit">Includes <code>canViewFinances</code>, <code>canEditFinances</code>, and <code>canCreateProjects</code> flags (always enabled)</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Admin</td>
+        <td className="w-fit"><code>ADMIN</code></td>
+        <td className="w-fit">Includes <code>canCreateProjects</code> flag (always enabled)</td>
+    </tr>
+    <tr>
+        <td className="w-fit">Developer</td>
+        <td className="w-fit"><code>NO_ACCESS</code></td>
+        <td className="w-fit">With <code>canCreateProjects: true</code></td>
+    </tr>
+    <tr>
+        <td className="w-fit">Guest</td>
+        <td className="w-fit"><code>NO_ACCESS</code></td>
+        <td className="w-fit">With <code>canCreateProjects: false</code></td>
+    </tr>
+    <tr>
+        <td className="w-fit">—</td>
+        <td className="w-fit"><code>BASIC_USER</code></td>
+        <td className="w-fit">Available via API only</td>
+    </tr>
+    <tr>
+        <td className="w-fit">—</td>
+        <td className="w-fit"><code>READ_ONLY</code></td>
+        <td className="w-fit">Available via API only</td>
+    </tr>
+    </tbody>
+</table>
+
 ### Additional Roles (API Only)
+
 **BASIC_USER**
 - Can view all projects (unless overridden to `NO_ACCESS`)
 - Can perform all project operations (start/stop services, deploy, view logs, etc.)
 - Cannot delete projects
 - Cannot create projects without the `canCreateProjects` flag
 - Cannot manage team members
+
 **READ_ONLY**
 - Can view all projects (unless overridden to `NO_ACCESS`)
 - Cannot make any changes
 - Cannot access SSH terminal, file browser, or VPN key creation
 - Cannot download backups or deployed code
 - Sensitive environment variables displayed as `REDACTED`
+
 ### Permission Flags
+
 The API supports additional permission flags that can be set on any user regardless of role:
-    
-        Flag
-        Description
-    
-        canViewFinances
-        Allows viewing billing information, invoices, and payment sources
-    
-        canEditFinances
-        Allows modifying billing information and processing payments (automatically enables canViewFinances)
-    
-        canCreateProjects
-        Allows creating new projects (user receives OWNER role on projects they create)
-    
+
+<table className="w-full my-1.5">
+    <thead>
+    <tr>
+        <th className="w-fit"><strong>Flag</strong></th>
+        <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+    </thead>
+    <tbody>
+    <tr>
+        <td className="w-fit"><code>canViewFinances</code></td>
+        <td className="w-fit">Allows viewing billing information, invoices, and payment sources</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><code>canEditFinances</code></td>
+        <td className="w-fit">Allows modifying billing information and processing payments (automatically enables <code>canViewFinances</code>)</td>
+    </tr>
+    <tr>
+        <td className="w-fit"><code>canCreateProjects</code></td>
+        <td className="w-fit">Allows creating new projects (user receives <code>OWNER</code> role on projects they create)</td>
+    </tr>
+    </tbody>
+</table>
+
 These flags enable scenarios like:
 - An Admin who needs to view (but not edit) billing information
 - A Developer who should be able to create projects but also view invoices
 - A read-only user who monitors billing status
+
 ### Project Role Overrides via API
+
 The API allows setting any role as a project override, including `NO_ACCESS`:
+
 ```yaml
 # Example: Set NO_ACCESS override for a user on a specific project
 PUT /api/rest/public/client-user/{id}/roles
@@ -7537,144 +11082,218 @@ PUT /api/rest/public/client-user/{id}/roles
   ]
 }
 ```
+
 This enables scenarios not possible through the dashboard, such as hiding specific projects from users who would otherwise have access based on their organization role.
+
 ### Role Resolution Logic
+
 When determining a user's effective permissions for a project:
+
 1. Check if a project-specific role override exists
 2. If yes, use that role for all project-related operations
 3. If no, use the organization role
+
 For non-project operations (billing, team management), only the organization role applies.
 
+
 ----------------------------------------
 
 # Features > Scaling
 
+
 Zerops delivers enterprise-grade infrastructure with built-in automatic scaling and high availability. This means applications and databases dynamically adjust to traffic demands—scaling up during peak loads to maintain performance and scaling down during quiet periods to reduce costs.
+
 Unlike traditional hosting where resources must be predicted and pre-provisioned, Zerops continuously monitors workloads and automatically allocates exactly what is needed, when it is needed. This intelligent resource management ensures optimal performance without wasted spend.
+
 ## Key Benefits
+
 - **Cost Optimization**: Only pay for resources actually used
 - **Performance Reliability**: Maintain responsiveness during traffic spikes
 - **Automatic Management**: Built-in best practices with customizable settings
 - **High Availability**: Redundancy options for production environments
+
 ## Understanding Zerops Scaling Architecture
+
 Zerops uses two fundamentally different approaches for optimizing infrastructure:
+
 #### **Resource Management (Vertical Scaling)**
 - **Applies to:** Runtime services, databases, shared storage, and Linux containers (Alpine and Ubuntu)
 - **What it does:** Adjusts CPU, RAM, and disk resources within individual containers
 - **Management:** Automated by Zerops, but customizable by users
+
 :::note
 Docker services do not support automatic vertical scaling. Resource values can be manually changed, but this triggers a VM restart.
 :::
+
 #### **Container Architecture**
 - **For Runtime Services, Linux Containers, and Docker:** Horizontal Scaling (dynamic container count)
   - Adds or removes containers/VMs based on load
   - Requires applications to be designed for HA operation
   - Container/VM creation limits can be controlled
   - Docker containers run in VMs rather than native containers
+
 - **For Databases & Shared Storage:** High Availability Mode (fixed container count)
   - Single Container OR Multi-Container HA configuration
   - Must be chosen at service creation (cannot be changed later)
   - Managed by Zerops (no application changes needed)
+
 ### At-a-Glance Comparison
+
 * ✓ = Available *(configurable, defaults vary according to service type)*
-  
-      Feature
-      Runtime Services & Linux Containers
-      Databases
-      Shared Storage
-      Docker
-    
-      Automatic Resource Scaling
-      ✓
-      ✓
-      ✓
-      Manual (triggers VM restart)
-    
-      Automatic Horizontal Scaling
-      ✓
-      Fixed # of containers
-      Fixed # of containers
-      ✓
-    
-      High Availability
-      User-implemented
-      Zerops-managed HA mode
-      Zerops-managed HA mode
-      User-implemented
-    
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="">Feature</th>
+      <th className="">Runtime Services & Linux Containers</th>
+      <th className="">Databases</th>
+      <th className="">Shared Storage</th>
+      <th className="">Docker</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Automatic Resource Scaling</td>
+      <td className="w-fit text-center">✓</td>
+      <td className="w-fit text-center">✓</td>
+      <td className="w-fit text-center">✓</td>
+      <td className="w-fit text-center">Manual (triggers VM restart)</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Automatic Horizontal Scaling</td>
+      <td className="w-fit text-center">✓</td>
+      <td className="w-fit text-center">Fixed # of containers</td>
+      <td className="w-fit text-center">Fixed # of containers</td>
+      <td className="w-fit text-center">✓</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">High Availability</td>
+      <td className="w-fit text-center">User-implemented</td>
+      <td className="w-fit text-center">Zerops-managed HA mode</td>
+      <td className="w-fit text-center">Zerops-managed HA mode</td>
+      <td className="w-fit text-center">User-implemented</td>
+    </tr>
+  </tbody>
+</table>
+
 ## When to Configure Scaling
+
 You can configure scaling settings at three different stages:
+
 - **During service creation** - Configure initial scaling parameters when creating services in the Zerops GUI. Set resource limits, CPU mode, and container counts from the start.
+
 - **During import** - Use YAML configuration files to define comprehensive scaling settings including `verticalAutoscaling` parameters and horizontal scaling limits. See [Import & Export YAML Configuration](/references/import) for complete syntax.
+
 - **After service creation** - Modify most scaling settings anytime through your service's **Automatic scaling configuration** page. Note that some parameters like deployment mode for databases and shared storage cannot be changed after creation.
+
 This flexibility lets you plan scaling strategies upfront or adapt them as requirements evolve.
+
 ## Part 1: Resource Management
+
 Resource management in Zerops focuses on efficiently allocating and adjusting CPU, RAM, and disk resources within individual containers based on actual usage patterns.
+
 These resource management capabilities apply to **runtime** services, **databases**, **shared storage**, and **Linux containers** (Alpine and Ubuntu).
+
 :::note
 Docker services do not support automatic vertical scaling. Resources for Docker services are fixed at the values set manually and do not automatically adjust based on usage.
 :::
+
 :::tip Disable Scaling for Specific Resources
 To prevent automatic scaling of specific resources, simply set identical minimum and maximum values for CPU, RAM, or Disk.
 :::
+
 ### CPU Settings
+
 #### CPU Mode
+
 Two CPU allocation modes are available for any service:
+
 **Shared CPU**
+
 Shared CPU provides a physical CPU core shared with up to 10 other applications. Performance varies depending on neighbors, ranging from 1/10 to 10/10 power. This option is cost-effective for non-critical workloads, development, and testing environments.
+
 **Dedicated CPU**
+
 Dedicated CPU gives exclusive access to a full physical CPU core(s), ensuring consistent and predictable performance. This option is ideal for production environments and CPU-intensive applications.
+
 :::tip
 CPU mode can be changed (once per hour) as needed.
 :::
+
 See the [pricing](/company/pricing#resource-pricing) for the difference between CPU modes.
+
 #### Minimum and Maximum CPU Cores
+
 Set boundaries for CPU core allocation. Zerops will scale CPU resources within these limits based on actual usage.
+
 #### Start CPU Core Count
+
 Determines how many CPU cores are allocated when containers start:
 - Default: 2 cores
 - Applies to both dedicated and shared CPU modes
 - Higher values provide more processing power during application initialization
 - After startup, resources are automatically adjusted based on actual usage and limits
+
 #### CPU Scaling Thresholds
+
 For services using [dedicated CPU](#cpu-mode) only, CPU scaling is controlled by:
+
 **Min. Free CPU Cores (%)**
 - Scale-up is triggered when free capacity drops below a fixed fraction of a single CPU core
 - Default: 10%
 - Set as a percentage of a single core's capacity
 - Example: Setting to 20% means that with one core, at least 20% of that core should remain free
+
 **Dynamic Min. Free Total Core Percent**
 - Scale-up is triggered when total free capacity across all cores falls below a percentage of total capacity
 - Default: 0% (disabled)
 - Dynamically adjusts as the number of cores changes
 - Ideal for accommodating varying load distributions
 - Example: 20% setting ensures at least 20% of the combined capacity of all cores remains free
+
 ### RAM Settings
+
 #### Minimum and Maximum RAM
+
 Set boundaries for RAM allocation. Zerops will scale RAM within these limits based on actual usage.
+
 #### RAM Scaling Thresholds
+
 RAM usage is monitored every 10 seconds to ensure optimal performance. The minimum free RAM settings serve multiple important purposes: they prevent Out of Memory (OOM) errors, provide space for kernel disk caching (which improves application performance), and maintain a buffer for sudden memory demands.
+
 Swap is enabled for all containers to help prevent OOM errors, but proper minimum free RAM configuration is still essential—especially for services that use large amounts of RAM or benefit from kernel disk caching. Without sufficient free memory, performance may degrade due to increased disk access.
+
 Two threshold types determine RAM scaling:
+
 **Minimum Free RAM (absolute value in GB)**
 - Specifies an absolute threshold for free RAM
 - Additional memory is triggered when available RAM falls below this fixed amount
 - Default: 0.0625 GB (64 MB) for most services
 - Ideal for maintaining system stability and responsiveness
+
 **Minimum Free RAM (% of Granted)**
 - Establishes a dynamic threshold based on a percentage of total granted memory
 - Default: 0% (disabled)
 - The buffer scales proportionally as total memory increases
 - Particularly useful for handling varying loads
+
 :::note
 Whichever setting provides more free memory is used.
 :::
+
+[Video: /vids/ram-scaling.webm](/vids/ram-scaling.webm)
+
 ### Disk Settings
+
 #### Minimum and Maximum Disk
+
 Set boundaries for disk space allocation. Zerops will scale disk space within these limits based on actual usage.
+
 ### Resource Scaling Behavior
+
 Zerops implements an exponential growth pattern ensuring that **resources grow gradually** for minor load increases but can scale rapidly when significant additional capacity is needed. When resource usage triggers scaling, Zerops initially adds smaller increments, but as demand continues to increase, it can add larger increments to quickly meet the needs of your application.
+
 Below are the parameters that control this behavior across all services that support vertical scaling:
+
 - **Data Collection Interval:** How frequently resource usage metrics are collected
 - **Scale-Up Window Interval:** The timeframe in which high usage must persist before adding resources
 - **Scale-Down Window Interval:** The timeframe in which low usage must persist before reducing resources
@@ -7682,122 +11301,177 @@ Below are the parameters that control this behavior across all services that sup
 - **Scale-Down Threshold Percentile:** The usage percentile that triggers resource scaling down
 - **Minimum Step:** The smallest increment by which resources can increase during scaling
 - **Maximum Step:** The largest possible increment for resources when scaling rapidly under high load
-  
-      Parameter
-      CPU
-      RAM
-      Disk
-    
-      Data Collection Interval
-      10 seconds
-      10 seconds
-      10 seconds
-    
-      Scale-Up Window Interval
-      20 seconds
-      10 seconds
-      10 seconds
-    
-      Scale-Down Window Interval
-      60 seconds
-      120 seconds
-      300 seconds
-    
-      Scale-Up Threshold Percentile
-      60
-      50
-      50
-    
-      Scale-Down Threshold Percentile
-      40
-      50
-      50
-    
-      Minimum Step
-      1 (0.1 cores)
-      0.125 GB
-      0.5 GB
-    
-      Maximum Step
-      40
-      32 GB
-      128 GB
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="">Parameter</th>
+      <th className="">CPU</th>
+      <th className="">RAM</th>
+      <th className="">Disk</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">Data Collection Interval</td>
+      <td className="w-fit">10 seconds</td>
+      <td className="w-fit">10 seconds</td>
+      <td className="w-fit">10 seconds</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Scale-Up Window Interval</td>
+      <td className="w-fit">20 seconds</td>
+      <td className="w-fit">10 seconds</td>
+      <td className="w-fit">10 seconds</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Scale-Down Window Interval</td>
+      <td className="w-fit">60 seconds</td>
+      <td className="w-fit">120 seconds</td>
+      <td className="w-fit">300 seconds</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Scale-Up Threshold Percentile</td>
+      <td className="w-fit">60</td>
+      <td className="w-fit">50</td>
+      <td className="w-fit">50</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Scale-Down Threshold Percentile</td>
+      <td className="w-fit">40</td>
+      <td className="w-fit">50</td>
+      <td className="w-fit">50</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Minimum Step</td>
+      <td className="w-fit">1 (0.1 cores)</td>
+      <td className="w-fit">0.125 GB</td>
+      <td className="w-fit">0.5 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Maximum Step</td>
+      <td className="w-fit">40</td>
+      <td className="w-fit">32 GB</td>
+      <td className="w-fit">128 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Part 2: Container Architecture — Service-Specific Approaches
+
 Container architecture in Zerops defines how services are distributed across containers. Different service types use fundamentally different approaches:
+
 1. **Horizontal Scaling** (Runtime Services, Linux Containers, and Docker)
 2. **Deployment Modes** (Databases and Shared Storage)
+
 ### Horizontal Scaling (Runtime Services, Linux Containers, and Docker)
+
 Horizontal scaling adds or removes entire containers (or VMs for Docker) as demand fluctuates.
 * When vertical scaling reaches its defined maximum, new containers/VMs are automatically added to handle additional load.
 * As demand decreases, containers/VMs are gradually removed to optimize resource usage.
+
 :::important HA-ready Applications
 For applications to work properly across multiple containers, they must be designed to be HA-ready.
 :::
+
 #### Setting Horizontal Scaling Parameters
+
 To configure horizontal scaling, users need to set the minimum and maximum number of containers:
+
 - **Minimum Containers**: The baseline number of containers that should always be running (system limit: 1)
 - **Maximum Containers**: The upper limit of containers that can be created during high demand (system limit: 10)
+
 :::tip Disable Horizontal Scaling
 Setting identical minimum and maximum values creates a fixed number of containers (disables automatic horizontal scaling).
 :::
+
 ### Deployment Modes (Databases and Shared Storage)
+
 For databases and shared storage services, Zerops offers two deployment modes focused on reliability and data integrity.
+
 :::warning
 Deployment mode cannot be changed after creation.
 :::
+
 #### Single Container Mode
+
 Single Container Mode provides one container with vertical scaling only. This is suitable for development environments or non-critical data storage.
+
 **Characteristics:**
 - Limited redundancy
 - No automatic recovery if the container fails
 - Data since last backup (if available) may be lost if failure occurs
 - Cost-effective for non-production environments
+
 #### Highly Available (HA) Mode
+
 Highly Available (HA) Mode creates multiple containers with built-in redundancy. This mode is strongly recommended for production environments and mission-critical data.
+
 **Characteristics:**
 - Multiple containers distributed across different physical machines
 - Automatic failover and recovery mechanisms
 - Data redundancy and integrity protection
 - Higher reliability and availability
 - Recommended for production use
+
 :::important
 Database and shared storage services in HA mode have a **fixed number of containers** that cannot be increased or decreased.
 :::
+
 **Recovery process:**
+
 In HA mode, when a container or physical machine fails, recovery is handled automatically:
+
 1. The failed container is disconnected from the cluster
 2. A new container is created on a different physical machine
 3. Data is synchronized from remaining healthy copies
 4. The failed container is removed
 5. Service continues with minimal disruption
+
+[Video: /vids/database-scaling.webm](/vids/database-scaling.webm)
+
 ### Fixed Resource Allocation (Docker Services)
+
 Docker services in Zerops operate differently from other service types:
+
 #### Docker Service Characteristics
+
 - **VM-Based Deployment**: Docker services run in virtual machines rather than containers
 - **Fixed Resources**: Unlike other services, Docker services do not support automatic vertical scaling
 - **User-Defined Resources**: Resources are set at creation and remain fixed until manually changed
 - **VM Count Changes**: The number of VMs can be changed, but this requires a VM restart
 - **No Automatic Scaling**: Resource levels do not automatically adjust based on usage
+
 **Important Considerations for Docker Services:**
 - Initial resource values should be chosen carefully, as they cannot automatically scale
 - Planning for expected peak loads is important when setting resource values
 - Runtime services or Linux containers should be considered instead if dynamic scaling is essential
 - VM restarts cause temporary service disruption when changing VM count or resources
+
 :::warning
 Docker services use fixed resources that do not automatically scale. Sufficient resources should be allocated at creation to handle expected workload. Additionally, disk space for Docker services can only be increased, not decreased without recreation of the service.
 :::
+
 ## Monitoring Your Infrastructure
+
 Zerops provides comprehensive monitoring tools in the user interface to track both resource usage and container scaling activities:
+
 ### Resource History Graphs
+
 Resource and container scaling can be visualized over time:
 - CPU utilization per container
 - RAM usage patterns
 - Disk space consumption
 - Container count changes
+
 These graphs help understand application resource needs, identify usage patterns, and fine-tune scaling settings for optimal performance and cost efficiency.
+
+[Video: /vids/containers.webm](/vids/containers.webm)
+
 ## Troubleshooting
+
 #### Resource-Related Issues (All Service Types Except Docker)
+
 **Out of Memory Errors**
 * **Issue:** Application crashes with OOM errors despite resource scaling.
 * **Possible Cause:** Insufficient minimum free RAM setting.
@@ -7805,6 +11479,7 @@ These graphs help understand application resource needs, identify usage patterns
     - Increase the "Minimum free RAM" setting
     - Check for memory leaks in the application
     - Consider setting a higher minimum RAM value
+
 **Excessive Resource Costs**
 * **Issue:** Resources scaling up but not scaling down efficiently.
 * **Possible Cause:** Scale-down thresholds not optimized.
@@ -7812,7 +11487,9 @@ These graphs help understand application resource needs, identify usage patterns
     - Review usage patterns in monitoring graphs
     - Adjust scale-down thresholds to be more aggressive
     - Set appropriate resource minimums based on base requirements
+
 #### Runtime Service and Linux Container Issues (Horizontal Scaling)
+
 **Application Not Working Properly Across Multiple Containers**
 * **Issue:** Application errors or inconsistent behavior when horizontally scaled.
 * **Possible Cause:** Application not designed for distributed operation.
@@ -7820,22 +11497,29 @@ These graphs help understand application resource needs, identify usage patterns
     - Ensure the application properly handles stateless operation
     - Implement proper session management across containers
     - Review and modify application code to support multiple instances
+
 #### Docker Service Issues
+
 **Insufficient Resources for Workload**
 * **Issue:** Docker service experiencing performance issues or crashes.
 * **Possible Cause:** Fixed resources inadequate for actual workload.
 * **Solution:**
     - Since Docker services don't support automatic vertical scaling, a new service with higher resource allocations may be needed
     - Consider migrating to a runtime service or Linux container if dynamic resource scaling is needed
+
 *Need help implementing scaling in your project? Join our [Discord community](https://discord.gg/zerops) where our team and other Zerops users can assist you!*
 
 ----------------------------------------
 
 # Gleam > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Gleam application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -7844,51 +11528,65 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: gleam@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: gleam@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customise the runtime Gleam environment by installing additional
       # dependencies to the base Gleam runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Gleam application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Gleam application start command
       start: npm start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -7899,6 +11597,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -7908,11 +11607,19 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Gleam builds:
+
+- `gleam@1.5`, `gleam@1`, `gleam@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -7923,12 +11630,18 @@ zerops:
       base: gleam@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Gleam, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+  major version of Gleam, [Zerops command line tool](/references/cli), `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -7942,34 +11655,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Gleam defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -7978,6 +11709,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: gleam@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -7985,20 +11717,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/gleam/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8007,42 +11750,59 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: gleam@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     npm i
     npm run build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - npm i
   - npm run build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/gleam/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - npm i --verbose
   - npm run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -8051,56 +11811,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -8112,22 +11897,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -8136,6 +11932,7 @@ zerops:
     build:
       base: gleam@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -8144,12 +11941,20 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/gleam/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Gleam version for your runtime.
+
 Following options are available for Gleam runtimes:
+
+- `gleam@1.5`, `gleam@1`, `gleam@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8159,18 +11964,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: gleam@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: gleam@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Gleam, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8180,6 +11992,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: gleam@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -8189,36 +12002,58 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Gleam service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Gleam service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
+
 | parameter   | description                                                                                                                                                                                                                                                                                                            |
 | ----------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | port        | Defines the port number. You can set any port number between _10_ and _65435_. Ports outside this interval are reserved for internal Zerops systems.                                                                                                                                                                   |
 | protocol    | **Optional.** Defines the protocol. Allowed values are `TCP` or `UDP`. Default value is `TCP`.                                                                                                                                                                                                                         |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
 | httpSupport | **Optional.** `httpSupport = true` is the default setting for TCP protocol. Set `httpSupport = false` if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). `httpSupport = true` is available only in combination with the TCP protocol. |
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Gleam runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Gleam environment contains {data.alpine.default} the selected
-  major version of Gleam, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Gleam, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8226,6 +12061,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -8235,27 +12071,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/gleam/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the custom runtime cache go to `yyy`
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Gleam, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Gleam, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8264,6 +12118,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -8273,15 +12128,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -8290,22 +12150,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Gleam application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/gleam/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/gleam/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -8320,57 +12193,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/gleam/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Gleam application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Gleam application start command
       start: npm start
 ```
+
 We recommend starting your Gleam application using `npm start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Gleam application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -8378,25 +12278,32 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/gleam/how-to/create#set-secret-environment-variables) as your Gleam application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Gleam application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -8405,13 +12312,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -8420,14 +12332,23 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/gleam/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
+
 <table className="w-full my-1.5">
   <thead>
     <tr>
@@ -8457,13 +12378,16 @@ If your application requires a https request, set <code>scheme: https</code></td
     </tr>
   </tbody>
 </table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -8472,25 +12396,33 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/gleam/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
+
 | Parameter   | Description                                                                                                                                                                                                                                                                                                                     |
 | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **command** | Defines a local command to be run.
 The command has access to the same [environment variables](/gleam/how-to/create#set-secret-environment-variables) as your Gleam application.
 A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below. |
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -8502,8 +12434,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/gleam/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Gleam > How To > Build Process
@@ -8520,34 +12454,58 @@ Read more about how the [readiness check works](/gleam/how-to/deploy-process#rea
 
 # Gleam > How To > Create
 
+
 Zerops provides a powerful Gleam runtime service with extensive build support. The Gleam runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Gleam environment up and running in no time.
+
 ## Create a Gleam service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Gleam service:
+
+[Video: /vids/services/gleam.webm](/vids/services/gleam.webm)
+
 ### Choose a Gleam version
+
 Zerops supports the following Gleam versions:
+
 :::info
 You can easily [upgrade](/gleam/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](/gleam/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create a Gleam service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Gleam service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/gleam/how-to/create#create-a-project-description-file)
 3. [Create a project with a Gleam and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -8569,13 +12527,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Gleam version 20 service with default [auto scaling](/gleam/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/gleam/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -8620,103 +12583,171 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Gleam service and a [PostgreSQL](/postgresql/overview) service.
+
 Gleam service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/gleam/how-to/build-pipeline#ports). Gleam service will run on version 20 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
+
 | Parameter       | Description                                                                                                                     | Limitations             |
 | --------------- | ------------------------------------------------------------------------------------------------------------------------------- | ----------------------- |
 | **name**        | The name of the new project. Duplicates are allowed.                                                                            |                         |
 | **description** | **Optional.** Description of the new project.                                                                                   | Maximum 255 characters. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
 | **tags**        | **Optional.** One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects. |
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Gleam and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Gleam service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/gleam/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/gleam/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/gleam/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/gleam/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Gleam service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -8737,33 +12768,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Gleam service version 20 with default [auto scaling](/gleam/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Gleam > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'Erlang libraries: When you need additional Erlang libraries for your Gleam application',
-  'Native dependencies: When your Gleam dependencies require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -8817,55 +12853,101 @@ System packages for processing: When your app processes images, videos, or files
 
 # Gleam > Overview
 
+
 [Gleam ↗](https://gleam.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-gleam), a **_recipe_**, containing the most simple Gleam web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Gleam app running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Gleam app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "gleam" recipe on Zerops](https://app.zerops.io/recipe/?lf=gleam)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-gleam/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-gleam
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: gleam@1.5
     enableSubdomainAccess: true
     buildFromGit: https://github.com/zeropsio/recipe-gleam
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://api-808-3000.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 {"message":"This is a simple Gleam application running in Zerops.io, each request adds an entry to the PostgreSQL database and returns a count. See the source repository (https://github.com/zeropsio/recipe-gleam) for more information.","newEntry":"e64be640-d6c2-4be8-93ac-d1e40e56fa06","count":1}
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/gleam/how-to/create) — Dive in all Zerops has to offer for your Gleam application.
+- [Gleam recipes](https://github.com/zeropsio?q=gleam&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Gleam service](/gleam/how-to/create) — Start with creating a Gleam service using GUI or zCLI.
+- [Zerops.yaml](/gleam/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/gleam/how-to/scaling) — Set up scaling of your Gleam application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/gleam/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/gleam/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/gleam/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Go > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Go application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -8874,47 +12956,60 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: go@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - go build -o app main.go
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: app
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: some_file
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: go@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Go environment by installing additional
       # dependencies to the base Go runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Go application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Go application start command
       start: ./app
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -8925,6 +13020,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -8934,11 +13030,19 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Go builds:
+
+- `go@1.22`, `go@1`, `golang@1`, `go@latest`, `golang@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8949,12 +13053,18 @@ zerops:
       base: go@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  version of Go, Zerops command line tool, `git` and `wget`.
+  version of Go, [Zerops command line tool](/references/cli), `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -8968,34 +13078,52 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Go defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9004,6 +13132,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: go@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -9011,20 +13140,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/go/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9033,96 +13173,138 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: go@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - go build -o app main.go
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it. Suppose your `main.go` file is in a `src` directory.
+
 ```yaml
 buildCommands:
   - |
     cd src
     go build -o app main.go
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command. Suppose your `main.go` file is in a `src` directory.
+
 ```yaml
 buildCommands:
   - cd src
   - go build -o app src/main.go
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/go/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - go build -v -o app main.go
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -9134,22 +13316,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -9158,6 +13351,7 @@ zerops:
     build:
       base: go@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         GO_ENV: production
@@ -9166,12 +13360,20 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/go/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Go version for your runtime.
+
 Following options are available for Go builds:
+
+- `go@1.22`, `go@1`, `golang@1`, `go@latest`, `golang@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9181,18 +13383,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: go@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: go@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Go, Zerops command line tool, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9202,6 +13411,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: go@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -9211,42 +13421,73 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Go service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access a Go service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Go runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Go environment contains {data.alpine.default}, the selected
-  major version of Go, Zerops command line tool and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+  major version of Go, [Zerops command line tool](/references/cli) and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9254,6 +13495,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -9263,27 +13505,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/go/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Go, Zerops command line tool and `git` and `wget`.
+  selected major version of Go, [Zerops command line tool](/references/cli) and `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -9292,6 +13552,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -9301,15 +13562,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -9318,22 +13584,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Go application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/go/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/go/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -9348,57 +13627,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/go/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Go application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Go application start command
       start: ./app
 ```
+
 We recommend starting your Go application using `./app`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
-**Example:**
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
+**Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Go application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -9406,30 +13712,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Go application.
+
+        The command has access to the same [environment variables](/go/how-to/create#set-secret-environment-variables) as your Go application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Go application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -9438,13 +13761,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -9453,40 +13781,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/go/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -9495,30 +13845,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/go/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Go application.
+
+        The command has access to the same [environment variables](/go/how-to/create#set-secret-environment-variables) as your Go application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -9530,8 +13898,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/go/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Go > How To > Build Process
@@ -9548,35 +13918,60 @@ Read more about how the [readiness check works](/go/how-to/deploy-process#readin
 
 # Go > How To > Create
 
+
 Zerops provides a Go runtime service with extensive build support. Go runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Go service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Go service:
+
+[Video: /vids/services/golang.webm](/vids/services/golang.webm)
+
 ### Choose Go version
+
 Following Go versions are currently supported:
+
 :::info
 You can [change](/go/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/go/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Go service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Go service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/go/how-to/create#create-a-project-description-file)
 3. [Create a project with a Go and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -9597,13 +13992,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Go version 1 service with default [auto scaling](/go/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/go/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -9648,98 +14048,143 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Go service and a [PostgreSQL](/postgresql/overview) service.
+
 Go service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Go service will run on version 1 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Go service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/go/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/go/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/go/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/go/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Go service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -9760,33 +14205,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Go service version 1 with default [auto scaling](/go/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Go > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick)',
-  'CGO dependencies: When you use CGO and need C libraries not included in the default environment',
-  'Development tools: When you need debugging tools, profilers, or other development utilities',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -9840,13 +14290,21 @@ System packages for processing: When your app processes images, videos, or files
 
 # Go > Overview
 
+
 [Go ↗](https://go.dev/) is a statically typed, compiled high-level programming language designed at Google.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-go-hello-world), a **_recipe_**, containing the most simple Go web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Go running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Go running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "golang" recipe on Zerops](https://app.zerops.io/recipe/?lf=golang)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-go-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -9858,43 +14316,78 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-go-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/go/how-to/create) — Dive in all Zerops has to offer for your Go application.
+
 ## Feature Highlights
+
+- [Create Go service](/go/how-to/create) — Start with creating a Go service using GUI or zCLI.
+- [zerops.yaml](/go/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/go/how-to/scaling) — Set up scaling of your Go application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/go/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/go/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/go/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Guides > Backup
 
+
 Zerops auto-backs up databases and storage daily (00:00-01:00 UTC) with X25519 encryption; backups are retained for 7 days minimum after service/project deletion.
+
 ## Supported Services
 MariaDB, PostgreSQL, Qdrant, Elasticsearch, NATS, Meilisearch, Shared Storage.
+
 **Not supported**: Runtimes, Object Storage (use S3 lifecycle policies), Valkey/KeyDB (in-memory).
+
 ## Schedule Options
 - No backups
 - Once a day (default: 00:00-01:00 UTC)
 - Once a week
 - Once a month
 - Custom CRON: `minute hour day month weekday`
+
 ## Tagging
 - Auto tags: `daily` (every backup), `weekly` (first Monday UTC), `monthly` (1st of month UTC)
 - User tags: Up to 24 chars (letters, numbers, `:-_`)
 - **Protected tags**: Exempt from automatic deletion — use for critical snapshots
+
 ## Storage Limits
 | Plan | Backup Storage | Egress |
 |------|---------------|--------|
@@ -9902,13 +14395,17 @@ MariaDB, PostgreSQL, Qdrant, Elasticsearch, NATS, Meilisearch, Shared Storage.
 | Serious | 25 GB | 3 TB |
 | Technical max | 1 TiB per project (shared across all services) |
 | Technical max | 1 TiB per project (shared across all services) |
+
 ## Retention Defaults
 - Minimum kept: 7 daily + 4 weekly + 3 monthly
 - Maximum per service: 50 backups
+
 ## Encryption
 End-to-end with X25519 per-project keys. Decrypted only on download.
+
 ## Grace Period
 7 days after service or project deletion before backups are permanently removed.
+
 ## Backup Formats by Service
 | Service | Format |
 |---------|--------|
@@ -9920,56 +14417,84 @@ End-to-end with X25519 per-project keys. Decrypted only on download.
 | NATS | .tar.gz |
 | Shared Storage | filesystem archive |
 | Shared Storage | filesystem archive |
+
 ## Gotchas
 1. **Object Storage has no Zerops backup**: Use S3 lifecycle policies or external backup
 2. **Valkey/KeyDB not backed up**: In-memory data — use persistence or application-level backup
 3. **Backup storage is shared**: All services in a project share the backup quota
 
+
 ----------------------------------------
 
 # Guides > Build Cache
 
+
 Zerops uses a two-layer build cache: base layer (OS + prepareCommands) and build layer (buildCommands output). The `cache:` attribute in zerops.yml controls which files persist between builds. Changing `build.os`, `build.base`, `build.prepareCommands`, or `build.cache` invalidates both layers (cascade).
+
 ---
+
 ## Two-Layer Architecture
+
 | Layer | Contains | Cached when |
 |-------|----------|-------------|
 | **Base layer** | OS, installed packages, prepareCommands output | prepareCommands unchanged |
 | **Build layer** | Files from `cache:` attribute after buildCommands | cache config unchanged |
 | **Build layer** | Files from `cache:` attribute after buildCommands | cache config unchanged |
+
 Both layers are currently **coupled** -- invalidating the base layer also invalidates the build layer (cascade invalidation).
+
 ## Cache Lifecycle
+
 1. **Restoration**: cached files moved from `/build/cache` to `/build/source` (no-clobber -- source files win)
 2. **Build execution**: buildCommands run with cached + source files
 3. **Preservation**: specified cache files moved from `/build/source` to `/build/cache`
+
 No compression or network transfer -- fast directory rename operations within the container.
+
 ---
+
 ## Configuration
+
 ### Path-Specific Caching (Recommended)
+
 ```yaml
 build:
   cache: node_modules                # single path
   cache: [node_modules, .next]       # multiple paths
 ```
+
 All paths resolve relative to `/build/source`. Supports Go `filepath.Match` patterns (e.g., `"subdir/*.txt"`, `"package*"`). Forms `./node_modules`, `node_modules`, `node_modules/` are equivalent.
+
 ### System-Wide Caching
+
 - **`cache: true`** -- preserves entire build container state. Best for global package managers (Go modules, pip)
 - **`cache: false`** -- only prevents caching within `/build/source`. Files outside (e.g., `$GOPATH`) **remain cached**
+
 ---
+
 ## Cache Invalidation
+
 ### Automatic Triggers
+
 Any change to these zerops.yml fields invalidates **both layers**:
+
 - `build.os`
 - `build.base`
 - `build.prepareCommands`
 - `build.cache`
+
 **DO NOT** add trivial changes to `prepareCommands` (e.g., adding `vim`) without understanding this will also invalidate cached `node_modules`, `vendor/`, etc.
+
 ### Manual Triggers
+
 - **GUI**: Service detail -> Pipelines & CI/CD Settings -> Invalidate build cache
 - **API**: `DELETE /service-stack/{id}/build-cache`
 - **Version restore**: Activating a backup app version also invalidates cache
+
 ---
+
 ## Per-Runtime Cache Recommendations
+
 | Runtime | Recommended `cache:` paths |
 |---------|---------------------------|
 | Node.js / Bun | `node_modules`, `.next`, `.turbo`, `package-lock.json` |
@@ -9980,21 +14505,30 @@ Any change to these zerops.yml fields invalidates **both layers**:
 | Java | `cache: true` (.m2 lives outside /build/source) |
 | .NET | `cache: true` (NuGet outside /build/source) |
 | .NET | `cache: true` (NuGet outside /build/source) |
+
 ---
+
 ## Build Container Specs
+
 CPU 1-5 cores, RAM 8 GB fixed, Disk 1-100 GB, Timeout 60 min. User `zerops` with **sudo**. Default OS: **Alpine** (use `apt-get` with `os: ubuntu`).
+
 ---
+
 ## Common Pitfalls
+
 1. **Cascade invalidation**: Changing `prepareCommands` wipes build-layer cache too (e.g., adding `sqlite` to prepare also clears cached `node_modules`)
 2. **`cache: false` is misleading**: Only clears `/build/source` cache. Globally installed packages (Go modules, pip packages) persist in the base layer
 3. **No-clobber restore**: If source repo contains a file also in cache, **source wins** -- the cached version is silently skipped (logged but does not fail)
 4. **Lock file caching**: Cache lock files (`package-lock.json`, `composer.lock`) alongside dependency directories for consistent installs
 
+
 ----------------------------------------
 
 # Guides > Cdn
 
+
 Zerops CDN has 6 global regions with a **fixed 30-day cache TTL** (HTTP Cache-Control headers are ignored by CDN but still affect browsers). Built on Nginx + Cloudflare geo-steering.
+
 ## Regions
 1. **EU (Prague, CZ)** — Primary + all-region failover
 2. **EU (Falkenstein, DE)** — Secondary European
@@ -10002,25 +14536,32 @@ Zerops CDN has 6 global regions with a **fixed 30-day cache TTL** (HTTP Cache-Co
 4. **AU (Sydney)**
 5. **SG (Singapore)**
 6. **CA (Beauharnois, Canada)**
+
 DNS TTL: 30 seconds. Geo-steering routes to nearest node. EU Prague is fallback if all others down.
+
 ## CDN Modes
+
 ### Object Storage CDN
 - URL: `https://storage.cdn.zerops.app/bucket/path`
 - Env var: `${storageCdnUrl}`
 - Direct from Object Storage through CDN
+
 ### Static CDN
 - URL: `https://static.cdn.zerops.app/domain.com/path`
 - Env var: `${staticCdnUrl}`
 - For custom domains on static/nginx services
 - **Wildcard domains NOT supported**
+
 ### API CDN
 - Coming soon
 - Env var: `${apiCdnUrl}`
+
 ## Cache Behavior
 - TTL: **Fixed 30 days** (not configurable)
 - HTTP `Cache-Control` headers: Affect browser caching, **NOT CDN caching**
 - Eviction: LRU when storage capacity reached
 - First request: Fetched from origin and cached
+
 ## Purge Patterns
 ```
 /*            # All content
@@ -10029,100 +14570,138 @@ DNS TTL: 30 seconds. Geo-steering routes to nearest node. EU Prague is fallback
 /prefix*      # Pattern prefix match
 ```
 Wildcard must be at end. Use `$` suffix for exact file match.
+
 ### Purge via zsc
 ```bash
 zsc cdn purge /*              # Purge all cached content
 zsc cdn purge /images/*       # Purge directory
 zsc cdn purge /style.css$     # Purge exact file
 ```
+
 ## Gotchas
 1. **30-day fixed TTL**: Cannot be changed — `Cache-Control: max-age=3600` has no effect on CDN
 2. **No wildcard domains on static CDN**: `*.domain.com` is not supported
 3. **Purge wildcards at end only**: `/images/*.jpg` is invalid — use `/images/*`
 
+
 ----------------------------------------
 
 # Guides > Choose Cache
 
+
 **Use Valkey.** KeyDB development has stalled and is effectively deprecated on Zerops.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
 | **Any caching need** | **Valkey** (default) | Active development, full HA, Redis-compatible |
 | Legacy KeyDB apps | KeyDB | Only if migrating existing KeyDB deployment |
 | Legacy KeyDB apps | KeyDB | Only if migrating existing KeyDB deployment |
+
 ## Valkey (Default Choice)
+
 - Redis-compatible drop-in replacement
 - HA: 3 nodes (1 master + 2 replicas) with automatic failover
 - Ports: 6379 (non-TLS), 6380 (TLS), 7000 (read replica non-TLS), 7001 (read replica TLS)
 - Connection: `redis://${user}:${password}@${hostname}:6379`
 - HA detail: Ports 6379/6380 on replicas forward traffic to current master (Zerops-specific, not native Valkey)
+
 ## KeyDB (Deprecated)
+
 - Development activity has slowed significantly
 - Port: 6379
 - **Do not use for new projects**
+
 ## Gotchas
 1. **HA replication is async**: Brief data loss possible during master failover
 2. **Port forwarding is Zerops-specific**: Replicas forward 6379/6380 to master — this is not standard Redis/Valkey behavior
 3. **Read replicas use different ports**: 7000/7001 for direct replica reads
 
+
 ----------------------------------------
 
 # Guides > Choose Database
 
+
 **Use PostgreSQL** for everything unless you have a specific reason not to. It's the best-supported database on Zerops with full HA, read replicas, and pgBouncer.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
 | **General-purpose** | **PostgreSQL** (default) | Full HA, read replicas, pgBouncer, best Zerops support |
 | MySQL compatibility | MariaDB | MaxScale routing, async replication |
 | Analytics / OLAP | ClickHouse | Columnar storage, ReplicatedMergeTree, 4 protocol ports |
 | Analytics / OLAP | ClickHouse | Columnar storage, ReplicatedMergeTree, 4 protocol ports |
+
 ## PostgreSQL (Default Choice)
+
 - HA: 3 nodes (1 primary + 2 replicas)
 - Ports: 5432 (primary), 5433 (read replicas), 6432 (external TLS via pgBouncer)
 - Connection: `postgresql://${user}:${password}@${hostname}:5432/${db}`
 - Read scaling: Use port 5433 for read-heavy workloads
+
 ## MariaDB
+
 - HA: MaxScale routing with async replication
 - Port: 3306
 - Connection: `mysql://${user}:${password}@${hostname}:3306/${db}`
 - Use when: Application requires MySQL wire protocol
+
 ## ClickHouse
+
 - HA: 3 data nodes, replication factor 3
 - Ports: 9000 (native), 8123 (HTTP), 9004 (MySQL), 9005 (PostgreSQL)
 - Requires `ReplicatedMergeTree` engine in HA mode
 - Use when: Analytics, time-series, OLAP workloads
+
 ## Gotchas
 1. **HA mode is immutable**: Cannot switch HA/NON_HA after creation — delete and recreate
 2. **No internal TLS**: Use `http://hostname:port` internally — VPN provides encryption
 3. **PostgreSQL URI scheme**: Some libraries need `postgres://` not `postgresql://` — create a custom env var
 
+
 ----------------------------------------
 
 # Guides > Choose Queue
 
-**Use NATS** for most cases (simple, fast, JetStream persistence). Use **Kafka** only for enterprise event streaming with guaranteed ordering and unlimited retention.
+
+**Use NATS** for most cases (simple, fast, optional JetStream persistence layer when durability is needed). Use **Kafka** only for enterprise event streaming with guaranteed ordering and unlimited retention.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
-| **General messaging** | **NATS** (default) | Simple auth, JetStream built-in, fast |
+| **General messaging** | **NATS** (default) | Simple auth, fast, JetStream available when needed |
 | Enterprise event streaming | Kafka | SASL auth, 3-broker HA, unlimited retention |
-| Lightweight pub/sub | NATS | Low overhead, 8MB default messages |
+| Lightweight pub/sub | NATS — core | Low overhead, 8MB default messages, fire-and-forget |
+| Durable queues, replay, at-least-once | NATS — JetStream | Persistent streams, durable consumers, ack/redeliver |
 | Event sourcing / audit logs | Kafka | Indefinite topic retention, strong ordering |
 | Event sourcing / audit logs | Kafka | Indefinite topic retention, strong ordering |
+
 ## NATS (Default Choice)
+
+NATS exposes **two distinct messaging shapes**. Pick ONE per recipe and write yaml comments / KB content describing only that shape — mixing them confuses porters about what the recipe actually does.
+
+- **Core pub/sub + queue groups**: `nc.subscribe('subject', { queue: 'workers' })`. No persistence; queue groups load-balance delivery across replicas; lost messages stay lost. HA story: surviving cluster nodes keep delivering, no consumer position to restore. Use when fan-out + load balance + at-most-once is enough.
+- **JetStream streams + durable consumers**: opens an explicit stream via `JetStreamManager`, subscribes durably via `js.subscribe(...)`. Persistent message store; replay on reconnect; ack/redeliver. HA story: cluster replicates stream state, acked-but-unprocessed messages survive node loss. Use when at-least-once + replay + persistence are required.
+
+**Authoring rule**: a recipe's yaml comments and KB bullets should reflect the shape the code actually uses. If the worker only calls `nc.subscribe()` with a queue group and never opens a stream, do not invoke JetStream language at HA tiers — the recipe has no stream to replicate. If the worker opens a JetStream stream, the JetStream HA story is the relevant one.
+
 - Ports: 4222 (client), 8222 (HTTP monitoring)
 - Auth: user `zerops` + auto-generated password
 - **Connection** — two supported patterns, pick ONE:
   - **Separate env vars** (recommended, works with every NATS client library): pass `servers: ${hostname}:${port}` plus `user: ${user}, pass: ${password}` as client-side connect options. The servers list stays credential-free.
   - **Opaque connection string**: pass `${connectionString}` directly as the servers option — the platform builds a correctly-formatted URL with embedded auth that the NATS server expects.
-- JetStream: Enabled by default (`JET_STREAM_ENABLED=1`)
+- JetStream capability: enabled by default (`JET_STREAM_ENABLED=1`); recipes opt in by writing JetStream client code. Setting `JET_STREAM_ENABLED=0` hard-disables the capability across the project.
 - Storage: Up to 40GB memory + 250GB file store
 - Max message: 8MB default, 64MB max (`MAX_PAYLOAD`)
 - Health check: `GET /healthz` on port 8222
 - **Config changes require restart** (no hot-reload)
+
 ## Kafka
+
 - Port: 9092 (SASL PLAIN auth)
 - Auth: `user` + `password` env vars (auto-generated)
 - Bootstrap: `${hostname}:9092`
@@ -10130,19 +14709,24 @@ zsc cdn purge /style.css$     # Purge exact file
 - Storage: Up to 40GB RAM + 250GB persistent
 - Topic retention: **Indefinite** (no time or size limits)
 - Schema Registry: Port 8081 (if enabled)
+
 ## Gotchas
 1. **NATS config changes need restart**: No hot-reload — changing env vars requires service restart
 2. **Kafka single-node has no replication**: 1 broker = 3 partitions but zero redundancy
-3. **NATS JetStream HA sync interval**: 1-minute sync across nodes — brief data lag possible
+3. **NATS JetStream HA sync interval**: 1-minute sync across nodes — brief data lag possible. Applies only to recipes that actually open JetStream streams; core pub/sub recipes are unaffected.
 4. **Kafka SASL only**: No anonymous connections — always use the generated credentials
 5. **NATS authorization violation from a hand-composed URL**: do not build a `nats://user:pass@host:4222` URL from the separate env vars. Most NATS client libraries will parse the embedded credentials AND separately attempt SASL with the same values, producing a double-auth that the server rejects with `Authorization Violation` on the first CONNECT frame (symptom: startup crash, no successful subscription). Use either the separate env vars passed as connect options (credential-free servers list) or the opaque `${connectionString}` the platform builds for you — both patterns in the Connection section above avoid the double-auth path.
 
+
 ----------------------------------------
 
 # Guides > Choose Runtime Base
 
+
 **Use Alpine** as the default base for all services. Use Ubuntu only when you need system packages not available in Alpine. Use Docker only for pre-built images.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
 | **Any standard app** | **Alpine** (default) | ~5MB, fast, secure, sufficient for 95% of apps |
@@ -10150,36 +14734,47 @@ zsc cdn purge /style.css$     # Purge exact file
 | Pre-built Docker images | Docker | VM-based, bring your own image |
 | CGO / native libs | Ubuntu | Better glibc compatibility than Alpine's musl |
 | CGO / native libs | Ubuntu | Better glibc compatibility than Alpine's musl |
+
 ## Alpine (Default)
+
 - Size: ~5MB base
 - Package manager: `apk add`
 - Best for: All runtimes (Node.js, Python, Go, Rust, Java, PHP, etc.)
 - Zerops uses Alpine as default base for all managed runtimes
+
 ## Ubuntu
+
 - Size: ~100MB base
 - Package manager: `apt-get install`
 - Version: 24.04 LTS
 - Use when: You need packages not available in Alpine, or need glibc (not musl)
 - Example: Go apps with CGO, Python packages with C extensions that don't compile on musl
+
 ## Docker
+
 - **Runs in a VM** (not a container) — slower boot, higher overhead
 - Network: **Must use `--network=host`** or `network_mode: host` in compose
 - Scaling: Fixed resources only (no min-max auto-scaling), VM restarts on resource change
 - Disk: Can only increase, never decrease without recreation
 - Build phase runs in containers (not VMs)
 - **Always use specific version tags** — `:latest` is cached and won't re-pull
+
 ## Gotchas
 1. **Alpine uses musl**: Some C libraries may not compile — use Ubuntu if you hit musl issues
 2. **Docker is VM-based**: Vertical scaling restarts the VM — expect brief downtime
 3. **Docker `:latest` is cached**: Zerops won't re-pull — always use specific tags like `myapp:1.2.3`
 4. **Docker requires host networking**: Without `--network=host`, the container can't receive traffic
 
+
 ----------------------------------------
 
 # Guides > Choose Search
 
+
 **Use Meilisearch** for simple full-text search. Use **Elasticsearch** for advanced queries or HA requirements. Use **Qdrant** for vector/AI search.
+
 ## Decision Matrix
+
 | Need | Choice | Why |
 |------|--------|-----|
 | **Simple full-text search** | **Meilisearch** (default) | Instant setup, typo-tolerant, frontend-safe keys |
@@ -10187,46 +14782,60 @@ zsc cdn purge /style.css$     # Purge exact file
 | Autocomplete + typo-tolerance | Typesense | Raft HA, CORS built-in, fast |
 | Vector / AI similarity | Qdrant | gRPC + HTTP, automatic cluster replication |
 | Vector / AI similarity | Qdrant | gRPC + HTTP, automatic cluster replication |
+
 ## Meilisearch (Default for Simple Search)
+
 - Single-node only (no clustering)
 - Port: 7700
 - API keys: `masterKey` (admin), `defaultSearchKey` (frontend-safe), `defaultAdminKey` (backend)
 - Production mode by default (no search preview dashboard)
+
 ## Elasticsearch (Advanced / HA)
+
 - Cluster support with multiple nodes
 - Port: 9200 (HTTP only)
 - Auth: `elastic` user with auto-generated password
 - Plugins via `PLUGINS` env var (comma-separated)
 - JVM heap: `HEAP_PERCENT` env var (default 50%)
 - Min RAM: 0.25 GB
+
 ## Typesense (Fast Autocomplete)
+
 - HA: 3-node Raft consensus
 - API key via `apiKey` env var (immutable after generation)
 - CORS enabled by default
 - Recovery time: up to 1 minute during failover (503/500 auto-resolves)
 - Data persisted at `/var/lib/typesense`
+
 ## Qdrant (Vector Search)
+
 - Ports: 6333 (HTTP), 6334 (gRPC)
 - API keys: `apiKey` (full access), `readOnlyApiKey` (search only)
 - HA: 3 nodes with `automaticClusterReplication=true` by default
 - **Internal access only** — no public access available
+
 ## Gotchas
 1. **Meilisearch has no HA**: Single-node only — for HA full-text search, use Elasticsearch or Typesense
 2. **Qdrant is internal-only**: Cannot be exposed publicly — access via your runtime service
 3. **Typesense API key is immutable**: Cannot change `apiKey` after service creation
 4. **Elasticsearch plugins require restart**: Changing `PLUGINS` env var needs service restart
 
+
 ----------------------------------------
 
 # Guides > Ci Cd
 
+
 Zerops supports GitHub/GitLab webhook triggers (new tag or push to branch) and GitHub Actions / GitLab CI via `zcli push` with an access token.
+
 ## GitHub Integration (Webhook)
+
 ### Setup (GUI)
 1. Service detail → Build, Deploy, Run Pipeline Settings
 2. Connect with GitHub repository
 3. Select repo + authorize (requires **full access** for webhooks)
 4. Choose trigger: **New tag** (optional regex filter) or **Push to branch**
+
 ### GitHub Actions
 ```yaml
 name: Deploy
@@ -10239,25 +14848,33 @@ jobs:
       - uses: zeropsio/actions@main
         with:
           access-token: ${{ secrets.ZEROPS_TOKEN }}
-          service-id: 
+          service-id: <service-id>
 ```
+
 - `access-token`: From Settings → Access Token Management
 - `service-id`: From service URL or three-dot menu → Copy Service ID
+
 ## GitLab Integration (Webhook)
+
 ### Setup (GUI)
 1. Service detail → Build, Deploy, Run Pipeline Settings
 2. Connect with GitLab repository
 3. Authorize (requires **full access** for webhooks)
 4. Choose trigger: **New tag** (optional regex) or **Push to branch**
+
 ## Skip Pipeline
 Include `ci skip` or `skip ci` in commit message (case-insensitive).
+
 ## Disconnect
 Service detail → Build, Deploy, Run → Stop automatic build trigger.
+
 ## Gotchas
 1. **Full repo access required**: Webhook integration needs full access to create/manage webhooks
 2. **`ci skip` in commit message**: Prevents pipeline trigger — useful for docs-only changes
 3. **Service ID not obvious**: Find it in service URL or three-dot menu → Copy Service ID
+
 ## GitLab CI
+
 ```yaml
 deploy:
   stage: deploy
@@ -10270,11 +14887,14 @@ deploy:
   only:
     - main
 ```
+
 ## Generic CI (Any System)
+
 Any CI system with shell access can deploy via `zcli push`:
 1. Install zcli: `curl -L https://zerops.io/zcli/install.sh | sh`
-2. Authenticate: `zcli login `
-3. Deploy: `zcli push --project-id  --service-id `
+2. Authenticate: `zcli login <access-token>`
+3. Deploy: `zcli push --project-id <id> --service-id <id>`
+
 ### zcli push key flags
 | Flag | Description |
 |------|-------------|
@@ -10287,16 +14907,21 @@ Any CI system with shell access can deploy via `zcli push`:
 | `--deploy-git-folder` | Include `.git/` directory in deploy |
 | `--deploy-git-folder` | Include `.git/` directory in deploy |
 
+
 ----------------------------------------
 
 # Guides > Cloudflare
 
+
 Always use **Full (strict)** SSL mode in Cloudflare — "Flexible" causes redirect loops. Shared IPv4 with Cloudflare proxy is not recommended.
+
 ## DNS Configuration
+
 ### CNAME (non-apex or with CNAME flattening)
 ```
-CNAME  
+CNAME <domain> <project-cname-target>
 ```
+
 ### With Cloudflare Proxy (orange cloud)
 | IP Type | Record | Proxy |
 |---------|--------|-------|
@@ -10304,6 +14929,7 @@ CNAME
 | Dedicated IPv4 | `A <domain> <ipv4>` | Proxied |
 | Shared IPv4 | **Not recommended** | Reverse AAAA lookup issues |
 | Shared IPv4 | **Not recommended** | Reverse AAAA lookup issues |
+
 ### DNS-Only (gray cloud)
 | IP Type | Records Required |
 |---------|-----------------|
@@ -10311,19 +14937,24 @@ CNAME
 | Dedicated IPv4 | `A` (AAAA optional) |
 | IPv6 only | `AAAA` |
 | IPv6 only | `AAAA` |
+
 ## Wildcard Domains
 ```
-Method A: A *. + AAAA *.
-Method B: CNAME *. 
-ACME:     CNAME _acme-challenge. .zerops.zone
+Method A: A *.<domain> + AAAA *.<domain>
+Method B: CNAME *.<domain> <domain>
+ACME:     CNAME _acme-challenge.<domain> <domain>.zerops.zone
 ```
+
 ## SSL/TLS Settings (Cloudflare Dashboard)
 - **Encryption mode: Full (strict)** — mandatory
 - **Never use "Flexible"** — causes infinite redirect loops
 - Enable "Always Use HTTPS"
 - WAF exception: Skip rule for `/.well-known/acme-challenge/` (ACME validation)
+
 ## Preparing a Service for Cloudflare
+
 Any runtime service (nodejs, go, python, etc.) can be put behind Cloudflare. Steps:
+
 1. **Create the service** with `enableSubdomainAccess: true` in import YAML:
    ```yaml
    services:
@@ -10335,8 +14966,11 @@ Any runtime service (nodejs, go, python, etc.) can be put behind Cloudflare. Ste
 2. **Deploy code** to the service (via `zcli push` or `buildFromGit`)
 3. **Configure Cloudflare DNS** to point to your Zerops project IP
 4. **Set SSL mode to "Full (strict)"** in Cloudflare dashboard
+
 **Important**: The `zerops_subdomain enable` tool only works on deployed (ACTIVE) services. For new services, use `enableSubdomainAccess: true` in import YAML.
+
 Internal service-to-service communication must always use `http://` — never `https://`. SSL terminates at the Zerops L7 balancer.
+
 ## Gotchas
 1. **Flexible SSL = redirect loop**: Zerops forces HTTPS, Cloudflare Flexible sends HTTP → infinite redirect
 2. **Shared IPv4 + proxy is broken**: Reverse AAAA lookup doesn't work with Cloudflare proxy on shared IPv4
@@ -10344,16 +14978,24 @@ Internal service-to-service communication must always use `http://` — never `h
 4. **Wildcard SSL on Cloudflare Free**: Free plan doesn't proxy wildcard subdomains — use DNS-only or upgrade
 5. **Subdomain on undeployed service**: `zerops_subdomain enable` returns "Service stack is not http or https" on READY_TO_DEPLOY services — deploy code first or use `enableSubdomainAccess` in import YAML
 
+
 ----------------------------------------
 
 # Guides > Deployment Lifecycle
 
+
 Zerops build & deploy pipeline: temporary build container runs prepareCommands + buildCommands, uploads artifact via deployFiles, then deploys to runtime containers with optional readiness checks. Default is zero-downtime rolling deployment. Build has a 60-minute timeout. The pipeline emits events trackable via `zerops_events`.
+
 ---
+
 ## Build Phase
+
 ### Build Container Lifecycle
+
 The build container is **temporary** -- created on demand, destroyed after completion or failure.
+
 **Step-by-step execution order:**
+
 1. **Container creation** -- base environment from `build.base` + `build.os` (default Alpine)
 2. **Source code download** -- from GitHub, GitLab, or zcli push to `/var/www`
 3. **Cache restoration** -- cached files moved to `/build/source` (no-clobber, source wins)
@@ -10362,56 +15004,81 @@ The build container is **temporary** -- created on demand, destroyed after compl
 6. **Artifact upload** -- files matching `deployFiles` stored in internal Zerops storage
 7. **Cache preservation** -- files matching `cache:` moved to `/build/cache`
 8. **Container deletion** -- build container destroyed regardless of outcome
+
 ### Build Limits
+
 - **Resources**: CPU 1-5 cores, RAM 8 GB fixed, Disk 1-100 GB (auto-scales, not charged separately)
 - **Timeout**: **60 minutes** hard limit -- no retry, must trigger new pipeline
 - **Cancellation**: only available before build finishes -- once artifact uploaded, deploy cannot be cancelled
+
 ### Command Exit Codes
+
 - **Exit 0** -- success, next command runs
 - **Non-zero** -- build cancelled, check build log for errors
 - YAML list items = **separate shells**; use `|` block scalar for **single shell** (shared env/cwd)
+
 ---
+
 ## Runtime Prepare Phase (Optional)
+
 Runs **after build, before deploy** when `run.prepareCommands` is defined. Creates a **custom runtime image** with additional system packages.
+
 **Execution order:**
 1. Create prepare container from `run.os` + `run.base`
 2. Copy files from `build.addToRunPrepare` to `/home/zerops/`
 3. Execute `run.prepareCommands` in order
 4. Snapshot as custom runtime image
 5. Image cached for future deploys
+
 **Cache invalidation triggers:**
 - Change to `run.os`, `run.base`, or `run.prepareCommands`
 - Change to `build.addToRunPrepare` file contents
 - Manual invalidation via GUI
+
 **DO NOT** include application code in the runtime prepare image. Deploy files arrive separately.
+
 ---
+
 ## Deploy Phase
+
 ### First Deploy
+
 For each new container (count based on auto scaling settings):
+
 1. **Install runtime** -- base image or custom runtime image
 2. **Download artifact** -- from internal storage to `/var/www`
 3. **initCommands** -- optional per-container initialization (runs every start/restart)
 4. **start command** -- launch application
 5. **Readiness check** -- if configured, gates traffic routing
 6. **Container active** -- receives incoming requests
+
 Multiple containers deploy **in parallel**.
+
 ### Subsequent Deploys (Rolling Deployment)
+
 Default behavior (`temporaryShutdown: false`):
+
 1. New containers started (same count as existing)
 2. New containers go through steps 1-6 above
 3. **Both old and new versions run simultaneously** during transition
 4. Old containers removed from load balancer (stop receiving new requests)
 5. Old container processes terminated
 6. Old containers deleted
+
 ### temporaryShutdown Behavior
+
 | Setting | Behavior | Downtime |
 |---------|----------|----------|
 | `false` (default) | New containers start BEFORE old ones stop | **Zero downtime** |
 | `true` | Old containers stop BEFORE new ones start | **Temporary downtime** |
 | `true` | Old containers stop BEFORE new ones start | **Temporary downtime** |
+
 Use `temporaryShutdown: true` only when you cannot run two versions simultaneously (e.g., database migrations, singleton locks).
+
 ---
+
 ## Readiness Check vs Health Check
+
 | Aspect | Readiness Check | Health Check |
 |--------|----------------|--------------|
 | When | **During deploy only** | **Continuously after deploy** |
@@ -10419,59 +15086,85 @@ Use `temporaryShutdown: true` only when you cannot run two versions simultaneous
 | Location | `deploy.readinessCheck` | `run.healthCheck` |
 | Failure action | Container marked failed after timeout, replaced | Container restarted |
 | Failure action | Container marked failed after timeout, replaced | Container restarted |
+
 ### Readiness Check Mechanics
+
 1. Application starts via `start` command
 2. Readiness check runs (httpGet or exec)
 3. If **fails** -- wait `retryPeriod` seconds (default 5s), retry
 4. If **succeeds** -- container marked active, receives traffic
 5. If still failing after `failureTimeout` (default 300s / 5 min) -- container deleted, new one created
+
 **httpGet**: succeeds on HTTP `2xx`, follows `3xx` redirects, 5-second per-request timeout
 **exec.command**: succeeds on exit code 0, 5-second per-command timeout
+
 ---
+
 ## Event Timeline (zerops_events)
+
 Typical pipeline events in chronological order:
+
 1. **`stack.build` process RUNNING** -- build container created, pipeline started
 2. **`stack.build` process FINISHED** -- build complete, artifact uploaded
 3. **`appVersion` build event ACTIVE** -- deploy started, containers launching
 4. **Service status returns to RUNNING** -- all containers active, deploy complete
+
 **Terminal states:**
 - Build done: `stack.build` process status = `FINISHED`
 - Build failed: `stack.build` process status = `FAILED`
 - Deploy done: service containers all active, new appVersion is `ACTIVE`
+
 **DO NOT** keep polling after `stack.build` shows `FINISHED` -- that means the build itself is complete. The `ACTIVE` status on appVersion means deployed and running.
+
 ---
+
 ## Build Event Polling Checklist
+
 When monitoring a build/deploy via `zerops_events`:
+
 1. **Filter by service**: always use `serviceHostname` parameter to avoid stale events from other services or previous iterations
 2. **Check `stack.build` process**: look for status `FINISHED` (success) or `FAILED` (error). Once `FINISHED`, the build is done — stop polling build status
 3. **Check `appVersion` build event**: status `ACTIVE` means deployed and running. This confirms deploy completion
 4. **Do NOT confuse build events**: `stack.build` process `RUNNING` = build in progress. `appVersion` `ACTIVE` = already deployed. These are different events
 5. **Timeout guidance**: builds have a 60-minute hard limit. If no `FINISHED` after ~5 minutes for typical apps, check build logs via `zerops_logs`
 6. **Stale events**: project-level events may include old builds from previous deploys. Always verify the event timestamp and service match
+
 ## Application Versions
+
 Zerops keeps **10 most recent versions**. Older auto-deleted. Any archived version can be **restored** -- activates that version, archives current, restores env vars to their state when that version was last active.
+
 ## Gotchas
+
 1. **Build and run are SEPARATE containers** -- build output does not automatically appear in runtime. You must specify `deployFiles`
 2. **initCommands run on EVERY container start** -- including restarts and horizontal scaling, not just deploys
 3. **initCommands failures do NOT cancel deploy** -- app starts regardless of init exit code
 4. **prepareCommands in build vs run** -- `build.prepareCommands` customizes build env, `run.prepareCommands` creates custom runtime image. Different containers, different purposes
 5. **deployFiles land in `/var/www`** -- tilde syntax (`dist/~`) extracts contents directly to `/var/www/` (strips directory). Without tilde, `dist` → `/var/www/dist/` (preserved). **CRITICAL**: `run.start` path must match — `dist/~` + `start: bun dist/index.js` BREAKS because the file is at `/var/www/index.js`, not `/var/www/dist/index.js`
+
 ## SSHFS Mount and Deploy Interaction
+
 When using SSHFS (`zerops_mount`) for dev workflows, deploy replaces the container. This has important consequences:
+
 1. **After deploy, run container only has `deployFiles` content.** All other files (including zerops.yml if not in deployFiles) are gone. Use `deployFiles: [.]` for dev services to ensure zerops.yml and source files survive the deploy cycle.
 2. **SSHFS mount auto-reconnects after deploy.** No explicit remount is needed — the SSHFS reconnect mechanism handles the container replacement transparently. The mount only becomes truly stale during stop (container not running); after start it auto-reconnects again.
 3. **zerops.yml must be in deployFiles** for dev self-deploy lifecycle. Without it, subsequent deploys from the container fail because zerops.yml is missing.
+
 **Two kinds of "mount" (disambiguation):**
 - `zerops_mount` -- SSHFS tool, mounts service `/var/www` locally for development. This is a dev workflow tool.
 - Shared storage mount -- platform feature, attaches a shared-storage volume at `/mnt/{hostname}` via `mount:` in import.yml + zerops.yml `run.mount`. These are completely unrelated features.
 
+
 ----------------------------------------
 
 # Guides > Environment Variables
 
+
 Zerops manages environment variables at two scopes (project and service) with strict build/runtime isolation. Variables are set via zerops.yml, import.yml, or GUI. **Both project-level vars AND cross-service vars (`${hostname_varname}`) auto-inject as OS env vars into every container in the project** — no declaration required. `run.envVariables` exists only for mode flags and framework-convention renames. Re-declaring an auto-injected var under its own name creates a literal-string self-shadow. Secret vars are write-only after creation. Changes require service restart.
+
 ---
+
 ## Scope Hierarchy
+
 | Scope | Defined In | Visibility | Editable Without Redeploy |
 |-------|-----------|------------|--------------------------|
 | **Project** | import.yml `project.envVariables`, GUI | All services (auto-inherited) | Yes (restart required) |
@@ -10479,19 +15172,27 @@ Zerops manages environment variables at two scopes (project and service) with st
 | **Service basic (build)** | zerops.yml `build.envVariables` | Build container only | No (redeploy required) |
 | **Service basic (runtime)** | zerops.yml `run.envVariables` | Runtime container only | No (redeploy required) |
 | **Service basic (runtime)** | zerops.yml `run.envVariables` | Runtime container only | No (redeploy required) |
+
 ## Variable Precedence
+
 When the same key exists at multiple levels:
+
 1. **Service basic (build/runtime)** wins over service secret
 2. **Service-level** wins over project-level
 3. Build and runtime are **separate environments** -- same key can have different values in each
+
 **DO NOT** create a secret and a basic runtime variable with the same key expecting both to persist. The basic runtime variable from zerops.yml silently overrides the secret.
+
 ## Build/Runtime Isolation
+
 Build and runtime run in **separate containers**. Variables from one phase are not visible in the other unless explicitly referenced with prefixes:
+
 | Want to access | From | Use prefix |
 |---------------|------|-----------|
 | Runtime var `API_KEY` | Build container | `${RUNTIME_API_KEY}` |
 | Build var `BUILD_ID` | Runtime container | `${BUILD_BUILD_ID}` |
 | Build var `BUILD_ID` | Runtime container | `${BUILD_BUILD_ID}` |
+
 ```yaml
 zerops:
   - setup: app
@@ -10502,20 +15203,27 @@ zerops:
       envVariables:
         API_KEY: "12345-abcde"
 ```
+
 ## Cross-Service References — Auto-Injected Project-Wide
+
 **Every service's variables are automatically injected as OS environment variables into every other service's containers** — both runtime and build. A worker container sees `db_hostname`, `db_password`, `queue_user`, `storage_apiUrl`, etc. as real OS env vars at container start. Zero declaration in zerops.yml required.
+
 Read them directly in application code:
+
 ```javascript
 // Node — lowercase native names match the platform
 const host = process.env.db_hostname;
 const pwd  = process.env.db_password;
 const natsUser = process.env.queue_user;
 ```
+
 ```php
 // PHP
 $host = getenv('db_hostname');
 ```
+
 `run.envVariables` and `build.envVariables` have **two legitimate uses only**:
+
 1. **Mode flags** — per-setup values that don't come from another service:
    ```yaml
    run:
@@ -10523,6 +15231,7 @@ $host = getenv('db_hostname');
        NODE_ENV: production
        APP_ENV: local
    ```
+
 2. **Framework-convention renames** — forward a platform var under a different name because the framework config expects it. The key on the left MUST DIFFER from the source var name on the right:
    ```yaml
    run:
@@ -10530,39 +15239,55 @@ $host = getenv('db_hostname');
        DB_HOST: ${db_hostname}          # TypeORM expects uppercase DB_HOST
        DATABASE_URL: ${db_connectionString}
    ```
+
 **Do NOT re-declare auto-injected vars under their own name.** It is always wrong and never useful:
+
 ```yaml
 run:
   envVariables:
     db_hostname: ${db_hostname}        # SELF-SHADOW — see next section
     db_password: ${db_password}        # SELF-SHADOW
     queue_hostname: ${queue_hostname}  # SELF-SHADOW
-    STAGE_API_URL: ${STAGE_API_URL}    # SELF-SHADOW (project-level variant)
+    API_URL: ${API_URL}                # SELF-SHADOW (project-level variant)
 ```
+
 The referenced variable does **not** need to exist at definition time — Zerops resolves at container start.
+
 ### Self-Shadow Trap
+
 Writing `varname: ${varname}` in `run.envVariables` creates a literal-string self-shadow. The platform's interpolator sees the service-level variable of that name first, can't recurse back to the auto-injected value, and the resolved OS env var becomes the literal string `${varname}`:
+
 ```yaml
 run:
   envVariables:
     db_hostname: ${db_hostname}        # OS env: db_hostname='${db_hostname}' (literal)
     db_password: ${db_password}        # OS env: db_password='${db_password}' (literal)
 ```
+
 At runtime, the worker tries to connect to `"${db_hostname}:5432"` and crashes. The fix is to **delete the entire block** — those vars are already in the container's env without any declaration.
-This applies identically to project-level vars (`${STAGE_API_URL}`, `${APP_SECRET}`) and cross-service vars (`${db_hostname}`, `${queue_user}`) — both auto-propagate, both self-shadow under the same rule.
+
+This applies identically to project-level vars (`${API_URL}`, `${APP_SECRET}`) and cross-service vars (`${db_hostname}`, `${queue_user}`) — both auto-propagate, both self-shadow under the same rule.
+
 **Hostname transformation**: dashes become underscores. Service `my-db` variable `port` is `${my_db_port}`.
+
 ### Cross-Service References in API vs Runtime
+
 Cross-service references (`${hostname_varname}`) are **resolved at container start time**, not at definition time. This means:
+
 - **`zerops_discover` with `includeEnvs=true`** returns the **literal template** (e.g., `${db_password}`), NOT the resolved value. This is expected — the API stores templates, not resolved values.
 - **Inside the running container**, environment variables contain the actual resolved values.
 - **Restarting a service does NOT change** what `zerops_discover` returns — it always shows templates. To verify resolved values, check from inside the container (e.g., via SSH or application endpoint).
+
 ### Isolation Modes (envIsolation)
+
 `envIsolation` does NOT control whether cross-service vars auto-inject — they do, in every mode. It controls something narrower: how `${hostname_varname}` templates inside zerops.yml and import.yml *resolve* during platform interpolation.
+
 | Mode | Behavior |
 |------|----------|
 | `service` (default) | Service-scoped: `${hostname_varname}` templates inside that service's YAML resolve by following the hostname prefix. The OS env in every container still contains every other service's vars as auto-injected keys. |
 | `none` (legacy) | Cross-service references can be written without the `${hostname_varname}` prefix (e.g. `${password}` resolves to the nearest match). Do not use for new projects — ambiguous, error-prone. |
 | `none` (legacy) | Cross-service references can be written without the `${hostname_varname}` prefix (e.g. `${password}` resolves to the nearest match). Do not use for new projects — ambiguous, error-prone. |
+
 Set in import.yml at project or service level:
 ```yaml
 project:
@@ -10571,58 +15296,76 @@ services:
   - hostname: db
     envIsolation: none     # legacy — avoid
 ```
+
 **Default (`service`) is the right choice.** The auto-inject behavior above applies under the default.
+
 ## Project Variables -- Auto-Inherited
+
 Project variables are **automatically available in every service, in both runtime AND build containers**. The platform injects them as OS env vars at container start in every service's runtime container and also in every service's build container during the build phase. From zerops.yaml's point of view they are referenced **directly by name** with `${VAR_NAME}` — **no `RUNTIME_` prefix in either scope**. The `RUNTIME_` prefix is reserved for a different use case: lifting a single service's service-level runtime variable into that same service's build context. Project-scope vars are broader than service-scope and do not need lifting.
+
 **In shell commands** (buildCommands, initCommands, start) project vars are directly readable:
 ```yaml
 build:
   buildCommands:
-    - echo "building for $STAGE_API_URL"          # shell reads the OS env var
-    - VITE_API_URL=$STAGE_API_URL npm run build    # or pass it forward by shell prefix
+    - echo "building for $API_URL"                # shell reads the OS env var
+    - VITE_API_URL=$API_URL npm run build         # or pass it forward by shell prefix
 ```
+
 **In `build.envVariables` YAML** (to compose a derived var that the bundler consumes) reference the project var directly without prefix:
 ```yaml
 build:
   envVariables:
-    VITE_API_URL: ${STAGE_API_URL}   # project var STAGE_API_URL read as-is, NO RUNTIME_ prefix
+    VITE_API_URL: ${API_URL}         # project var API_URL read as-is, NO RUNTIME_ prefix
 ```
+
 **In `run.envVariables` YAML** (to forward a project var under a framework-conventional name without creating a shadow), reference directly without prefix:
 ```yaml
 run:
   envVariables:
-    FRONTEND_URL: ${STAGE_FRONTEND_URL}      # project var STAGE_FRONTEND_URL forwarded as FRONTEND_URL
+    CORS_ALLOWED_ORIGIN: ${FRONTEND_URL}     # project var FRONTEND_URL forwarded under a different name
 ```
+
 **DO NOT** re-reference an auto-injected variable under its SAME name — that's a self-shadow loop. Applies to BOTH project-level vars AND cross-service vars:
+
 ```yaml
 envVariables:
   PROJECT_NAME: ${PROJECT_NAME}           # project-level self-shadow
-  STAGE_API_URL: ${STAGE_API_URL}         # project-level self-shadow
+  API_URL: ${API_URL}                     # project-level self-shadow
   db_hostname: ${db_hostname}             # cross-service self-shadow
   queue_user: ${queue_user}               # cross-service self-shadow
 ```
+
 All four resolve to the literal string `${VAR_NAME}` inside the container — the framework tries to connect to `"${db_hostname}:5432"` and crashes. The fix is to delete those lines entirely — the platform already injects the real value as an OS env var.
+
 To **override** a project variable for one service, define a service-level variable with the same key and a DIFFERENT VALUE (not a reference to the project var):
 ```yaml
 run:
   envVariables:
     LOG_LEVEL: debug    # overrides project-level LOG_LEVEL for this service
 ```
+
 ### Typical pattern: project-level URL constants for dual-runtime recipes
+
 Dual-runtime recipes (frontend SPA + backend API on the same platform) use project-level URL constants as the single source of truth for cross-service URLs. The constants are derived from `${zeropsSubdomainHost}` (a platform-generated project-scope env var present from project creation) and the services' known hostnames:
+
 ```yaml
 project:
   envVariables:
-    STAGE_API_URL: https://apistage-${zeropsSubdomainHost}-3000.prg1.zerops.app
-    STAGE_FRONTEND_URL: https://appstage-${zeropsSubdomainHost}.prg1.zerops.app
+    API_URL: https://apistage-${zeropsSubdomainHost}-3000.prg1.zerops.app
+    FRONTEND_URL: https://appstage-${zeropsSubdomainHost}.prg1.zerops.app
 ```
-The platform resolves `${zeropsSubdomainHost}` when injecting the value into services at container start. The frontend consumes `STAGE_API_URL` via plain `${STAGE_API_URL}` in `build.envVariables` (baking it into the bundle at compile time) — **no `RUNTIME_` prefix**. The API consumes `STAGE_FRONTEND_URL` via plain `${STAGE_FRONTEND_URL}` in `run.envVariables` (for CORS allow-list). The same names must be set on the workspace project via `zerops_env project=true action=set` after provision, so workspace verification doesn't see literal `${STAGE_FRONTEND_URL}` strings.
+
+The platform resolves `${zeropsSubdomainHost}` when injecting the value into services at container start. The frontend consumes `API_URL` via plain `${API_URL}` in `build.envVariables` (baking it into the bundle at compile time) — **no `RUNTIME_` prefix**. The API consumes `FRONTEND_URL` via plain `${FRONTEND_URL}` in `run.envVariables` (for CORS allow-list). The same names must be set on the workspace project via `zerops_env project=true action=set` after provision, so workspace verification doesn't see literal `${FRONTEND_URL}` strings.
+
 ## Secret Variables
+
 - Defined via GUI, import.yml `envSecrets`, or `dotEnvSecrets`
 - **Write-only after creation** -- values masked in GUI, cannot be read back via API
 - Can be updated without redeploy, but service **must be restarted**
 - Overridden by basic (zerops.yml) variables with the same key
+
 ### dotEnvSecrets
+
 Import secrets in `.env` format within import.yml:
 ```yaml
 services:
@@ -10632,8 +15375,11 @@ services:
       DB_PASSWORD=secure123
 ```
 All entries become secret variables. Requires `#zeropsPreprocessor=on` if using generator functions.
+
 ## envReplace -- File-Level Substitution
+
 Replaces placeholders in deployed files with environment variable values **during deployment** (not at runtime).
+
 ```yaml
 run:
   envReplace:
@@ -10642,34 +15388,50 @@ run:
       - ./config/
       - ./templates/settings.json
 ```
+
 | Parameter | Required | Description |
 |-----------|----------|-------------|
 | `delimiter` | Yes | Wrapping characters (e.g., `%%` makes `%%VAR%%`). String or array |
 | `target` | Yes | Files or directories to process. String or array |
 | `target` | Yes | Files or directories to process. String or array |
+
 **DO NOT** expect directory targets to recurse into subdirectories. `./config/` processes only files directly in `config/`, not `config/jwt/`. Specify each subdirectory explicitly.
+
 ## Naming Restrictions
+
 **Key**: must match `[a-zA-Z_]+[a-zA-Z0-9_]*`. Case-sensitive. Must be unique within scope regardless of case.
+
 **Value**: ASCII only. No EOL characters.
+
 ## Restart Requirement
+
 Env var changes (secret or project) take effect only on container start. The running process does **not** receive updated values.
+
 **DO NOT** expect hot-reload of env vars. After changing secrets or project vars in GUI, **restart the service**. For zerops.yml `envVariables` changes, a **full redeploy** is required.
+
 ## System-Generated Variables
+
 Zerops auto-generates variables per service (e.g., `hostname`, `PATH`, DB connection strings). Cannot be deleted. Some read-only (`hostname`), others editable (`PATH`). Can be referenced by other services using `${hostname_varname}`.
+
 ## Common Mistakes
-- **DO NOT** re-reference auto-injected vars under their own name — self-shadow loop. Applies to BOTH project-level (`STAGE_API_URL: ${STAGE_API_URL}`) AND cross-service (`db_hostname: ${db_hostname}`, `queue_user: ${queue_user}`).
+
+- **DO NOT** re-reference auto-injected vars under their own name — self-shadow loop. Applies to BOTH project-level (`API_URL: ${API_URL}`) AND cross-service (`db_hostname: ${db_hostname}`, `queue_user: ${queue_user}`).
 - **DO NOT** declare cross-service vars you only want to READ — they are already in the container's OS env. Read via `process.env.db_hostname` / `getenv('db_hostname')` directly. Declare in `run.envVariables` only to RENAME (e.g. `DB_HOST: ${db_hostname}`) or to set mode flags.
 - **DO NOT** forget restart after GUI/API env changes — process won't see new values
 - **DO NOT** expect `envReplace` to recurse subdirectories — it does not
 - **DO NOT** rely on reading secret values back — they are write-only after creation
 - **DO NOT** create both secret and basic vars with same key — basic silently wins
 
+
 ----------------------------------------
 
 # Guides > Firewall
 
+
 Zerops uses nftables with restricted TCP ports 1-1024 (only 22, 53, 80, 123, 443, 587 allowed); UDP and ports 1025-65535 are unrestricted.
+
 ## TCP Ports 1-1024 (Restricted)
+
 | Port | Protocol | Status |
 |------|----------|--------|
 | 22 | SSH | Allowed |
@@ -10682,161 +15444,73 @@ Zerops uses nftables with restricted TCP ports 1-1024 (only 22, 53, 80, 123, 443
 | 587 | SMTP/STARTTLS | Allowed |
 | All others | — | **Blocked** |
 | All others | — | **Blocked** |
+
 ## UDP Ports
 No restrictions on any UDP port.
+
 ## TCP Ports 1025-65535
 No restrictions.
+
 ## Direct Port Access Firewall
 For services with direct port access enabled:
 - Configure **blacklist** or **whitelist** rules per port
 - Available on ports 10-65435
 - Protocols: TCP, UDP
+
 ## Port Modification
 Contact `support@zerops.io` with Project ID + Organization ID to request changes to restricted ports.
+
 ## Gotchas
 1. **Port 25 is permanently blocked**: Use port 587 with STARTTLS for email sending
 2. **Port 465 is blocked**: Legacy SMTPS — use 587 instead
 3. **Cannot self-service unblock**: Must contact Zerops support for port exceptions
 
-----------------------------------------
-
-# Guides > Local Development
-
-Develop locally with hot reload while connecting to Zerops managed services (DB, cache, storage) via VPN. ZCP generates `.env` with real credentials. Deploy to Zerops with `zerops_deploy` which uses `zcli push` under the hood.
----
-## Setup
-### Prerequisites
-- **zcli** installed: `npm i -g @zerops/zcli` or [docs.zerops.io/references/cli](https://docs.zerops.io/references/cli)
-- **VPN**: WireGuard (installed by zcli automatically on first `zcli vpn up`)
-- **Project-scoped token**: Create in Zerops GUI → Settings → Access Tokens → Custom access per project
-### Configuration
-```json
-// .mcp.json (in project root)
-{
-  "mcpServers": {
-    "zcp": {
-      "command": "zcp",
-      "env": { "ZCP_API_KEY": "" }
-    }
-  }
-}
-```
----
-## Workflow
-### 1. Connect to Zerops services
-```bash
-zcli vpn up 
-```
-- All services accessible by hostname (e.g., `db`, `cache`)
-- One project at a time — switching disconnects the current
-- **Env vars NOT available via VPN** — use `.env` file instead
-### 2. Load credentials
-ZCP generates `.env` from `zerops_discover`:
-```
-db_host=db
-db_port=5432
-db_password=
-db_connectionString=postgresql://db:@db:5432/db
-```
-How to load:
-| Runtime | Method |
-|---------|--------|
-| Node.js 20+ | `node --env-file .env app.js` |
-| Next.js, Vite, Nuxt | Automatic (reads `.env`) |
-| PHP/Laravel | Automatic (reads `.env`) |
-| Python | `python-dotenv` or `django-environ` |
-| Go | `godotenv.Load()` or `source .env && go run .` |
-| Java/Spring | `spring-dotenv` or `application.properties` |
-| Java/Spring | `spring-dotenv` or `application.properties` |
-### 3. Develop locally
-Start your dev server as usual — hot reload works against Zerops managed services over VPN.
-### 4. Deploy to Zerops
-```
-zerops_deploy targetService="appstage"
-```
-Uses `zcli push` under the hood. Blocks until build completes.
----
-## zerops.yml for Local Mode
-The same `zerops.yml` works for both local push and container deploy:
-```yaml
-zerops:
-  - setup: appstage
-    build:
-      base: nodejs@22
-      buildCommands:
-        - npm ci
-        - npm run build
-      deployFiles: ./dist
-    run:
-      start: node dist/server.js
-      ports:
-        - port: 3000
-          httpSupport: true
-      envVariables:
-        DB_URL: ${db_connectionString}
-```
-`${hostname_varName}` references are resolved by Zerops at container runtime — they work regardless of push source (local or container).
----
-## Connection Troubleshooting
-| Symptom | Diagnosis | Fix |
-|---------|-----------|-----|
-| `nc -zv db 5432` times out | VPN not connected | `zcli vpn up <project-id>` |
-| VPN connected, still timeout | Wrong project | `zcli vpn up <correct-project-id>` |
-| Connected but auth fails | Stale .env | Regenerate from `zerops_discover includeEnvs=true` |
-| Service unreachable | Service stopped | `zerops_manage action="start" serviceHostname="db"` |
-| Service unreachable | Service stopped | `zerops_manage action="start" serviceHostname="db"` |
-### Diagnostic sequence
-1. `zerops_discover service="db"` — is service RUNNING?
-2. `nc -zv db 5432 -w 3` — network reachable?
-3. Compare `.env` vs `zerops_discover includeEnvs=true` — credentials current?
----
-## Multi-Project
-Each project directory has its own `.mcp.json` + `.zcp/state/`. VPN is one per machine — switch manually:
-```bash
-zcli vpn up   # work on project A
-zcli vpn up   # auto-disconnects A, connects B
-```
----
-## Gotchas
-1. **VPN = network only**: Env vars must come from `.env` file, not VPN connection
-2. **`.env` contains secrets**: Add to `.gitignore` immediately — never commit
-3. **Deploy = new container**: Local files on Zerops are lost on every deploy. Only `deployFiles` content persists
-4. **One VPN project at a time**: Connecting to project B disconnects project A
-5. **Object storage (S3)**: Uses HTTPS apiUrl — may work without VPN but not fully verified. Include VPN as fallback
-6. **zcli must be installed**: `zerops_deploy` requires zcli in PATH. Error message includes install link if missing
 
 ----------------------------------------
 
 # Guides > Logging
 
+
 Zerops captures stdout/stderr as logs; use syslog output format for severity filtering. Supports forwarding to Better Stack, Papertrail, or self-hosted ELK via syslog.
+
 ## Log Types
 1. **Build logs** — output from build pipeline
 2. **Prepare runtime logs** — output from custom runtime image creation
 3. **Runtime/Database logs** — operational output (stdout/stderr)
+
 ## Access Methods
+
 ### GUI
 - Project detail → service → Logs section
 - Filter by severity, time range, container
+
 ### CLI
 ```bash
-zcli service log                   # Runtime logs
-zcli service log  --showBuildLogs  # Build logs
+zcli service log <service-name>                  # Runtime logs
+zcli service log <service-name> --showBuildLogs  # Build logs
 ```
+
 ## Severity Filtering
 Logs must output to **syslog format** for severity filtering to work. Plain stdout/stderr logs appear as "info" level.
+
 ## Log Forwarding
+
 ### Ready-Made Integrations
 - **Better Stack** — cloud log management
 - **Papertrail** — cloud log aggregation
 - **ELK Stack** — self-hosted (Elasticsearch + Logstash + Kibana)
+
 ### ELK Stack Setup (Self-Hosted on Zerops)
+
 Services needed:
 - `elkstorage` — Elasticsearch
 - `kibana` — UI
 - `logstash` — Log collection (UDP syslog)
+
 Multi-project forwarding: make Logstash public with firewall whitelist rules.
+
 ### Custom syslog-ng Configuration
+
 **Critical**: Use source name `s_src` (not `s_sys`):
 ```
 source s_src {
@@ -10844,9 +15518,11 @@ source s_src {
     internal();
 };
 ```
+
 Certificate paths:
 - System certs: `/etc/ssl/certs`
 - Custom certs: `ca-file("/etc/syslog-ng/user.crt")`
+
 ## Gotchas
 1. **Syslog format required**: Without syslog formatting, all logs appear as same severity — no filtering possible
 2. **Build logs separate**: Use `--showBuildLogs` flag in CLI — not shown by default
@@ -10854,14 +15530,18 @@ Certificate paths:
 4. **UDP for Logstash**: Zerops forwards logs via UDP syslog — ensure Logstash listens on UDP
 5. **Custom certs path**: Place custom CA certs in `/etc/syslog-ng/user.crt`
 
+
 ----------------------------------------
 
 # Guides > Metrics
 
+
 Zerops supports ELK (APM + logs) and Prometheus/Grafana stacks; expose `/metrics` endpoint and set `ZEROPS_PROMETHEUS_PORT` for auto-scraping.
+
 ## Deployment Modes
 - **Local**: Monitoring services in the same project as your app
 - **Global**: Dedicated observability project (recommended for multi-project)
+
 ## ELK Stack Services
 | Service | Purpose |
 |---------|---------|
@@ -10870,14 +15550,16 @@ Zerops supports ELK (APM + logs) and Prometheus/Grafana stacks; expose `/metrics
 | `apmserver` | APM traces (made public via Zerops subdomain) |
 | `logstash` | Log collection |
 | `logstash` | Log collection |
+
 ### APM Configuration
 ```yaml
 envVariables:
   ELASTIC_APM_ACTIVE: "true"
   ELASTIC_APM_SERVICE_NAME: my-app
   ELASTIC_APM_SERVER_URL: https://apmserver.zerops.app
-  ELASTIC_APM_SECRET_TOKEN: 
+  ELASTIC_APM_SECRET_TOKEN: <your-secret>
 ```
+
 ## Prometheus + Grafana Stack Services
 | Service | Purpose |
 |---------|---------|
@@ -10887,27 +15569,35 @@ envVariables:
 | `prometheusbackups` | S3 for Prometheus data |
 | `prometheuslight` | Forwarder (in source project for cross-project) |
 | `prometheuslight` | Forwarder (in source project for cross-project) |
+
 ### Custom Metrics
 1. Expose HTTP `/metrics` endpoint in your app
 2. Set env var: `ZEROPS_PROMETHEUS_PORT=8080` (comma-separated for multiple ports)
 3. Prometheus auto-discovers and scrapes
+
 ## Built-in Metrics
 - Service scaling & resource usage
 - PostgreSQL (with `pg_stat_statements` extension)
 - MariaDB
 - Valkey
+
 ## Gotchas
 1. **`ZEROPS_PROMETHEUS_PORT` is required**: Without it, Prometheus won't discover your custom metrics endpoint
 2. **APM server must be public**: Use Zerops subdomain to expose apmserver for trace collection
 3. **Cross-project needs forwarder**: Use `prometheuslight` service in source project to forward to global Prometheus
 
+
 ----------------------------------------
 
 # Guides > Networking
 
+
 Zerops networking has two layers: a private VXLAN network per project (service-to-service via hostname, plain HTTP) and an L7 balancer for public traffic (SSL termination, round-robin, health checks). Apps must bind `0.0.0.0` — binding localhost causes 502. The L7 balancer is nginx-based with configurable timeouts, buffers, rate limiting, and access policies.
+
 ---
+
 ## Architecture Overview
+
 ```
 Internet
   │
@@ -10915,33 +15605,49 @@ Internet
   │
   └─ Direct port ──→ L3/Core Balancer ──→ container VXLAN IP:port
 ```
+
 **Per-project infrastructure:**
 - **Private VXLAN network** — isolated overlay network shared by all services
 - **L7 HTTP Balancer** — 2 HA containers, auto-scales, domain routing + SSL
 - **L3 Core Balancer** — IP addresses and direct port access (TCP/UDP)
+
 ---
+
 ## Internal Networking (VXLAN)
+
 Services in the same project communicate by **hostname and internal port**:
+
 ```
 http://api:3000/health
 http://postgres:5432
 ```
+
 **Rules:**
 - Always **`http://`** — never `https://` for internal traffic
 - Isolated per project — no cross-project private networking
 - Service discovery is automatic — no manual network config
 - VPN uses same hostnames: `http://api:3000` from local machine (both `api` and `api.zerops` resolve — VPN sets up DNS search domain)
+
 **Cross-service env vars**: prefix with hostname — e.g., `app_API_TOKEN`. Zerops auto-generates connection vars for managed services.
+
 **DO NOT** use `https://` for service-to-service calls — SSL terminates at the L7 balancer, internal network is already isolated.
+
 ---
+
 ## L7 Balancer (HTTP/HTTPS)
+
 The L7 balancer is **nginx-based**, deployed as 2 HA containers per project. It handles SSL/TLS termination (Let's Encrypt, auto-renewed), domain routing, round-robin load balancing with health checks, and connection pooling.
+
 ### Proxy Headers
+
 The balancer forwards client info via standard headers:
 - **`X-Forwarded-For`** / **`X-Real-IP`** — original client IP
 - **`X-Forwarded-Proto`** — `https` (original protocol)
+
 Your app receives plain HTTP but can inspect these headers for the real client info.
+
 ### Key Default Settings
+
 | Parameter | Default | Range | Notes |
 |-----------|---------|-------|-------|
 | `worker_connections` | 4000 | 1024-65535 | Simultaneous connections per worker |
@@ -10953,8 +15659,11 @@ Your app receives plain HTTP but can inspect these headers for the real client i
 | `send_timeout` | 2s | 1s-300s | Response transmission timeout |
 | `proxy_buffering` | on | on/off | Buffer backend responses |
 | `proxy_buffering` | on | on/off | Buffer backend responses |
+
 **Zerops subdomain** balancer: fixed **50 MB** upload limit (not configurable).
+
 ### Advanced Routing Features (GUI)
+
 | Feature | Description |
 |---------|-------------|
 | **Redirects** | 301/302/307/308 with `preservePath` and `preserveQuery` options |
@@ -10963,9 +15672,13 @@ Your app receives plain HTTP but can inspect these headers for the real client i
 | **Basic Auth** | HTTP Basic Authentication per location |
 | **Custom Content** | Return static content with custom status code and MIME type |
 | **Custom Content** | Return static content with custom status code and MIME type |
+
 ---
+
 ## 502 Bad Gateway Diagnostic Checklist
+
 Work through these steps **in order**:
+
 1. **Binding address** — App bound to `0.0.0.0`? Binding `127.0.0.1`/`localhost` is the #1 cause
 2. **Port match** — App listening on the port declared in `zerops.yml` `ports[]`?
 3. **App running** — Check runtime logs (`zerops_logs`) for crash/startup errors
@@ -10973,15 +15686,22 @@ Work through these steps **in order**:
 5. **Readiness check** — If configured, traffic only routes after it passes
 6. **Service status** — Is the service ACTIVE? (check `zerops_discover`)
 7. **Timeout settings** — For slow responses, increase `send_timeout` (default 2s)
+
 **Common framework fixes:**
 ```bash
 app.listen(3000, '0.0.0.0')
+
 flask run --host=0.0.0.0
+
 http.ListenAndServe(":8080", handler)  // implicit 0.0.0.0
+
 server.address=0.0.0.0
 ```
+
 ---
+
 ## Shared vs Dedicated IPv4
+
 | Feature | Shared IPv4 | Dedicated IPv4 |
 |---------|-------------|----------------|
 | Cost | Free | $3 / 30 days |
@@ -10992,15 +15712,21 @@ server.address=0.0.0.0
 | SNI routing | AAAA record used for verification | Not needed |
 | Production use | No | Yes |
 | Production use | No | Yes |
+
 **Shared IPv4 SNI mechanism**: Zerops reverse-looks-up the domain's AAAA record to verify project ownership. Without it, routing fails silently.
+
 ---
+
 ## Cloudflare Integration Summary
+
 - **SSL mode**: Always **Full (strict)** — "Flexible" causes redirect loops
 - **Shared IPv4 + proxy**: **DO NOT** — reverse AAAA lookup breaks with Cloudflare proxy
 - **Best setup**: IPv6-only AAAA record, Cloudflare proxied (handles IPv4 translation)
 - **ACME challenge**: WAF skip rule for `/.well-known/acme-challenge/`
-- **Wildcard SSL**: `_acme-challenge.` CNAME to `.zerops.zone`
+- **Wildcard SSL**: `_acme-challenge.<domain>` CNAME to `<domain>.zerops.zone`
+
 ---
+
 ## Gotchas
 1. **Binding localhost = 502**: The L7 balancer connects via VXLAN IP, not localhost — always bind `0.0.0.0`
 2. **Internal HTTPS breaks things**: Service-to-service must use `http://` — the VXLAN network is already isolated
@@ -11009,13 +15735,18 @@ server.address=0.0.0.0
 5. **Cross-project networking impossible**: Each project is an isolated VXLAN — use public access to bridge projects
 6. **Shared IPv4 needs AAAA**: Missing AAAA record = silent routing failure on shared IPv4
 
+
 ----------------------------------------
 
 # Guides > Object Storage Integration
 
+
 Zerops Object Storage is S3-compatible (MinIO). Always set `AWS_USE_PATH_STYLE_ENDPOINT: true`. Use env var references `${storage_*}` for credentials. Container filesystem is lost on deploy — use Object Storage for any files that must persist across deployments.
+
 ## Environment Variables
+
 When you create an Object Storage service, Zerops auto-generates these env vars (prefix with hostname for cross-service access, e.g. `${storage_apiUrl}`):
+
 | Variable | Description |
 |----------|-------------|
 | `apiUrl` | S3 endpoint URL — full `https://...` URL ready for any S3 SDK's `endpoint` option |
@@ -11028,7 +15759,9 @@ When you create an Object Storage service, Zerops auto-generates these env vars
 | `serviceId` | Service ID (Zerops-generated) |
 | `hostname` | Service hostname |
 | `hostname` | Service hostname |
+
 **Use `${storage_apiUrl}` as the S3 endpoint** — it carries the complete `https://` scheme and is what every S3 SDK's `endpoint` option expects. The `apiHost` variant is host-only; if a client library requires host separately, combine `https://${storage_apiHost}` manually — **never `http://`**. The object-storage gateway rejects plaintext HTTP with a 301 redirect to the HTTPS equivalent, and most S3 SDKs don't follow the redirect automatically. The symptom of a misconfigured endpoint is `UnknownError` or connection-refused on the first bucket call.
+
 Reference them in zerops.yml `run.envVariables`:
 ```yaml
 S3_ENDPOINT: ${storage_apiUrl}
@@ -11038,14 +15771,21 @@ S3_BUCKET: ${storage_bucketName}
 S3_REGION: us-east-1
 AWS_USE_PATH_STYLE_ENDPOINT: "true"
 ```
+
 ## Path Style Endpoint (Required)
+
 Zerops uses MinIO which requires **path-style** URLs (not virtual-hosted):
+
 ```
 https://endpoint.com/bucket-name/object-key
+
 https://bucket-name.endpoint.com/object-key
 ```
+
 **Every S3 client must be configured for path-style access.**
+
 ## Framework Integration
+
 ### PHP (Laravel — Flysystem)
 ```php
 // config/filesystems.php
@@ -11060,8 +15800,10 @@ https://bucket-name.endpoint.com/object-key
 ],
 ```
 Package: `league/flysystem-aws-s3-v3`
+
 ### Node.js (AWS SDK v3)
 ```javascript
+
 const s3 = new S3Client({
   endpoint: process.env.S3_ENDPOINT,
   forcePathStyle: true,  // REQUIRED
@@ -11073,6 +15815,7 @@ const s3 = new S3Client({
 });
 ```
 Package: `@aws-sdk/client-s3`
+
 ### Python (boto3)
 ```python
 import boto3
@@ -11085,6 +15828,7 @@ s3 = boto3.client('s3',
 )
 ```
 Package: `boto3`
+
 ### Java (AWS SDK)
 ```java
 S3Client s3 = S3Client.builder()
@@ -11099,7 +15843,9 @@ S3Client s3 = S3Client.builder()
     .region(Region.US_EAST_1)
     .build();
 ```
+
 ## import.yaml Definition
+
 ```yaml
 services:
   - hostname: storage
@@ -11108,15 +15854,20 @@ services:
     objectStoragePolicy: public-read  # predefined policy
     priority: 10
 ```
+
 **Predefined policies** (`objectStoragePolicy`):
 - `private` — no anonymous access (documents, backups)
 - `public-read` — anonymous list + get (media, avatars, static assets)
 - `public-objects-read` — anonymous get only, no listing (direct links only)
 - `public-write` — anonymous put only
 - `public-read-write` — full anonymous access
+
 **Custom policy**: use `objectStorageRawPolicy` with IAM Policy JSON instead (template var `{{ .BucketName }}` available).
+
 Each service = one bucket (auto-named, immutable). Need multiple buckets? Create multiple services.
+
 ## When to Use Object Storage
+
 | Scenario | Use Object Storage? |
 |----------|-------------------|
 | User uploads (avatars, documents) | Yes — lost on deploy |
@@ -11126,6 +15877,7 @@ Each service = one bucket (auto-named, immutable). Need multiple buckets? Create
 | Logs | No — use Zerops logging |
 | Database dumps | Yes — for backup storage |
 | Database dumps | Yes — for backup storage |
+
 ## Gotchas
 1. **`forcePathStyle: true` / `AWS_USE_PATH_STYLE_ENDPOINT: true` is REQUIRED**: Zerops uses MinIO which doesn't support virtual-hosted style
 2. **Container filesystem is replaced on deploy**: Files on disk survive restarts but are lost when a new container is created (deploy, scale-up). Always use Object Storage for persistent data
@@ -11136,16 +15888,24 @@ Each service = one bucket (auto-named, immutable). Need multiple buckets? Create
 7. **No Zerops backup**: Object Storage is not covered by the Zerops backup system
 8. **No autoscaling**: Quota (1-100 GB) must be set manually, changeable in GUI after creation
 
+
 ----------------------------------------
 
 # Guides > Php Tuning
 
+
 Override php.ini via `PHP_INI_*` env vars, FPM via `PHP_FPM_*`. Both require **restart** (not reload). Zerops defaults: upload/post = 1024M, FPM dynamic 20/2/1/3. Upload bottleneck is L7 balancer (50MB subdomain), not PHP.
+
 ## PHP Configuration (`PHP_INI_*`)
+
 Override any php.ini directive via `PHP_INI_{directive}` env vars in `run.envVariables` or via `zerops_env` API.
+
 **Requires restart** to take effect. Reload writes config files (`/etc/php*/conf.d/overwrite.ini`) but FPM master does not re-read INI on reload.
+
 ### Zerops Platform Defaults
+
 Zerops overrides several stock PHP values for production use:
+
 | Directive | Zerops default | Stock PHP | Why |
 |-----------|---------------|-----------|-----|
 | `upload_max_filesize` | **1024M** | 2M | Generous upload limit (L7 balancer is the real gate) |
@@ -11157,7 +15917,9 @@ Zerops overrides several stock PHP values for production use:
 | `date.timezone` | **UTC** | (empty) | Consistent timezone |
 | `sendmail_path` | `/usr/sbin/sendmail -t -i` | (empty) | System sendmail wired |
 | `sendmail_path` | `/usr/sbin/sendmail -t -i` | (empty) | System sendmail wired |
+
 ### Example
+
 ```yaml
 zerops:
   - setup: app
@@ -11170,11 +15932,17 @@ zerops:
         PHP_INI_max_execution_time: 60
         PHP_INI_max_input_vars: 5000
 ```
+
 ## PHP-FPM (`PHP_FPM_*`)
+
 Configure FPM process management via `PHP_FPM_*` env vars. **Requires restart** — same as PHP_INI.
+
 Config files are written to `/etc/php*/php-fpm.d/www.conf` by `zerops-zenv` at container startup.
+
 ### Dynamic Mode (default)
+
 Pre-forks a pool of workers. Good for consistent traffic.
+
 | Variable | Default |
 |----------|---------|
 | `PHP_FPM_PM` | `dynamic` |
@@ -11185,7 +15953,9 @@ Pre-forks a pool of workers. Good for consistent traffic.
 | `PHP_FPM_PM_MAX_SPAWN_RATE` | `32` |
 | `PHP_FPM_PM_MAX_REQUESTS` | `500` |
 | `PHP_FPM_PM_MAX_REQUESTS` | `500` |
+
 High-traffic example:
+
 ```yaml
 envVariables:
   PHP_FPM_PM_MAX_CHILDREN: 50
@@ -11194,8 +15964,11 @@ envVariables:
   PHP_FPM_PM_MAX_SPARE_SERVERS: 15
   PHP_FPM_PM_MAX_REQUESTS: 1000
 ```
+
 ### Ondemand Mode
+
 Spawns workers only when requests arrive. Saves memory for low-traffic sites.
+
 ```yaml
 envVariables:
   PHP_FPM_PM: ondemand
@@ -11203,26 +15976,37 @@ envVariables:
   PHP_FPM_PM_PROCESS_IDLE_TIMEOUT: 60s
   PHP_FPM_PM_MAX_REQUESTS: 500
 ```
+
 Available parameters for ondemand:
 - `PHP_FPM_PM_MAX_CHILDREN` -- maximum child processes
 - `PHP_FPM_PM_PROCESS_IDLE_TIMEOUT` -- idle timeout before termination (default: 60s)
 - `PHP_FPM_PM_MAX_REQUESTS` -- requests per process before recycling (default: 500)
+
 ## Upload Limits (3-layer chain)
+
 File uploads pass through three layers -- ALL must allow the size:
+
 1. **L7 Balancer**: `client_max_body_size` = 512m (custom domain) / **50MB fixed** (subdomain)
 2. **PHP**: `upload_max_filesize` = 1024M (Zerops default)
 3. **PHP**: `post_max_size` = 1024M (Zerops default)
+
 Zerops pre-configures generous PHP limits, so the **L7 balancer is typically the bottleneck**:
 - Subdomain (zerops.app): hard 50MB cap, cannot be changed
 - Custom domain: 512m default, configurable via custom Nginx template
+
 ## Extensions (Alpine)
-Install via `sudo apk add --no-cache php84-` — version prefix must match PHP major+minor (e.g. `php84-` for PHP 8.4). Sudo required — containers run as `zerops` user.
+
+Install via `sudo apk add --no-cache php84-<ext>` — version prefix must match PHP major+minor (e.g. `php84-` for PHP 8.4). Sudo required — containers run as `zerops` user.
+
 Build and runtime are **separate containers with separate images**. The build base (`php@X`) is Alpine-minimal. The runtime base (`php-nginx@X`, `php-apache@X`) bundles more extensions but not all.
+
 If a Composer dependency requires an extension that's missing from the build image:
 - Install it in `build.prepareCommands` so Composer validates platform requirements properly
 - If also needed at runtime, install in `run.prepareCommands` too (separate container, separate image)
 - **Never** use `--ignore-platform-reqs` — it suppresses all platform checks, hiding real problems that crash at runtime
+
 Common extensions not in the build base: `ext-pcntl`, `ext-posix` (needed by Horizon), `ext-gd`, `ext-intl`.
+
 ```yaml
 build:
   base: php@8.4
@@ -11235,25 +16019,34 @@ run:
   prepareCommands:
     - sudo apk add --no-cache php84-pcntl php84-posix
 ```
+
 ## Gotchas
+
 - **Reload does NOT apply changes** -- `PHP_INI_*` and `PHP_FPM_*` both require restart. Zerops reload rewrites config files via `zerops-zenv` but does not signal FPM to re-read them.
 - **Upload fails at 50MB on subdomain** -- this is the L7 balancer limit, not PHP. Use a custom domain for larger uploads.
 - **`post_max_size` must be >= `upload_max_filesize`** -- PHP silently drops the POST body if it exceeds `post_max_size`, even if the file itself is under `upload_max_filesize`.
 
+
 ----------------------------------------
 
 # Guides > Production Checklist
 
+
 Before going to production: (1) databases to HA mode, (2) minContainers: 2 on app services, (3) replace Mailpit with real SMTP, (4) remove Adminer, (5) use Object Storage for uploads, (6) use Redis/Valkey for sessions.
+
 ## Database
+
 | Item | Dev | Production |
 |------|-----|------------|
 | Mode | `NON_HA` | `HA` (must recreate) |
 | Backups | Optional | Enabled |
 | Connection | Single primary | Primary + read replicas |
 | Connection | Single primary | Primary + read replicas |
+
 **HA is immutable** — cannot switch after creation. Delete and recreate with `mode: HA`.
+
 ## Application Services
+
 | Item | Dev | Production |
 |------|-----|------------|
 | minContainers | 1 | 2+ |
@@ -11261,28 +16054,36 @@ Before going to production: (1) databases to HA mode, (2) minContainers: 2 on ap
 | Logging | Console/debug | Structured (syslog) |
 | Debug mode | Enabled | Disabled |
 | Debug mode | Enabled | Disabled |
+
 ```yaml
 - hostname: app
   type: nodejs@22
   minContainers: 2
   maxContainers: 4
 ```
+
 ## Dev Services to Remove
+
 ### Mailpit → Production SMTP
 ```yaml
 - hostname: mailpit
   type: go@1
   buildFromGit: https://github.com/zeropsio/recipe-mailpit
+
 envVariables:
   SMTP_HOST: smtp.sendgrid.net
   SMTP_PORT: "587"
 envSecrets:
   SMTP_PASSWORD: your-production-key
 ```
+
 ### Adminer → Remove or Restrict
 Remove entirely or disable `enableSubdomainAccess`. Use VPN + pgAdmin/DBeaver locally.
+
 ## File Storage
+
 **Container filesystem survives restarts but is replaced on every deploy** — files stored on disk persist through reload/restart/stop+start but are lost on deploy or container replacement (scale-up/down).
+
 | Use case | Solution |
 |----------|----------|
 | User uploads | Object Storage (S3) |
@@ -11290,14 +16091,18 @@ Remove entirely or disable `enableSubdomainAccess`. Use VPN + pgAdmin/DBeaver lo
 | Temp files | Container disk (OK) |
 | Build artifacts | Deploy via zerops.yaml |
 | Build artifacts | Deploy via zerops.yaml |
+
 ```yaml
 - hostname: storage
   type: object-storage
   objectStorageSize: 2
   objectStoragePolicy: public-read
 ```
+
 ## Sessions & Cache
+
 **File-based sessions break with multiple containers and are lost on deploy.**
+
 | Use case | Solution |
 |----------|----------|
 | PHP sessions | Redis/Valkey |
@@ -11305,39 +16110,49 @@ Remove entirely or disable `enableSubdomainAccess`. Use VPN + pgAdmin/DBeaver lo
 | Django sessions | Redis backend |
 | Express sessions | Redis store |
 | Express sessions | Redis store |
+
 ```yaml
 - hostname: cache
   type: valkey@7.2
   mode: NON_HA  # HA for production
 ```
+
 ## Framework-Specific Production Settings
+
 ### PHP/Laravel
 - `APP_ENV: production`, `APP_DEBUG: "false"`
 - Trusted proxies: `TRUSTED_PROXIES: 127.0.0.1,10.0.0.0/8`
 - Sessions in Redis, not files
 - Optimize: `php artisan config:cache && route:cache && view:cache`
+
 ### PHP/Symfony
 - `APP_ENV: prod`
 - `TRUSTED_PROXIES: 127.0.0.1,10.0.0.0/8`
 - Logging via Monolog SyslogHandler
+
 ### Python/Django
 - `DEBUG: "false"`
 - `CSRF_TRUSTED_ORIGINS: https://your-domain.com`
 - `ALLOWED_HOSTS: .zerops.app,your-domain.com`
 - Static files via `collectstatic`
+
 ### Node.js
 - `NODE_ENV: production`
 - `HOST: 0.0.0.0`
 - Health check endpoint at `/status` or `/health`
+
 ### Java/Spring
 - `server.address: 0.0.0.0` (required — default binds localhost)
 - Actuator health endpoints enabled
 - JVM memory flags: `-Xmx512m` (match container limits)
+
 ### Elixir/Phoenix
 - `PHX_SERVER: "true"` (required to start server in releases)
 - `SECRET_KEY_BASE` generated via preprocessor
 - `PHX_HOST` set to domain
+
 ## HA Checklist
+
 | Item | Recommendation |
 |------|---------------|
 | Core package | **Serious Core** for production (better SLA, dedicated resources) |
@@ -11347,8 +16162,11 @@ Remove entirely or disable `enableSubdomainAccess`. Use VPN + pgAdmin/DBeaver lo
 | Database mode | `mode: HA` for all managed services (immutable — plan before creation) |
 | Min containers | `minContainers: 2` on all app services for zero-downtime deploys |
 | Min containers | `minContainers: 2` on all app services for zero-downtime deploys |
+
 ## Health Check Pattern
+
 Combined readiness + runtime health check for production services:
+
 ```yaml
 zerops:
   - setup: app
@@ -11364,7 +16182,9 @@ zerops:
           path: /health
       start: node server.js
 ```
+
 Readiness check gates traffic during deploy. Health check runs continuously — unhealthy containers are restarted after 5-minute retry window.
+
 ## Gotchas
 1. **HA is immutable**: Must delete and recreate service to switch modes
 2. **Container filesystem survives restarts but is replaced on every deploy**: use external storage for persistent data
@@ -11373,12 +16193,16 @@ Readiness check gates traffic during deploy. Health check runs continuously —
 5. **Debug mode leaks secrets**: Disable APP_DEBUG in production
 6. **Missing health checks**: Load balancer can't route around unhealthy containers
 
+
 ----------------------------------------
 
 # Guides > Public Access
 
+
 Zerops offers three public access methods: zerops.app subdomains (dev only, 50MB upload limit), custom domains (production, needs IPv4/IPv6), and direct port access (TCP/UDP on 10-65435).
+
 ## Access Methods
+
 ### 1. Zerops Subdomains (`.zerops.app`)
 - Shared HTTPS balancer (scalability bottleneck)
 - Max upload: **50 MB**
@@ -11389,39 +16213,48 @@ Zerops offers three public access methods: zerops.app subdomains (dev only, 50MB
 - **Port-specific subdomains**: If HTTP ports are defined in zerops.yml, each port gets its own subdomain: `{hostname}-{subdomainHost_prefix}-{port}.{subdomainHost_rest}`. Example: hostname `appdev`, subdomainHost `1df2.prg1.zerops.app`, port 3000 → actual URL `https://appdev-1df2-3000.prg1.zerops.app`. Port 80 omits the port suffix: `https://appdev-1df2.prg1.zerops.app`
 - **Internal network fallback**: Every service is accessible internally via `http://{hostname}:{port}` (e.g., `http://appdev:3000`). Use this to verify the app is running when subdomain access is uncertain — `curl http://appdev:3000/health` from the ZCP container or any other service in the project
 - Works for: nodejs, static, nginx, go, python, php, java, rust, dotnet, and all other runtime types
+
 ### 2. Custom Domains (Production)
 - Per-project HTTPS balancer (2 containers, HA)
 - Round-robin load balancing + health checks
 - Full upload limit: 512 MB
 - Requires IP address assignment:
+
 | IP Type | Cost | Protocol | Notes |
 |---------|------|----------|-------|
 | Shared IPv4 | Free | HTTP/HTTPS only | Limited connections, shorter timeouts |
 | Dedicated IPv4 | $3/30 days | All protocols | Non-refundable, auto-renews |
 | IPv6 | Free | All protocols | Dedicated per project |
 | IPv6 | Free | All protocols | Dedicated per project |
+
 ### 3. Direct Port Access
 - Available for: Runtime services, PostgreSQL
 - Port range: 10-65435 (80, 443 reserved)
 - Protocols: TCP, UDP
 - Configurable firewall: blacklist or whitelist per port
+
 ## DNS Setup (Custom Domain)
 Point your domain to the project's IP:
 - `A` record → Dedicated IPv4
 - `AAAA` record → IPv6
 - Shared IPv4: Requires **both A and AAAA** records (AAAA needed for SNI routing)
+
 ## Gotchas
 1. **Shared IPv4 needs AAAA record**: Without AAAA, SNI routing fails — always add both A and AAAA
 2. **zerops.app 50MB limit**: File uploads over 50MB fail on subdomains — use custom domain
 3. **Dedicated IPv4 is non-refundable**: $3/30 days, auto-renews — cannot get refund if removed early
 4. **Ports 80/443 reserved**: Your app cannot bind to these — Zerops uses them for SSL termination
 
+
 ----------------------------------------
 
 # Guides > Scaling
 
+
 Zerops autoscales vertically (CPU/RAM/disk) and horizontally (container count). Runtimes support both. Managed services (DB, cache, shared-storage) support vertical only with fixed container count (NON_HA=1, HA=3). Object-storage and Docker have no autoscaling. Extends grammar.md section 9 with mechanics, thresholds, YAML syntax, and common mistakes.
+
 ## When to Scale Which Way
+
 | Symptom | Scale type | Why |
 |---------|-----------|-----|
 | CPU/memory pressure on existing containers | Vertical (CPU/RAM) | More resources per container |
@@ -11429,7 +16262,9 @@ Zerops autoscales vertically (CPU/RAM/disk) and horizontally (container count).
 | Disk filling up | Vertical (disk) | More storage per container |
 | Latency-sensitive workload on SHARED CPU | CPU mode → DEDICATED | Guaranteed cores, no burstable throttling |
 | Latency-sensitive workload on SHARED CPU | CPU mode → DEDICATED | Guaranteed cores, no burstable throttling |
+
 ## Applicability Matrix
+
 | Service type | Vertical autoscaling | Horizontal scaling | Notes |
 |---|---|---|---|
 | **Runtime** (Node.js, Go, PHP, Python, Java, etc.) | Yes | Yes (1-10 containers) | Full autoscaling |
@@ -11440,38 +16275,55 @@ Zerops autoscales vertically (CPU/RAM/disk) and horizontally (container count).
 | **Object storage** | No | No | Fixed size at creation, no verticalAutoscaling |
 | **Docker** | No (manual, triggers VM restart) | Yes (VM count changeable, triggers restart) | No autoscaling at all |
 | **Docker** | No (manual, triggers VM restart) | Yes (VM count changeable, triggers restart) | No autoscaling at all |
+
 ## Vertical Autoscaling
+
 ### CPU Modes
+
 | Mode | Behavior | Best for |
 |---|---|---|
 | **SHARED** | Physical core shared with up to 10 tenants. Performance ranges 1/10 to 10/10 depending on neighbors | Dev, staging, low-traffic production |
 | **DEDICATED** | Exclusive full physical core(s). Consistent performance | Production, CPU-intensive workloads |
 | **DEDICATED** | Exclusive full physical core(s). Consistent performance | Production, CPU-intensive workloads |
+
 - CPU mode can be changed **once per hour**
 - **startCpuCoreCount**: cores allocated at container start (default: 2). Increase for apps with heavy initialization
+
 ### CPU Scaling Thresholds (DEDICATED mode only)
+
 - **Min free CPU cores** (`minFreeCpuCores`): scale-up triggers when free capacity on a single core drops below this fraction, range 0.0-1.0 (default: 0.1 = 10%)
 - **Min free CPU percent** (`minFreeCpuPercent`): scale-up triggers when total free capacity across all cores drops below this percentage, range 0-100 (default: 0, disabled)
+
 ### RAM Dual-Threshold System
+
 RAM is monitored every **10 seconds**. Two independent thresholds control scale-up -- whichever provides **more free memory** wins:
+
 | Threshold | Field | Default | Behavior |
 |---|---|---|---|
 | **Absolute** | `minFreeRamGB` | 0.0625 GB (64 MB) | Scale up when free RAM drops below this fixed amount |
 | **Percentage** | `minFreeRamPercent` | 0% (disabled) | Scale up when free RAM drops below this % of granted RAM |
 | **Percentage** | `minFreeRamPercent` | 0% (disabled) | Scale up when free RAM drops below this % of granted RAM |
+
 Both thresholds serve dual purpose: prevent OOM crashes and preserve space for kernel disk caching. Swap is enabled as a safety net but does not replace proper threshold configuration.
+
 **Higher wins example**: with 12 GB granted RAM, `minFreeRamGB=0.5` (500 MB buffer) and `minFreeRamPercent=5` (600 MB buffer) — the 600 MB threshold applies. As granted RAM grows, the percentage threshold automatically provides a larger buffer.
+
 ### Disk
 - **Grows only -- never shrinks** (no scale-down). Set `minDisk = maxDisk` to disable.
+
 ### Resource Limits (Defaults)
+
 | Resource | Min | Max |
 |---|---|---|
 | CPU cores | 1 | 8 |
 | RAM | 0.125 GB | 48 GB |
 | Disk | 1 GB | 250 GB |
 | Disk | 1 GB | 250 GB |
+
 PostgreSQL and MariaDB override RAM minimum to **0.25 GB**.
+
 ### Scaling Behavior Parameters
+
 | Parameter | CPU | RAM | Disk |
 |---|---|---|---|
 | Collection interval | 10s | 10s | 10s |
@@ -11482,43 +16334,66 @@ PostgreSQL and MariaDB override RAM minimum to **0.25 GB**.
 | Minimum step | 1 (0.1 cores) | 0.125 GB | 0.5 GB |
 | Maximum step | 40 | 32 GB | 128 GB |
 | Maximum step | 40 | 32 GB | 128 GB |
+
 Scaling uses exponential growth: small increments initially, larger jumps under sustained high load.
+
 **Scale-up behavior summary:**
 - **RAM/Disk**: immediate scale-up when free resources drop below threshold (single measurement)
 - **CPU**: requires 2 consecutive measurements below threshold (~20s window) to avoid spikes
 - **Scale-down is conservative**: 3-5 consecutive measurements above threshold (60-300s depending on resource) — prevents flapping
+
 ### Spike Protection via minRam
+
 Autoscaling reacts within 10-20 seconds. Compilation and package installation create RAM spikes faster than scaling can respond. Set `minRam` high enough to absorb the first spike WITHOUT relying on autoscaling:
+
 - **Dev services** (compilation on container via SSH): `minRam` must cover the build tool peak — `npm install`, `go build`, `cargo build` spike within seconds
 - **Stage/prod services** (pre-built artifacts): `minRam` only needs to cover the startup peak (JVM heap allocation, SSR warming)
+
 Thresholds (`minFreeRamGB`, `minFreeRamPercent`) handle gradual load growth. They cannot protect against sub-10s spikes that exceed the total allocated RAM. See runtime guides for per-runtime `minRam` recommendations.
+
 **Disabling autoscaling**: set **minimum = maximum** for any resource to pin it at a fixed value (e.g., `minRam: 2, maxRam: 2`).
+
 ## Horizontal Scaling
+
 Applies to **runtimes and Linux containers only**. New containers are added when vertical scaling reaches configured maximums.
+
 - **minContainers**: baseline always running (system range: 1-10)
 - **maxContainers**: upper limit during peak (system range: 1-10)
 - Set `minContainers = maxContainers` to disable horizontal autoscaling
+
 **HA requirement**: applications must be stateless and handle distributed operation (no local file sessions, no local uploads).
+
 ### Managed Services (DB, Cache, Shared Storage)
+
 Container count is **fixed by deployment mode**, set at creation, **immutable**:
+
 | Mode | Containers | Use case |
 |---|---|---|
 | `NON_HA` | 1 | Development, non-critical |
 | `HA` | 3 (on separate physical machines) | Production, automatic failover |
 | `HA` | 3 (on separate physical machines) | Production, automatic failover |
+
 HA recovery: failed container is disconnected, new one created on different hardware, data synchronized from healthy copies, failed container removed.
+
 PostgreSQL HA exposes read replica port **5433** for distributing SELECT queries.
+
 ## Configuring Thresholds via zerops_scale
+
 Threshold parameters can be set via the `zerops_scale` MCP tool, not just import.yml:
+
 ```
 zerops_scale serviceHostname="api" minFreeRamGB=0.5 minFreeRamPercent=5 minFreeCpuCores=0.2
 ```
+
 All four threshold parameters (`minFreeRamGB`, `minFreeRamPercent`, `minFreeCpuCores`, `minFreeCpuPercent`) are optional and can be combined with any other scaling parameters in a single call.
+
 ## Docker Services
 - Run in **VMs**, not containers. **No autoscaling** -- resources fixed at creation
 - Changing resources or VM count triggers **VM restart** (downtime). Disk can only increase
 - Consider runtime services or Linux containers if dynamic scaling is needed
+
 ## import.yml Syntax
+
 ```yaml
 services:
   # Runtime with full scaling
@@ -11537,6 +16412,7 @@ services:
       minFreeRamPercent: 10
       minDisk: 1
       maxDisk: 20
+
   # Managed DB (vertical only, no container settings)
   - hostname: db
     type: postgresql@16
@@ -11550,32 +16426,46 @@ services:
       minDisk: 5
       maxDisk: 100
 ```
+
 ## Strategy Presets
+
 **Development** — SHARED CPU, min resources, 1 container. Cost-effective for dev/staging:
 ```
 zerops_scale serviceHostname="api" cpuMode="SHARED" minCpu=1 maxCpu=2 minRam=0.25 maxRam=1 minContainers=1 maxContainers=1
 ```
+
 **Production** — DEDICATED CPU, higher minimums, multiple containers for HA:
 ```
 zerops_scale serviceHostname="api" cpuMode="DEDICATED" minCpu=2 maxCpu=8 minRam=2 maxRam=8 minContainers=2 maxContainers=6
 ```
+
 **Burst workloads** — Wide autoscaling range, SHARED CPU:
 ```
 zerops_scale serviceHostname="worker" cpuMode="SHARED" minCpu=1 maxCpu=8 minRam=1 maxRam=16 minContainers=1 maxContainers=10
 ```
+
 ## Common Mistakes
+
 **DO NOT** add `verticalAutoscaling` to **object-storage** or **shared-storage** services in import.yml -- causes import failure. Object storage has a fixed `objectStorageSize` only. Shared storage is managed automatically.
+
 **DO NOT** set `minContainers` or `maxContainers` for managed services (DB, cache, shared-storage) -- container count is fixed by `mode` (NON_HA=1, HA=3). Setting these causes import failure.
+
 **DO NOT** use `DEDICATED` CPU for low-traffic or dev services -- wastes resources. Use `SHARED` and switch to `DEDICATED` only when consistent performance matters.
+
 **DO NOT** set `minFreeRamGB: 0` and `minFreeRamPercent: 0` simultaneously -- the API rejects this with "Invalid custom autoscaling value". Always keep at least the default absolute threshold (0.0625 GB).
+
 **DO NOT** forget that disk **never shrinks** -- setting a high `minDisk` is permanent for that container's lifetime.
+
 **DO NOT** assume horizontal scaling works automatically -- your application must be stateless. File-based sessions, local uploads, and in-memory state break with multiple containers.
 
+
 ----------------------------------------
 
 # Guides > Smtp
 
+
 Only port **587** (STARTTLS) is allowed for outbound email — ports 25 and 465 are permanently blocked. Use an external email service.
+
 ## Port Configuration
 | Port | Status | Protocol |
 |------|--------|----------|
@@ -11583,7 +16473,9 @@ Only port **587** (STARTTLS) is allowed for outbound email — ports 25 and 465
 | 465 | **Blocked** | Legacy SMTPS (deprecated) |
 | **587** | **Allowed** | SMTP submission with STARTTLS |
 | **587** | **Allowed** | SMTP submission with STARTTLS |
+
 ## Provider Configurations
+
 | Provider | Host | Port | Username | Password |
 |----------|------|------|----------|----------|
 | Gmail | smtp.gmail.com | 587 | user@gmail.com | App password |
@@ -11593,6 +16485,7 @@ Only port **587** (STARTTLS) is allowed for outbound email — ports 25 and 465
 | Mailgun | smtp.mailgun.org | 587 | postmaster@domain | Password |
 | Amazon SES | `email-smtp.{region}.amazonaws.com` | 587 | Access key | Secret key |
 | Amazon SES | `email-smtp.{region}.amazonaws.com` | 587 | Access key | Secret key |
+
 ## Configuration Example
 ```yaml
 envVariables:
@@ -11600,36 +16493,105 @@ envVariables:
   SMTP_PORT: "587"
   SMTP_USER: apikey
 envSecrets:
-  SMTP_PASSWORD: 
+  SMTP_PASSWORD: <sendgrid-api-key>
 ```
+
 ## Gotchas
 1. **Port 25 is permanently blocked**: Cannot be unblocked — use 587 with STARTTLS
 2. **Port 465 is also blocked**: Legacy SMTPS is deprecated — use 587
 3. **Gmail needs App Password**: Regular Gmail passwords won't work — generate an App Password in Google Account settings
 
+
+----------------------------------------
+
+# Guides > Verify Web Agent Protocol
+
+
+Sub-agent dispatch protocol for end-to-end verification of a Zerops web
+service. The main agent reads `develop-verify-matrix` (atom) for which
+services need this protocol; the protocol body itself lives here so it
+ships only when fetched, not on every per-turn payload.
+
+Spawn one sub-agent per web-facing target. Substitute `{targetHostname}`
+and `{runtime}` with that service's values when constructing the prompt.
+
+---
+
+## Sub-agent dispatch prompt
+
+```
+Agent(model="sonnet", prompt="""
+Verify Zerops service "{targetHostname}" ({runtime}) works for end users.
+
+## Protocol
+1. `zerops_verify serviceHostname="{targetHostname}"` — infrastructure baseline
+2. If NOT healthy → VERDICT: FAIL (cite failed checks from zerops_verify response)
+3. `zerops_discover service="{targetHostname}"` — get subdomainUrl or connection info
+4. Determine reachable URL:
+   - subdomainUrl available → use it (public HTTPS)
+   - no subdomain, no custom domain → VERDICT: UNCERTAIN (cannot reach from outside)
+   - unreachable after timeout → VERDICT: UNCERTAIN
+5. `agent-browser open {url}`
+6. `agent-browser snapshot` — accessibility tree for AI analysis
+7. Evaluate: does the page render meaningful content?
+   - Interactive elements (buttons, links, forms)?
+   - Text content (headings, paragraphs)?
+   - Or empty/broken (empty root div, error page, blank screen)?
+8. If concerns: `agent-browser eval "JSON.stringify(Array.from(document.querySelectorAll('script[src]')).map(s=>s.src))"` for loaded scripts
+9. For SPAs: `agent-browser eval "window.__errors || []"` AND check if console has errors
+
+## Rules
+- zerops_verify unhealthy/degraded → always VERDICT: FAIL (never override infra checks)
+- HTTP 401/403 with rendered content (login page, auth challenge) → VERDICT: PASS (auth is working correctly)
+- HTTP 401/403 with empty body → VERDICT: UNCERTAIN (cannot determine if intentional)
+- zerops_verify healthy + page empty/broken → VERDICT: FAIL (cite what you see)
+- zerops_verify healthy + page renders real content → VERDICT: PASS
+- agent-browser unavailable or URL unreachable → VERDICT: UNCERTAIN
+
+## Output (mandatory format)
+### Infrastructure
+zerops_verify status and check summary
+
+### Application
+what you observed — DOM content, JS errors, visual state
+
+### Evidence
+accessibility tree excerpt or error details
+
+### VERDICT: PASS or FAIL or UNCERTAIN — one-line justification
+""")
+```
+
+
 ----------------------------------------
 
 # Guides > Vpn
 
-Zerops VPN uses WireGuard via `zcli vpn up ` — connects to one project at a time, services accessible by hostname, but env vars are NOT available through VPN.
+
+Zerops VPN uses WireGuard via `zcli vpn up <project-id>` — connects to one project at a time, services accessible by hostname, but env vars are NOT available through VPN.
+
 ## Commands
 ```bash
-zcli vpn up                     # Connect
-zcli vpn up  --auto-disconnect  # Auto-disconnect on terminal close
-zcli vpn up  --mtu 1350        # Custom MTU (default 1420)
+zcli vpn up <project-id>                    # Connect
+zcli vpn up <project-id> --auto-disconnect  # Auto-disconnect on terminal close
+zcli vpn up <project-id> --mtu 1350        # Custom MTU (default 1420)
 zcli vpn down                               # Disconnect
 ```
+
 ## Behavior
 - All services accessible via hostname (e.g., `db`, `api`) — `.zerops` suffix optional
 - **One project at a time** — connecting to another disconnects the current
 - Automatic reconnection with daemon
 - **Environment variables NOT available** through VPN — use GUI or API to read them
+
 ## Hostname Resolution
 - Both plain hostname (`db`) and suffixed (`db.zerops`) work — VPN configures a DNS search domain
 - Plain hostname is resolved via the `.zerops` search domain automatically (e.g., `db` → `db.zerops`)
 - Example: `postgresql://user:pass@db:5432/mydb` or `postgresql://user:pass@db.zerops:5432/mydb`
 - Note: CLI tools like `dig`, `nslookup`, `host` bypass the system resolver and may show false NXDOMAIN — use `dscacheutil -q host -a name db` on macOS to verify, or just test with `nc -zv db 5432`
+
 ## Troubleshooting
+
 | Problem | Solution |
 |---------|----------|
 | Interface already exists | `zcli vpn down` then `zcli vpn up` |
@@ -11638,21 +16600,29 @@ zcli vpn down                               # Disconnect
 | Conflicting VPN | Use `--mtu 1350` |
 | Ubuntu 25.* issues | Install AppArmor utilities |
 | Ubuntu 25.* issues | Install AppArmor utilities |
+
 ## Gotchas
 1. **No env vars via VPN**: Must read env vars from GUI or API — VPN only provides network access
 2. **One project at a time**: Cannot connect to multiple projects simultaneously
 3. **Hostname resolution**: Both `hostname` and `hostname.zerops` work (VPN sets up DNS search domain). Use plain hostname for simplicity. If resolution fails on Windows, add `zerops` to DNS suffix list in Advanced TCP/IP Settings.
 
+
 ----------------------------------------
 
 # Guides > Zerops Yaml Advanced
 
+
 Behavioral semantics for advanced zerops.yml features: health/readiness checks, deploy strategies, cron, background processes, runtime init, envReplace, routing, and `extends`. Schema is in grammar.md -- this file covers what the schema cannot express.
+
 ---
+
 ## Health Check Behavior
+
 Health checks run **continuously** on every container after startup. Two types (mutually exclusive):
+
 - **`httpGet`**: GET to `localhost:{port}{path}`. Success = 2xx. Runs **inside** the container. Use `host` for custom Host header, `scheme: https` only if app requires TLS.
 - **`exec`**: Shell command, success = exit 0. Has access to all env vars. Use YAML `|` for multi-command scripts.
+
 | Parameter | Purpose |
 |-----------|---------|
 | `failureTimeout` | Seconds of consecutive failures before container restart |
@@ -11660,11 +16630,17 @@ Health checks run **continuously** on every container after startup. Two types (
 | `recoveryTimeout` | Seconds of success before restarted container receives traffic again |
 | `execPeriod` | Interval in seconds between check attempts |
 | `execPeriod` | Interval in seconds between check attempts |
+
 **Failure sequence**: repeated failures -> `disconnectTimeout` removes from LB -> `failureTimeout` triggers restart -> `recoveryTimeout` gates traffic reconnection.
+
 **DO NOT** configure both `httpGet` and `exec` in the same block.
+
 ---
+
 ## Readiness Check Behavior
+
 Runs **only during deployments** to gate traffic switch to a new container.
+
 ```yaml
 deploy:
   readinessCheck:
@@ -11672,19 +16648,29 @@ deploy:
     failureTimeout: 60
     retryPeriod: 10
 ```
+
 **How it works**: Checks the **new** container at `localhost`. Until it passes, traffic stays on the old container. After `failureTimeout`, deploy fails and the old container remains active.
+
 **DO NOT** confuse with healthCheck -- readiness gates a deploy; healthCheck monitors continuously after.
+
 > **Dev/stage distinction**: In dev+stage pairs, healthCheck and readinessCheck belong ONLY on the stage entry. Dev services use `start: zsc noop --silent` — the agent controls server lifecycle via SSH. Adding healthCheck to dev causes unwanted container restarts during iteration.
+
 ---
+
 ## temporaryShutdown
+
 | Value | Behavior | Downtime |
 |-------|----------|----------|
 | `false` (default) | New containers start first, old removed after readiness | None (zero-downtime) |
 | `true` | All old containers stop, then new ones start | Yes |
 | `true` | All old containers stop, then new ones start | Yes |
+
 Use `true` when: exclusive DB migration access needed, or brief downtime acceptable. Use `false` for: production web services, APIs, user-facing apps.
+
 ---
+
 ## Crontab Execution
+
 ```yaml
 run:
   crontab:
@@ -11693,11 +16679,17 @@ run:
       workingDir: /var/www/html
       allContainers: false
 ```
+
 Parameters: `command` (required), `timing` (required, 5-field cron: `min hour dom mon dow`), `workingDir` (default `/var/www`), `allContainers` (`false` = one container, `true` = all containers).
+
 Cron runs inside the runtime container with full env var access. When `allContainers: false`, Zerops picks **one** container (good for DB jobs). Use `true` for cache clearing or log rotation everywhere. Minimum granularity is 1 minute.
+
 ---
+
 ## startCommands (Background Processes)
+
 Runs **multiple named processes** in parallel. **Mutually exclusive** with `start`.
+
 ```yaml
 run:
   startCommands:
@@ -11708,9 +16700,13 @@ run:
       initCommands:
         - litestream restore -if-replica-exists -if-db-not-exists $DB_NAME
 ```
+
 Each entry: `command` (required), `name` (required), `workingDir` (optional), `initCommands` (optional, per-process init). **DO NOT** use both `start` and `startCommands`.
+
 ---
+
 ## initCommands vs prepareCommands
+
 | Feature | `run.initCommands` | `run.prepareCommands` |
 |---------|-------------------|----------------------|
 | **When** | Every container start/restart | Only when building runtime image |
@@ -11719,19 +16715,28 @@ Each entry: `command` (required), `name` (required), `workingDir` (optional), `i
 | **Deploy files** | Present in `/var/www` | **Not available** -- DO NOT reference app files |
 | **Reruns on** | Restart, scaling, deploy | Only when commands change |
 | **Reruns on** | Restart, scaling, deploy | Only when commands change |
+
 ---
+
 ## envReplace (Variable Substitution)
+
 Replaces placeholders in deployed files with env var values at deploy time.
+
 ```yaml
 run:
   envReplace:
     delimiter: "%%"
     target: [./config/, ./templates/settings.json]
 ```
+
 File containing `%%DATABASE_URL%%` gets the placeholder replaced with the actual value. Multiple delimiters supported: `delimiter: ["%%", "##"]`. Use for: secrets in config files, PEM certificates, frontend configs.
+
 **Directory targets are NOT recursive** -- `./config/` processes only files directly in that directory. Specify subdirectories explicitly.
+
 ---
+
 ## routing (Static Services Only)
+
 ```yaml
 run:
   routing:
@@ -11743,13 +16748,18 @@ run:
       - for: "/*"
         values: { X-Frame-Options: "'DENY'" }
 ```
+
 - **`cors`**: Sets Access-Control-Allow-Origin. `"*"` auto-converted to `'*'`
 - **`redirects[]`**: `from` (wildcards `*`), `to`, `status`, `preservePath`, `preserveQuery`
 - **`headers[]`**: `for` (path pattern), `values` (header key-value pairs)
 - **`root`**: Custom root directory
+
 **DO NOT** use on non-static services -- silently ignored.
+
 ---
+
 ## extends (Configuration Inheritance)
+
 ```yaml
 zerops:
   - setup: base
@@ -11759,7 +16769,9 @@ zerops:
     extends: base
     run: { envVariables: { NODE_ENV: production } }
 ```
+
 Supports single parent (`extends: base`) or multiple parents (`extends: [base, logging]`) -- later parents override earlier ones:
+
 ```yaml
 zerops:
   - setup: base
@@ -11770,19 +16782,26 @@ zerops:
     extends: [base, logging]
     run: { envVariables: { NODE_ENV: production } }
 ```
+
 Configuration is **merged at the section level** -- child values override parent values within each section (build, run, deploy), but unspecified sections inherit from parent. Must reference another `setup` name in the same file.
+
 ## Base Images
+
 Available runtimes and versions are listed in **Service Stacks (live)** -- injected by `zerops_knowledge` and workflow responses. Some key rules:
+
 - PHP: build `php@X`, run `php-nginx@X` or `php-apache@X` (different bases)
 - Deno, Gleam: REQUIRES `os: ubuntu` (not available on Alpine)
 - Static sites: build `nodejs@latest`, run `static`
 - `@latest` = newest stable version
+
 ---
 
+
 ----------------------------------------
 
 # Homepage
 
+
 export const runtimes = [
     { name: "Node.js", link: "/nodejs/overview", icon:  },
     { name: "PHP", link: "/php/overview", icon:  },
@@ -11798,11 +16817,13 @@ export const runtimes = [
     { name: "Nginx", link: "/nginx/overview", icon:  },
     { name: "Static", link: "/static/overview", icon:  },
 ]
+
 export const containers = [
     { name: "Ubuntu", link: "/ubuntu/overview", icon:  },
     { name: "Alpine", link: "/alpine/overview", icon:  },
     { name: "Docker", link: "/docker/overview", icon:  },
 ]
+
 export const databases = [
     { name: "PostgreSQL", link: "/postgresql/overview", icon:  },
     { name: "MariaDB", link: "/mariadb/overview", icon:  },
@@ -11816,58 +16837,109 @@ export const databases = [
     { name: "ClickHouse", link: "/clickhouse/overview", icon:  },
     { name: "KeyDB", link: "/keydb/overview", icon:  },
 ]
+
 export const storages = [
     { name: "Object storage", link: "/object-storage/overview", icon:  },
     { name: "Shared storage", link: "/shared-storage/overview", icon:  },
 ]
+
+<div className="!max-w-xxl !mx-none">
+
 Zerops is a **developer-first Platform-as-a-Service**, running on bare metal, with every part built from scratch. Zerops aims to be the perfect mix of **developer experience**, **flexibility**, **scalability** and **affordability**, making it a great fit for applications of any size, complexity and traffic.
+
 ## Natively supported services
+
 ### Runtimes & web servers
+
 For these services Zerops provides pre-prepared build and runtime images and flexible pipeline that allows you to modify them and build your applications.
+
 ### Linux containers & VMs
+
 These services can be deployed either as plain Linux containers or using Docker images, giving you flexibility to run any application or service.
+
 ### Databases, search engines & message brokers
+
 These services are fully managed by Zerops and offered in highly available and single container modes.
+
 ### Storages
+
 Fully managed S3 compatible storage running on a separate infrastructure and persistent disk that can be mounted to multiple services.
+
 ## Quicklinks
+
+- [zCLI](/references/cli)
+- [zerops.yaml](/zerops-yaml/specification)
+- [Import file](/references/import)
+
 ## Feature highlights
+
 Four concepts that play together to make Zerops developer-first and live up to the claim "no matter the size or environment".
+
 ### ➡️ Custom dedicated infrastructure deployed with each project
+
 Zerops is made of three levels: **project** -> **service** -> **container**. For each project Zerops deploys dedicated **core services**, these consist of:
+
 - **L3 balancer** with a firewall and unique IP addresses assigned to it, this serves as the main entry point from the internet,
 - **Logger** and **Statistics** containers that gather logs and resource metrics from all services inside the project and allow for log forwarding
 - **L7 load balancer** that handles and routes http traffic, SSL termination and SSL certificates
+
 User services (which consist of one or more containers) inside the project share a private network created with VXLAN, have resources isolated with cgroups and can securely communicate with each other simply by using the hostname and ports and read and reference each other's environment variables.
+
 :::tip[**What does this mean for you?**]
+
 You get a fully managed, professional infrastructure setup that will scale no matter how much traffic you get and deals with all the networking, balancing and security stuff, so you can just focus on your actual applications.
-Read more about the project infrastructure
+
+[Read more about the project infrastructure](/features/infrastructure)
+
 :::
+
 ### ➡️ Granular resource configuration, autoscaling and high availability of services
+
 Zerops has fully automatic horizontal and vertical scaling with configuration steps as small as 0.125 GB RAM and 1 CPU core. Your runtime services can go from a single container with 0.25 RAM and 1 CPU core to 10 containers each with 32 GB RAM and 10 CPU cores and then back in a matter of minutes. At the same time, all database and storage services are offered in well-crafted setups that go through performance optimizations while scaling and are available in both non-HA (single container) and high availability (multiple containers and balancers) modes.
+
 :::tip[**What does this mean for you?**]
+
 You won't ever overprovision or underprovision your resources and your services will always have the exact resources they need. There won't be any cutting corners like sharing too few CPU cores between too many services. You will be able to rely on professional, reliable and highly available database setups with auto-repairing abilities that will scale along with your applications.
-Read more about autoscaling and high availability
+
+[Read more about autoscaling and high availability](/features/scaling)
+
 :::
+
 ### ➡️ Full Linux OS containers with a powerful, flexible build and deploy pipeline
+
 Zerops uses Incus to create containers, which means that you get a full Linux OS, either Ubuntu or Alpine, depending on your choices. This provides the perfect middle ground between a containerized process (Docker) and a full-fledged VM (Proxmox). Zerops provides build and runtime bases for all the popular runtime technologies and a powerful and flexible pipeline that allows you to modify and cache both the build and runtime images. This circumvents the need for Docker registries. The pipeline can be triggered either automatically, by connecting the service with GitHub or GitLab repositories, or manually using our CLI - either for triggering from your machine, or from any existing CI/CD process.
+
 :::tip[**What does this mean for you?**]
+
 You get a built-in powerful and flexible pipeline to modify build and runtime images and deploy your code, without any downtime. It can be used standalone or easily plugged into any existing CI/CD process.
-Read more about the build and deploy pipeline
+
+[Read more about the build and deploy pipeline](/features/pipeline)
+
 :::
+
 ### ➡️ Pricing model that doesn't get in the way of good development practices
+
 "Simple and predictable pricing"... is what others say and what we actually do. In Zerops, cost per hardware resource (CPU, RAM, Disk) is 3-5x cheaper than with popular alternatives. And there are no plans, no feature tiers, no fees for seats. PaaS is just hardware with a cherry and bow on top, so why would we charge you for anything else but hardware resources?
+
 :::tip[**What does this mean for you?**]
+
 You get a powerful managed platform with all the best features unlocked for a price that's nearly on par with VPS. You can create as many environments as you need, even one for each developer working on a project, all with the same infrastructure as production, so they can utilize Zerops for their local development. No more "but it works on my machine".
+
 :::
+</div>
+
 
 ----------------------------------------
 
 # Java > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Java application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -11876,47 +16948,60 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: java@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - ./mvnw clean install
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: target/app.jar
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: some_file
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: java@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Java environment by installing additional
       # dependencies to the base Java runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Java application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Java application start command
       start: java -jar target/app.jar
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -11927,6 +17012,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -11936,11 +17022,17 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Java builds:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -11951,13 +17043,19 @@ zerops:
       base: java@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected version
-  of Java, Zerops command line tool, `git` and
+  of Java, [Zerops command line tool](/references/cli), `git` and
   `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -11971,34 +17069,52 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Java defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12007,6 +17123,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: java@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -12014,20 +17131,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/java/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12036,96 +17164,138 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: java@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - ./mvnw clean install
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it. Suppose your `mvnw` executable file is in a `cmd` directory.
+
 ```yaml
 buildCommands:
   - |
     cd cmd
     ./mvnw clean install
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command. Suppose your `mvnw` executable file is in a `cmd` directory.
+
 ```yaml
 buildCommands:
   - cd cmd
   - ./cmd/mvnw clean install
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/java/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the `-X` debug option.
+
 ```yaml
 buildCommands:
   - ./mvnw -X clean install
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app.jar
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - api
   - app.jar
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -12137,22 +17307,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -12161,6 +17342,7 @@ zerops:
     build:
       base: java@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         DB_NAME: db
@@ -12168,12 +17350,18 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/java/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Java version for your runtime.
+
 Following options are available for Java builds:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12183,18 +17371,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: java@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: java@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the selected major
   version of Java, Zerops command line tool, git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12204,6 +17399,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: java@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -12213,44 +17409,75 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Java service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access a Java service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the Java runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Java environment contains {data.alpine.default}, the selected major
-  version of Java, Zerops command line tool and
+  version of Java, [Zerops command line tool](/references/cli) and
   `git` and `wget`. To install additional packages or tools add one or more
   prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12258,6 +17485,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -12267,27 +17495,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/java/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the selected
-  major version of Java, Zerops command line tool and `git` and `wget`.
+  major version of Java, [Zerops command line tool](/references/cli) and `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -12296,6 +17542,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -12305,15 +17552,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -12322,22 +17574,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Java application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/java/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/java/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -12351,57 +17616,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/java/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Java application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Java application start command
       start: java -jar target/app.jar
 ```
+
 We recommend starting your Java application using `java -jar target/app.jar`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Java application start command
       start: java -jar target/app.jar
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -12409,30 +17701,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Java application.
+
+        The command has access to the same [environment variables](/java/how-to/create#set-secret-environment-variables) as your Java application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Java application start command
       start: java -jar target/app.jar
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -12441,13 +17750,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -12456,40 +17770,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/java/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -12498,30 +17834,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/java/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Java application.
+
+        The command has access to the same [environment variables](/java/how-to/create#set-secret-environment-variables) as your Java application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -12533,8 +17887,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/java/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Java > How To > Build Process
@@ -12551,35 +17907,60 @@ Read more about how the [readiness check works](/java/how-to/deploy-process#read
 
 # Java > How To > Create
 
+
 Zerops provides a Java runtime service with extensive build support. Java runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Java service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Java service:
+
+[Video: /vids/services/java.webm](/vids/services/java.webm)
+
 ### Choose Java version
+
 Following Java versions are currently supported:
+
 :::info
 You can [change](/java/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/java/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Java service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Java service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/java/how-to/create#create-a-project-description-file)
 3. [Create a project with a Java and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -12600,13 +17981,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Java version 1 service with default [auto scaling](/java/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/java/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -12651,98 +18037,143 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Java service and a [PostgreSQL](/postgresql/overview) service.
+
 Java service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Java service will run on version 1 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Java service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/java/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/java/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/java/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/java/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Java service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -12763,33 +18194,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Java service version 1 with default [auto scaling](/java/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Java > How To > Customize Runtime
 
-Build tools: When you need Maven, Gradle, or other build tools not included by default',
-  'Native libraries: When your Java dependencies require system libraries that aren\'t in the default environment',
-  'Application servers: When you need Tomcat, Jetty, or other application servers',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -12843,14 +18279,23 @@ Build tools: When you need Maven, Gradle, or other build tools not included by d
 
 # Java > Overview
 
+
 # Java overview
+
 [Java ↗](https://www.java.com/en/) is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-java-hello-world), a **_recipe_**, containing the most simple Java web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Java running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Java running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "java" recipe on Zerops](https://app.zerops.io/recipe/?lf=java)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-java-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -12862,97 +18307,162 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-java-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/java/how-to/create) — Dive in all Zerops has to offer for your Java application.
+
 ## Feature Highlights
+
+- [Create Java service](/java/how-to/create) — Start with creating a Java service using GUI or zCLI.
+- [zerops.yaml](/java/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/java/how-to/scaling) — Set up scaling of your Java application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/java/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/java/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/java/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Kafka > Overview
 
+
 Zerops provides a fully managed [Apache Kafka](https://kafka.apache.org/) messaging platform with automated scaling and zero infrastructure overhead, letting developers focus entirely on development.
+
 ## Supported Versions
+
 Currently supported Kafka version:
+
 Import configuration version:
+
+- `kafka@3.9`
+- `kafka@3.8`
+
 ## Service Configuration
+
 Our Kafka implementation features optimized default settings designed for common use cases.
+
 ### Key Configuration
+
 * **Client Connections:** Data brokers available on port `9092`
 * **Authentication:** Secure SASL PLAIN with automatically generated credentials
 * **Data Persistence:** Topic data stored indefinitely (no time or size limit)
 * **Performance:** Optimized settings for reliability and throughput
+
 ### Resource Allocation
+
 Zerops automatically allocates resources to your Kafka service based on demand:
+
 * **Memory:** Up to 40GB RAM for high-performance message processing
 * **Storage:** Up to 250GB for persistent storage of messages and logs
 * **Auto-scaling:** Resources scale up and down automatically based on workload
+
 ## Deployment Modes
+
 :::important
 Deployment mode is selected during service creation and cannot be changed later.
 :::
+
 ### High-Availability (HA) Setup
+
 The recommended solution for production workloads and mission-critical data:
+
 * Creates a multi-node Kafka cluster with 3 broker nodes
 * Configures 6 partitions across the cluster
 * Implements replication factor of 3 (each broker node has a copy of each partition)
 * Default topic replication is also 3 (overridable by user application)
 * Zerops automatically attempts to repair the cluster and data replication in case of a node failure
+
 ### Single Node Instance
+
 Suitable for development and testing environments:
+
 * Consists of 1 broker node
 * Configures 3 partitions
 * No data replication
 * Lower resource requirements
+
 :::note
 Use for development or non-critical data only, as data loss may occur due to container volatility.
 :::
+
 ## Authentication Management
+
 Authentication credentials are automatically generated and managed by the platform using SASL PLAIN authentication.
+
 **Access your credentials through:**
 * The service access details in the Zerops GUI
 * Environment variables in your service configuration:
   * `user` - Username for authentication
   * `password` - Generated secure password
   * `port` - Kafka port (value: `9092`)
+
 ## Client Access
+
 Client implementations differ, please refer to your chosen client's configuration manual for specific details.
+
 ### Access Methods
+
 #### Seed Broker Connection
 Connect to the Kafka cluster using the "seed" (or "bootstrap") broker server:
 ```
-:9092
+<hostname>:9092
 ```
+
 #### Specific Broker Access
 To access a single specific broker or a list of all/some brokers:
 ```
-node-stable-1.db..zerops:9092,node-stable-2.db..zerops:9092,...
+node-stable-1.db.<hostname>.zerops:9092,node-stable-2.db.<hostname>.zerops:9092,...
 ```
+
 ## Best Practices
+
 ### Production Workloads
 * Use HA mode for all production deployments
 * Configure proper retention policies for your topics based on your data requirements
 * Monitor consumer lag to ensure messages are being processed efficiently
 * Use consumer groups to distribute processing load
+
 ### Development Environments
 * Single node instances are suitable for development and testing
 * Be aware of potential data loss in non-HA deployments
 * Consider using smaller message sizes during development to reduce resource usage
+
 ## Support
+
 For advanced configurations or custom requirements:
 * Join our [Discord community](https://discord.gg/zerops)
 * Contact support via [email](mailto:support@zerops.io)
@@ -12961,10 +18471,15 @@ For advanced configurations or custom requirements:
 
 # Keydb > How To > Connect
 
+
 ## Copy access details from Zerops GUI
+
 You will find the KeyDB access details under the **Access details** button in the project dashboard page.
+
 The same information is available in the service detail page in the left menu under the **Peek access details** button.
+
 ### KeyDB access parameters:
+
 | Parameter             | Description                                                                      |
 | --------------------- | -------------------------------------------------------------------------------- |
 | **Hostname**          | The service hostname specified when the KeyDB service was created.               |
@@ -12973,26 +18488,43 @@ The same information is available in the service detail page in the left menu un
 This port is fixed for all KeyDB services and cannot be customized. |
 | **Connection string** | The connection string for KeyDB service is:
 `redis://{hostname}:6379`        |
+
 ## Connect to KeyDB from runtime services of the same project
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 #### Example
+
 To connect to KeyDB `database1` service, set
+
 ```
 host = database1
 ```
+
 You will find the password under the [**Access details**](#copy-access-details-from-zerops-gui) button in Zerops GUI.
+
 :::caution
 Do not use SSL/TLS protocols when connecting to KeyDB from other runtime services in the same project. Zerops KeyDB is not configured to support these protocols. The security is assured by the project private network. Due to security reasons Zerops doesn't allow exposing KeyDB service to the internet.
 :::
+
 ## Use KeyDB environment variables
+
 Zerops creates default environment variables for each KeyDB service to help you with connection from runtime services in the same project. To avoid the need to copy database access parameters manually, use environment variables in your [runtime service].
+
 ### Prefix the environment variable key
+
 All services of the same project can reference environment variables from other services. To use an environment variable from one service in another service in the same project, you must prefix the environment variable key with the service hostname and underscore.
+
 #### Example
+
 To access the `connectionString` env variable of the `keydb1` service, use `keudb1_connectionString` as the env variable key.
+
 ### KeyDB environment variables
+
 List of service environment variables is available in Zerops GUI. Go to a KeyDB service detail and choose **Environment variables** in the left menu.
+
 Zerops creates following environment variables when the KeyDB service is created:
+
 | Variable              | Description                                                                      |
 | --------------------- | -------------------------------------------------------------------------------- |
 | **Hostname**          | The service hostname specified when the KeyDB service was created.               |
@@ -13003,26 +18535,41 @@ This port is fixed for all KeyDB services and cannot be customized. |
 | **serviceId**         | ID of the KeyDB service. Generated by Zerops.                                    |
 | **Connection string** | The connection string for KeyDB service is:
 `redis://{hostname}:6379`        |
+
 You can create own custom [environment variables](/features/env-variables) for the KeyDB service in Zerops GUI and use them in the same way as the default variables.
+
 ## Connect to KeyDB in Zerops remotely
+
 :::caution
 Due to security reasons Zerops doesn't allow exposing KeyDB service directly to the internet.
 :::
+
 ### Start VPN connection
+
 You can securely connect to KeyDB from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool. To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn#start-vpn)
+
 ### Access KeyDB through VPN
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](#use-keydb-environment-variables) are available when connected through VPN. To connect to KeyDB in Zerops you have to copy the [access details](#copy-access-details-from-zerops-gui) manually from Zerops GUI.
+
 :::caution
 Do not use SSL/TLS protocols when connecting to KeyDB over VPN. Zerops KeyDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 ### Stop VPN connection
+
 [Stop the Zerops VPN](/references/networking/vpn#stop-vpn) in zCLI.
+
 ### Connect to KeyDB from another Zerops project
+
 All services of the same project share a **dedicated private network**. You can use the service hostname to connect from one service to another within the same project.
+
 Different Zerops projects have no special connection. They can communicate with each other only via the internet. If you need to connect to a KeyDB service in a Zerops project from a runtime service in another project, you need to use the [Zerops VPN](#access-keydb-through-vpn). Due to security reasons Zerops doesn't allow exposing KeyDB service directly to the internet.
 
+
 ----------------------------------------
 
 # Keydb > How To > Control
@@ -13033,44 +18580,70 @@ Different Zerops projects have no special connection. They can communicate with
 
 # Keydb > How To > Create
 
+
 [KeyDB ↗](https://docs.keydb.dev/) is a fully open source database, backed by Snap, and a faster drop in alternative to Redis.
+
 ## Create KeyDB using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new KeyDB service:
+
 ### Choose KeyDB version
+
 Following KeyDB versions are currently supported:
+
 ### Set a hostname
+
 Enter a unique service identifier like `keydb`, `db` etc.
+
 #### Limitations:
+
 - Duplicate services with the same name within the same project are not allowed
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Configure auto scaling
+
 Zerops automatically scales KeyDB services based on actual database usage. Configure the scaling parameters to match your database needs and control costs.
+
 **CPU Mode**: Choose between shared (cost-effective) or dedicated (consistent performance).
+
 **Resource Limits**: Set minimum and maximum resources for CPU, RAM, and disk to control costs and ensure performance.
+
 **Deployment Mode**: Choose the reliability configuration for your KeyDB service:
+
 - **Highly Available**: Multiple containers with redundancy across different physical machines. Recommended for production environments.
 - **Single Container**: One container suitable for development and non-critical environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 :::tip Learn More
 For detailed scaling configuration, deployment mode details, and troubleshooting, see:
 - [How Zerops scales KeyDB](/keydb/how-to/scale) - Database-specific scaling guide
 - [Automatic Scaling and High Availability](/features/scaling) - Complete technical details
 :::
+
 ## Create KeyDB using zCLI
+
 zCLI is the Zerops command-line tool. To create a new KeyDB service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](#create-a-project-description-file)
 3. Create a project and a KeyDB service
+
 ### Create a project description file
+
 Zerops uses a yaml format file to describe the project infrastructure.
+
 #### Basic example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
@@ -13085,9 +18658,13 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one KeyDB service in single container mode with default [auto scaling](/keydb/how-to/scale) configuration. Hostname will be set to `keydb1`.
+
 #### Full example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
@@ -13126,103 +18703,163 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain two KeyDB services.
+
 The hostname of the first service will be set to `keydb1`. The highly available mode will be chosen and the custom [auto scaling configuration](/keydb/how-to/scale) will be set.
+
 The hostname of the second service will be set to `keydb2`. The single container mode will be chosen and the default [auto scaling configuration](/keydb/how-to/scale) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains only KeyDB services but you can create a `description.yaml` with [different types] of services.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
+
         The hostname of the new database will be set to the `hostname` value.
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [KeyDB service types](/references/import-yaml/type-list#database-services) are currently supported.
-      
-      mode
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>mode</strong></td>
+      <td className="w-fit">
         Defines the operation mode of KeyDB service.
-        HA
-        
+
+        <strong>HA</strong>
+
         Creates a KeyDB cluster with 2 database containers. This mode is suited for production.
+
         Zerops always keeps the 2 database containers on different physical machines. All your data is stored redundantly in 2 identical copies. In case of a failure of a container or the underlying physical machine, Zerops automatically disconnects the failed container from the cluster, creates a new container and syncs all data from the remaining copy. Finally the broken container is automatically deleted.
-        NON_HA
-        
+
+        <strong>NON_HA</strong>
+
         Zerops will create a KeyDB database installed in a single container. Useful for non-essential data or dev environments.
+
         Your data is stored only in a single container. If the container or the underlying physical machine fails, your data since the last backup are lost. Zerops doesn't provide any automatic repairs of single node KeyDB services.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/keydb/how-to/scaling#configure-scaling).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 :::caution
 The KeyDB service **hostname** and **mode** are fixed after the service is created. They can't be changed later.
 :::
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add KeyDB service to an existing project
+
 #### Example
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```bash
 # array of project services
 services:
@@ -13234,208 +18871,317 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one KeyDB service in single container mode with default [auto scaling](/keydb/how-to/scale) configuration will be added to your project. Hostname of the new service will be set to `keydb1`.
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file](#create-a-project-description-file). The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the `import.yaml` file is 100 kB.
 
 ----------------------------------------
 
 # Keydb > How To > Manage
 
+
 ## How to use a database management tool on your workstation
+
 Do you already use a database management tool that supports KeyDB on your workstation? Connect it securely to KeyDB from your local workspace via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to KeyDB remotely](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely).
+
 :::caution
 Do not use SSL/TLS protocols when connecting to KeyDB over VPN. Zerops KeyDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 ## How to use KeyDB Client CLI on your workstation
+
 If you use the [keydb-cli ↗](https://docs.keydb.dev/docs/keydbcli/) command-line client to manage your KeyDB on your local workspace, you can connect it securely to KeyDB via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to KeyDB remotely](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely).
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely) are available when connected through VPN. To connect to KeyDB in Zerops you have to copy the [access details](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely) manually from Zerops GUI.
+
 Use `keydb-cli` command to connect to KeyDB in Zerops:
+
 ```sh
 keydb-cli -h [hostname]
 ```
+
 :::caution
 Do not use SSL/TLS protocols when connecting to KeyDB over VPN. Zerops KeyDB is not configured to support these protocols. The security is assured by the VPN.
 :::
 
+
 ----------------------------------------
 
 # Keydb > How To > Scale
 
+
 Zerops automatically scales your KeyDB service based on actual database usage. When your database needs more power, resources increase. When demand drops, resources scale down to reduce costs.
+
 :::tip Read More
 For complete scaling details across all services, see [Automatic Scaling and High Availability](/features/scaling).
 :::
+
 ## How KeyDB scaling works
+
 KeyDB services use **vertical scaling** to adjust CPU, RAM, and disk resources within containers based on usage patterns. Unlike runtime services, KeyDB does not use horizontal scaling (adding/removing containers). Instead, KeyDB services use deployment modes for high availability.
+
 ## Configure scaling
+
 You can configure scaling settings:
+
 - **During service creation** - Set initial scaling parameters when [creating](/keydb/how-to/create) your KeyDB service
 - **During import** - Define scaling configuration in your YAML import file using `verticalAutoscaling` parameters
 - **After service creation** - Navigate to your KeyDB service and select **Automatic scaling configuration** to modify settings
+
 ### Basic settings
-  
+
 **CPU Mode**: Choose between shared (cost-effective, variable performance) or dedicated (consistent performance, higher cost). You can change CPU mode once per hour. See [pricing](https://zerops.io/#pricing) for costs.
+
 **Resource limits**: Configure minimum and maximum resources for your KeyDB service:
+
 - **Lower the maximum** to control costs and prevent over-scaling
 - **Raise the minimum** when you need guaranteed baseline performance
 - **Set minimum = maximum** to disable automatic scaling for that specific resource
+
 **Deployment mode**: Choose the reliability configuration for your KeyDB service:
+
 - **Single Container**: One container with vertical scaling only. Suitable for development environments.
 - **Highly Available**: Multiple containers with built-in redundancy. Recommended for production environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 When a container fails in HA mode, Zerops automatically replaces it with a new container on a different physical machine and synchronizes data from healthy copies.
+
 ### Advanced settings
+
 **Start CPU cores**: Determines how many CPU cores are allocated during database startup. Increase this value if your KeyDB service starts slowly or requires more processing power during initialization.
+
 **RAM thresholds**: Help prevent out-of-memory crashes by maintaining buffer space:
+
 - **Absolute (GB)**: Maintains this amount of free RAM at all times
 - **Percentage**: Keeps this percentage of total RAM free
+
 Consider increasing these values if your database experiences memory-related issues.
-  
+
 :::info Read More
 For detailed technical parameters and scaling behavior, see [Automatic Scaling and High Availability](/features/scaling#resource-scaling-behavior).
 :::
+
 ## Monitor usage
+
 Navigate to your KeyDB service and select **Service containers & Overview** to view:
 - CPU, RAM, and disk usage over time
 - Historical scaling events
 - Container health status
+
 ## Technical details
+
 Zerops monitors database usage and automatically adjusts resources based on predefined thresholds and timing parameters. The scaling behavior follows the same principles as other services in the platform.
+
 For complete technical specifications including:
 - Resource monitoring intervals and thresholds
 - Scale-up and scale-down timing parameters
 - Scaling increments and steps
 - Detailed scaling behavior patterns
+
 See [Resource Scaling Behavior](/features/scaling#resource-scaling-behavior) in the general scaling documentation.
+
 ## Common issues
+
 **Out of memory errors**
 - Increase minimum free RAM settings in your scaling configuration
 - Consider raising the minimum RAM allocation
 - Check for memory-intensive operations
+
 **Higher than expected costs**
 - Consider lowering your maximum resource limits
 - Review scaling patterns in the monitoring dashboard
+
 **Slow database startup**
 - Increase the "Start CPU cores" setting
 - Consider switching to dedicated CPU mode for consistent performance
+
 *Need help? Join our [Discord community](https://discord.gg/zerops) for assistance!*
 
 ----------------------------------------
 
 # Keydb > Overview
 
+
 [KeyDB ↗](https://docs.keydb.dev/) is a fully open source database, a faster drop-in alternative to Redis. It offers enhanced performance, multithreading capabilities, and maintains full compatibility with Redis clients and APIs.
+
 :::important
 While KeyDB is available in Zerops, please note that KeyDB development has not been very active recently. For new Redis-compatible deployments, we recommend considering [Valkey](/valkey/overview) as the preferred alternative due to its active development and ongoing support.
 :::
+
 ## Feature Highlights
+
+- [Create KeyDB service](/keydb/how-to/create) — Start with creating a KeyDB service using GUI or zCLI.
+- [Import config file](/keydb/how-to/create#full-example) — Use an example config file to import your KeyDB service.
+
 ### Connect to KeyDB service
+
+- [Manage KeyDB database](/keydb/how-to/manage)
+- [Connect from the same project](/keydb/how-to/connect#connect-to-keydb-from-runtime-services-of-the-same-project)
+- [Connect remotely](/keydb/how-to/connect#connect-to-keydb-in-zerops-remotely)
+
 ## Popular Guides
+
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your KeyDB service securely with Zerops VPN.
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
 
 # Mariadb > How To > Backup
 
+
 Zerops provides automated data backup for MariaDB services with full encryption and flexible management options.
+
 For general backup information including configuration, scheduling, and management options, see the [Zerops Backups](/features/backup) documentation, which covers:
 - Backup scheduling and retention policies
 - Tagging system and storage quotas
 - Manual backup creation and CLI tools
 - Security and encryption details
+
 This page focuses on MariaDB-specific backup details.
+
 ## MariaDB Backup Format
+
 MariaDB backups are created using `mariabackup` and stored in `.xb.gz` format:
+
 - **Format**: `.xb.gz` (single archive)
 - **Tooling**: `mariabackup`
 - **Compression**: Uses `xbstream` format, gzip compressed
 - **Storage**: Encrypted and stored in isolated object storage
+
 ## Restoring MariaDB Backups
+
 To restore a MariaDB backup, follow these steps:
+
 :::tip
 If the backup is large and the export/import has higher demands, consider scaling up the RAM in the container before starting. You can use [zsc](/references/zsc) to temporarily scale up:
 ```bash
 zsc scale ram +2GB 10m
 ```
 :::
+
 ### Step 1: Deploy the restore helper service
+
 Import the [MariaDB restore recipe](https://github.com/zeropsio/recipe-mariadb-restore) as a service into the project where your MariaDB service is located.
+
 Use the `zerops-import.yaml` file from the repository to import the service. See the [import documentation](/references/import) for details, or follow the steps in the [recipe README](https://github.com/zeropsio/recipe-mariadb-restore?tab=readme-ov-file#deploy-on-zerops).
+
 ### Step 2: Get the backup download URL
+
 1. Navigate to your MariaDB service in the Zerops GUI
 2. Go to the **Backups List & Configuration** section
 3. Find the backup you want to restore
 4. Click the **three dots menu** (⋮) on that backup
 5. Select **Copy download link**
+
 ### Step 3: Run the backup script
+
 Connect to the `mariadbrestore` service using the GUI terminal or via [VPN](/references/networking/vpn) and [SSH](/references/networking/ssh).
+
 :::note
 To use environment variables from your MariaDB service in the backup and restore commands, make sure the `envIsolation` project variable is set to `none`. See [Environment Variable Isolation](/features/env-variables#environment-variable-isolation) and [Referencing Variables](/features/env-variables#referencing-variables) for details.
 :::
+
 Run the backup script:
+
 ```bash
-backup.sh -d  -u ""
+backup.sh -d <source_database_name> -u "<backup_download_url>"
 ```
+
 Verify the backup was created:
+
 ```bash
 ls -lh backup.sql
 ```
+
 :::note
 You can also verify the backup file exists by checking the **File browser** in the `mariadbrestore` service.
 :::
+
 :::info
 After the export completes, the terminal may become unresponsive. If this happens, refresh the terminal.
 :::
+
 ### Step 4: Import data to the target database
+
 Import the data to your target MariaDB database:
+
 ```bash
-mariadb -u  -h  -p  < backup.sql
+mariadb -u <target_user> -h <target_host> -p<target_password> <target_database_name> < backup.sql
 ```
+
 Alternatively, you can download the `backup.sql` dump file for later use or to restore to a database outside of Zerops.
+
 ## High Availability
+
 For MariaDB services running in High Availability mode:
 - Backups are created on a randomly selected healthy node
 - Other nodes remain operational during the backup process
 - Manual backups typically run on the primary node
+
 ## Best Practices
+
 - Always create a manual backup with a protected tag before database migrations or major schema changes
 - Test your restore process periodically in a non-production environment
 - Monitor your backup storage usage in the Project Overview
 - Use descriptive tags like `pre-migration-v2` for important snapshots
+
 For additional best practices and troubleshooting, refer to the [main backup documentation](/features/backup).
 
 ----------------------------------------
 
 # Mariadb > How To > Connect
 
+
 ## Default MariaDB database and user
+
 Zerops creates a default database and a default user automatically when a new MariaDB service is [created](/mariadb/how-to/create).
+
 #### Database
+
 The default database name is identical to the service hostname. The default encoding is set to `utf8mb4`.
+
 #### DB user
+
 Default user name is identical to the service hostname. Default user password is generated randomly. You will find the password in [Zerops GUI](/mariadb/how-to/connect#copy-access-details-from-zerops-gui) or you can use the [environment variable](#use-mariadb-environment-variables).
+
 :::info
 Zerops creates a second DB user: `zps` for maintenance reasons with full privileges. Do not delete, change the password or remove privileges from this user, it will disrupt Zerops ability to maintain the database cluster.
 :::
+
 ## Copy access details from Zerops GUI
+
 You will find the MariaDB access details under the **Access details** button in the project dashboard page.
+
 The same information is available in the service detail page in the left menu under the **Peek access details** button.
+
 ### MariaDB access parameters:
+
 | Parameter             | Description                                                                                                                          |
 | --------------------- | ------------------------------------------------------------------------------------------------------------------------------------ |
 | **Hostname**          | The service hostname specified when the MariaDB service was created.                                                                 |
@@ -13446,29 +19192,46 @@ This port is fixed for all MariaDB services and cannot be customized.
 | **Password**          | Zerops sets a random password when the service is created.                                                                           |
 | **Connection string** | The connection string for MariaDB service is:
 `mysql://${user}:${password}@{hostname}:3306`                                      |
+
 ## Connect to MariaDB from runtime services of the same project
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 #### Example
+
 To connect to MariaDB `database1` service, set
+
 ```
 host = database1
 user = database1
 password = **********
 ```
+
 You will find the password under the [**Access details**](/mariadb/how-to/connect#copy-access-details-from-zerops-gui) button in Zerops GUI.
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB from other runtime services in the same project. Zerops MariaDB is not configured to support these protocols. The security is assured by the project private network. Due to security reasons Zerops doesn't allow exposing MariaDB service to the internet.
 :::
+
 ## Use MariaDB environment variables
+
 Zerops creates default environment variables for each MariaDB service to help you with connection from runtime services in the same project. To avoid the need to copy database access parameters manually, use environment variables in your [runtime service].
+
 ### Prefix the environment variable key
+
 All services of the same project can reference environment variables from other services. To use an environment variable from one service in another service in the same project, you must prefix the environment variable key with the service hostname and underscore.
+
 #### Example
+
 To access the `connectionString` env variable of the `mariadb1` service, use `mariadb1_connectionString` as the env variable key.
 To access the `password` env variable of the `mariadb2` service, use `mariadb2_password` as the env variable key.
+
 ### MariaDB environment variables
+
 List of service environment variables is available in Zerops GUI. Go to a MariaDB service detail and choose **Environment variables** in the left menu.
+
 Zerops creates following environment variables when the MariaDB service is created:
+
 | Variable              | Description                                                                                                                                                                                                                                                                                                                                                       |
 | --------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | **Hostname**          | The service hostname specified when the MariaDB service was created.                                                                                                                                                                                                                                                                                              |
@@ -13479,35 +19242,52 @@ This port is fixed for all MariaDB services and cannot be customized.
 | **serviceId**         | ID of the MariaDB service. Generated by Zerops.                                                                                                                                                                                                                                                                                                                   |
 | **Connection string** | The connection string for MariaDB service is:
 `mysql://${user}:${password}@{hostname}:3306`
+
 Connection string contains [references](/mariadb/how-to/connect#mariadb-access-parameters) to `user` and `password` variables. Each time the `user` or `password` variable is updated, the `connectionString` variable is automatically updated as well. |
 | **User**              | Zerops creates a database user automatically when the service is created. The user name is always identical to the service hostname.                                                                                                                                                                                                                              |
 | **Password**          | Zerops sets a random password when the service is created.                                                                                                                                                                                                                                                                                                        |
+
 :::caution
 When you change the value of the password env variable, only the env variable is updated, not the actual password of the MariaDB user. You have to update the password of the database user manually.
 :::
 :::caution
 When you change the password of the default MariaDB user in the database, the new password is not synchronised to the password env variable. You have to update the `password` env variable manually.
 :::
+
 You can create own custom [environment variables](/features/env-variables) for the MariaDB service in Zerops GUI and use them in the same way as the default variables.
+
 ## Connect to MariaDB in Zerops remotely
+
 :::caution
 Due to security reasons Zerops doesn't allow exposing MariaDB service directly to the internet.
 :::
+
 ### Start VPN connection
+
 You can securely connect to MariaDB from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool. To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn#start-vpn)
+
 ### Access MariaDB through VPN
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](#use-mariadb-environment-variables) are available when connected through VPN. To connect to MariaDB in Zerops you have to copy the [access details](#copy-access-details-from-zerops-gui) manually from Zerops GUI.
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 ### Stop VPN connection
+
 [Stop the Zerops VPN](/references/networking/vpn#stop-vpn) in zCLI.
+
 ### Connect to MariaDB from another Zerops project
+
 All services of the same project share a **dedicated private network**. You can use the service hostname to connect from one service to another within the same project.
+
 Different Zerops projects have no special connection. They can communicate with each other only via the internet. If you need to connect to a MariaDB service in a Zerops project from a runtime service in another project, you need to use the [Zerops VPN](#access-mariadb-through-vpn). Due to security reasons Zerops doesn't allow exposing MariaDB service directly to the internet.
 
+
 ----------------------------------------
 
 # Mariadb > How To > Control
@@ -13518,50 +19298,80 @@ Different Zerops projects have no special connection. They can communicate with
 
 # Mariadb > How To > Create
 
+
 MariaDB is the open source relational database loved by developers all over the world. Created by MySQL's original developers, MariaDB is compatible with MySQL and guaranteed to stay open source forever.
+
 ## Create MariaDB using Zerops GUI
+
 :::note
 If you're migrating from another database system such as MySQL, please review the [migration information](#migrating-from-other-database-systems) section first, as some critical settings must be configured at creation time.
 :::
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new MariaDB service:
+
+[Video: /vids/services/mariadb.webm](/vids/services/mariadb.webm)
+
 ### Choose MariaDB version
+
 Following MariaDB versions are currently supported:
+
 ### Set a hostname
+
 Enter a unique service identifier like `mariadb`, `sql`, `db` etc.
+
 #### Limitations:
+
 - Duplicate services with the same name within the same project are not allowed
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Configure auto scaling
+
 Zerops automatically scales MariaDB services based on actual database usage. Configure the scaling parameters to match your database needs and control costs.
+
 **CPU Mode**: Choose between shared (cost-effective) or dedicated (consistent performance).
+
 **Resource Limits**: Set minimum and maximum resources for CPU, RAM, and disk to control costs and ensure performance.
+
 **Deployment Mode**: Choose the reliability configuration for your MariaDB service:
+
 - **Highly Available**: Multiple containers with redundancy across different physical machines. Recommended for production environments.
 - **Single Container**: One container suitable for development and non-critical environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 :::tip Learn More
 For detailed scaling configuration, deployment mode details, and troubleshooting, see:
 - [How Zerops scales MariaDB](/mariadb/how-to/scale) - Database-specific scaling guide
 - [Automatic Scaling and High Availability](/features/scaling) - Complete technical details
 :::
+
 ## Create MariaDB using zCLI
+
 :::note
 If you're migrating from another database system such as MySQL, please review the [migration information](#migrating-from-other-database-systems) section first, as some critical settings must be configured at creation time.
 :::
+
 zCLI is the Zerops command-line tool. To create a new MariaDB service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](#create-a-project-description-file)
 3. Create a project and a MariaDB service
+
 ### Create a project description file
+
 Zerops uses a yaml format file to describe the project infrastructure.
+
 #### Basic example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
@@ -13576,9 +19386,13 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one MariaDB 10.4 service in single container mode with default [auto scaling](/mariadb/how-to/scale) configuration. Hostname will be set to `mariadb1`.
+
 #### Full example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
@@ -13620,112 +19434,169 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain two MariaDB 10.4 services.
+
 The hostname of the first service will be set to `mariadb1`. The highly available mode will be chosen and the custom [auto scaling configuration](/mariadb/how-to/scale) will be set. The `lower_case_table_names` system variable will be set to "1".
+
 The hostname of the second service will be set to `mariadb2`. The single container mode will be chosen and the default [auto scaling configuration](/mariadb/how-to/scale) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains only MariaDB services but you can create a `description.yaml` with [different types] of services.
-  
-      Parameter
-      Description
-      Limitations
-    
-      hostname
-      A unique service identifier like `mariadb`,`sql`, `db` etc.
-      
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      Specifies the service type and version.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">A unique service identifier like `mariadb`,`sql`, `db` etc.</td>
+      <td className="w-fit">
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">Specifies the service type and version.</td>
+      <td className="w-fit">
         See what [MariaDB service types](/references/import-yaml/type-list#database-services) are currently supported.
-      
-      mode
-      Defines the operation mode of MariaDB service.
-      
-        HA
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>mode</strong></td>
+      <td className="w-fit">Defines the operation mode of MariaDB service.</td>
+      <td className="w-fit">
+        <b>HA</b>
+
         Zerops will create a MariaDB cluster with 3 database containers and 2
         free database proxies. This mode is suited for production.
-        
+
         Zerops always keep the 3 database containers on different physical
         machines. All your data is stored redundantly in 3 copies. In case of a
         failure of a container or the underlying physical machine, Zerops
         automatically disconnects the failed container from the cluster, creates
         a new container and syncs all data from the remaining 2 copies. Finally
         the broken container is automatically deleted.
-        
-        NON_HA
-        
+
+        <b>NON_HA</b>
+
         Zerops will create a MariaDB database installed in a single container.
         Useful for non-essential data or dev environments.
-        
+
         Your data is stored only in a single container. If the container or the
         underlying physical machine fails, your data since the last backup are
         lost. Zerops doesn't provide any automatic repairs of single node
         MariaDB services.
-      
-      verticalAutoscaling
-      Defines custom vertical auto scaling parameters
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">Defines [custom vertical auto scaling parameters](/mariadb/how-to/scaling#configure-scaling)</td>
+      <td className="w-fit">
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-       - cpuMode
-      Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-       - minCpu/maxCpu
-      Set the minCpu or maxCpu in CPU cores (integer).
-      
-       - minRam/maxRam
-      Set the minRam or maxRam in GB (float).
-      
-       - minDisk/maxDisk
-      Set the minDisk or maxDisk in GB (float).
-      
-      envSecrets
-      Defines [secret environment variables](/features/env-variables#2-secret-variables) for the service
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong> - cpuMode</strong></td>
+      <td className="w-fit">Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong> - minCpu/maxCpu</strong></td>
+      <td className="w-fit">Set the minCpu or maxCpu in CPU cores (integer).</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong> - minRam/maxRam</strong></td>
+      <td className="w-fit">Set the minRam or maxRam in GB (float).</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong> - minDisk/maxDisk</strong></td>
+      <td className="w-fit">Set the minDisk or maxDisk in GB (float).</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">Defines [secret environment variables](/features/env-variables#2-secret-variables) for the service</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 :::caution
 The MariaDB service **hostname** and **mode** are fixed after the service is created. They can't be changed later.
 :::
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add MariaDB service to an existing project
+
 #### Example
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```bash
 # array of project services
 services:
@@ -13740,56 +19611,87 @@ services:
     envSecrets:
       lower_case_table_names: "1"
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one MariaDB 10.4 service in single container mode with default [auto scaling](/mariadb/how-to/scale) configuration will be added to your project. Hostname of the new service will be set to `mariadb1`. The `lower_case_table_names` system variable will be set to "1".
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file](#create-a-project-description-file). The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the `import.yaml` file is 100 kB.
+
 ## Migrating from other database systems
+
 ### Configure system variables
+
 When migrating to MariaDB in Zerops from other database systems, you may need to configure specific system variables to maintain compatibility with your existing applications.
+
 #### Setting `lower_case_table_names` for MySQL compatibility
+
 The `lower_case_table_names` system variable determines how MariaDB handles table name case sensitivity:
-  
-      Value
-      Table Name Storage
-      Comparison Behavior
-    
-      0
-      Stored as specified (preserves case)
-      Case-sensitive
-    
-      1
-      Stored in lowercase
-      Case-insensitive
-    
-      2
-      Stored as specified (preserves case)
-      Case-insensitive
-    
-:::caution
-This variable must be configured when the MariaDB instance is first created and cannot be changed afterward. This is a limitation of MariaDB itself, not specific to Zerops.
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Value</strong></th>
+      <th className="w-fit"><strong>Table Name Storage</strong></th>
+      <th className="w-fit"><strong>Comparison Behavior</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>0</strong></td>
+      <td className="w-fit">Stored as specified (preserves case)</td>
+      <td className="w-fit">Case-sensitive</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>1</strong></td>
+      <td className="w-fit">Stored in lowercase</td>
+      <td className="w-fit">Case-insensitive</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>2</strong></td>
+      <td className="w-fit">Stored as specified (preserves case)</td>
+      <td className="w-fit">Case-insensitive</td>
+    </tr>
+  </tbody>
+</table>
+
+:::caution
+This variable must be configured when the MariaDB instance is first created and cannot be changed afterward. This is a limitation of MariaDB itself, not specific to Zerops.
 :::
+
 When configuring this in Zerops:
+
 - **Using GUI**: Set the `lower_case_table_names` parameter in the advanced options section when creating a new MariaDB service
 - **Using YAML**: Include it in your service configuration under the `envSecrets` section (see examples in the [Create MariaDB using zCLI](#create-mariadb-using-zcli) section)
+
 ##### Migration considerations
+
 If you're migrating from MySQL to MariaDB and your application relies on a specific table name case handling:
+
 1. Determine the value used in your source MySQL installation
 2. Configure the same value in your Zerops MariaDB configuration before initializing the database
 3. For most migrations from MySQL 5.7, setting the value to "1" is recommended for compatibility
+
 After deploying your MariaDB service, you can verify the settings with this SQL command:
+
 ```sql
 SELECT @@lower_case_file_system, @@lower_case_table_names;
 ```
+
 :::important
 If you need to change this setting after the database has been initialized, you'll need to create a new MariaDB service with the correct configuration and migrate your data.
 :::
@@ -13798,59 +19700,94 @@ If you need to change this setting after the database has been initialized, you'
 
 # Mariadb > How To > Export Import Data
 
+
 ## Use Adminer to export or import data
+
 [Adminer ↗](https://www.adminer.org) is an open source full-featured database management tool written in PHP.
+
 1. [Install Adminer to Zerops](/mariadb/how-to/manage#how-to-install-adminer-to-zerops)
 2. Use Adminer standard export or import functions
+
 ## Use phpMyAdmin to export or import data
+
 [phpMyAdmin ↗](https://www.phpmyadmin.net) is a free software tool written in PHP, intended to handle the administration of MariaDB over the Web.
+
 1. [Install phpMyAdmin to Zerops](/mariadb/how-to/manage#how-to-install-phpmyadmin-to-zerops)
 2. Use phpMyAdmin standard export or import functions
+
 ## Use a database management tool on your workstation to export or import data
+
 Do you already use a database management tool that supports MariaDB on your workstation? Connect it securely to MariaDB from your local workspace via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to MariaDB remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely).
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 Once the connection to MariaDB is established, use the standard export or import functions of your favourite management tool.
+
 ## Use mysql CLI to export or import data
+
 If you are using the [mysql ↗](https://dev.mysql.com/doc/refman/8.1/en/mysql.html) command-line client to manage your MariaDB on your local workspace, you can connect it securely to MariaDB via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to MariaDB remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely).
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](/mariadb/how-to/connect#use-mariadb-environment-variables) are available when connected through VPN. To connect to MariaDB in Zerops you have to copy the [access details](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely) manually from Zerops GUI.
+
 Use [mysql ↗](https://dev.mysql.com/doc/refman/8.1/en/mysql.html) command to connect to MariaDB in Zerops:
+
 ```sh
 mysql -h [hostname] -u [user] -p [password] [database_name]
 ```
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 To export your database data and structure, use the [mysqldump ↗](https://dev.mysql.com/doc/refman/8.1/en/mysqldump.html) command.
+
 ```sh
 mysqldump -h [hostname] -u [user] –p [password] [database_name] > dumpfilename.sql
 ```
+
 To import your database data and structure, use the `mysql` command.
+
 ```sh
 mysql -h [hostname] -u [user] –p [password] [database_name] < dumpfilename.sql
 ```
 
+
 ----------------------------------------
 
 # Mariadb > How To > Manage
 
+
 ## Default database and user
+
 Zerops creates a default database and a default user automatically when a new MariaDB service is [created](/mariadb/how-to/create).
+
 #### Database
+
 The default database name is identical to the service hostname. The default encoding is set to `utf8mb4`.
+
 #### DB user
+
 Default user name is identical to the service hostname. Default user password is generated randomly. You will find the password in [Zerops GUI](/mariadb/how-to/connect#copy-access-details-from-zerops-gui) or you can use the [environment variable](/mariadb/how-to/connect#use-mariadb-environment-variables).
+
 :::info
 Zerops creates a second DB user: `zps` for maintenance reasons with full privileges. Do not delete, change the password or remove privileges from this user, it will disrupt Zerops ability to maintain the database cluster.
 :::
+
 ## How to install Adminer to Zerops
+
 [Adminer ↗](https://www.adminer.org) is a open source full-featured database management tool written in PHP.
+
 ### Single-click installation
+
 To install Adminer into your project, open your project in Zerops GUI and select **import services** in the left menu.
+
 Copy the following yaml file into the text area and start the import:
+
 ```yaml
 services:
   - # Service will be accessible through zCLI VPN under: http://adminer
@@ -13866,25 +19803,41 @@ services:
     # Link to Zerops repository that contains Adminer code with Zerops build and deploy instructions.
     buildFromGit: https://github.com/zeropsio/recipe-adminer@main
 ```
+
 When the import is finished, Adminer will be running as a PHP service in your project.
+
 ## How to access Adminer
+
 ### Use Zerops VPN
+
 By default Adminer service is private and is accessible from your local workstation over VPN.
+
 You can securely connect to MariaDB from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool. To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn)
 3. Type `http://adminer` into your browser
+
 :::caution
 Do not use https when connecting to Adminer via VPN.
 :::
+
 ### Enable public access
+
 You can enable the public access to the Adminer service via the [Zerops subdomain].
+
 Or you can configure the [Public routing] on the Adminer service to make it accessible on your own domain.
+
 ## How to install phpMyAdmin to Zerops
+
 [phpMyAdmin ↗](https://www.phpmyadmin.net) is a free software tool written in PHP, intended to handle the administration of MariaDB over the Web.
+
 ### Single-click installation
+
 To install phpMyAdmin into your project, open your project in Zerops GUI and select **import services** in the left menu.
+
 Copy the following yaml file into the text area and start the import:
+
 ```yaml
 services:
   - # Service will be accessible through zCLI VPN under: http://phpmyadmin
@@ -13900,240 +19853,393 @@ services:
     # Link to Zerops repository that contains Adminer code with Zerops build and deploy instructions.
     buildFromGit: https://github.com/zeropsio/recipe-phpmyadmin@main
 ```
+
 When the import is finished, phpMyAdmin will be running as a PHP service in your project.
+
 ## How to access phpMyAdmin
+
 ### Use Zerops VPN
+
 By default phpMyAdmin service is private and is accessible from your local workstation over VPN.
+
 You can securely connect to MariaDB from your local workspace via Zerops VPN. Zerops VPN client is included into zCLI, the Zerops command-line tool. To start a VPN connection to the selected Zerops project, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn)
 3. Type `http://phpmyadmin` into your browser
+
 :::caution
 Do not use https when connecting to phpMyAdmin via VPN.
 :::
+
 ### Enable public access
+
 You can enable the public access to the phpMyAdmin service via the [Zerops subdomain].
+
 Or you can configure the [Public routing] on the phpMyAdmin service to make it accessible on your own domain.
+
 ## How to use a database management tool on your workstation
+
 Do you already use a database management tool that supports MariaDB on your workstation? Connect it securely to MariaDB from your local workspace via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to MariaDB remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely).
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 ## How to use mysql CLI on your workstation
+
 If you use the [mysql ↗](https://dev.mysql.com/doc/refman/8.1/en/mysql.html) command-line client to manage your MariaDB on your local workspace, you can connect it securely to MariaDB via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to MariaDB remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely).
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely) are available when connected through VPN. To connect to MariaDB in Zerops you have to copy the [access details](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely) manually from Zerops GUI.
+
 Use `mysql` command to connect to MariaDB in Zerops:
+
 ```sh
 mysql -h [hostname] -u [user] -p [password] [database_name]
 ```
+
 :::caution
 Do not use SSL/TLS protocols when connecting to MariaDB over VPN. Zerops MariaDB is not configured to support these protocols. The security is assured by the VPN.
 :::
 
+
 ----------------------------------------
 
 # Mariadb > How To > Scale
 
+
 Zerops automatically scales your MariaDB service based on actual database usage. When your database needs more power, resources increase. When demand drops, resources scale down to reduce costs.
+
 :::tip Read More
 For complete scaling details across all services, see [Automatic Scaling and High Availability](/features/scaling).
 :::
+
 ## How MariaDB scaling works
+
 MariaDB services use **vertical scaling** to adjust CPU, RAM, and disk resources within containers based on usage patterns. Unlike runtime services, MariaDB does not use horizontal scaling (adding/removing containers). Instead, MariaDB services use deployment modes for high availability.
+
 ## Configure scaling
+
 You can configure scaling settings:
+
 - **During service creation** - Set initial scaling parameters when [creating](/mariadb/how-to/create) your MariaDB service
 - **During import** - Define scaling configuration in your YAML import file using `verticalAutoscaling` parameters
 - **After service creation** - Navigate to your MariaDB service and select **Automatic scaling configuration** to modify settings
+
 ### Basic settings
-  
+
 **CPU Mode**: Choose between shared (cost-effective, variable performance) or dedicated (consistent performance, higher cost). You can change CPU mode once per hour. See [pricing](https://zerops.io/#pricing) for costs.
+
 **Resource limits**: Configure minimum and maximum resources for your MariaDB service:
+
 - **Lower the maximum** to control costs and prevent over-scaling
 - **Raise the minimum** when you need guaranteed baseline performance
 - **Set minimum = maximum** to disable automatic scaling for that specific resource
+
 **Deployment mode**: Choose the reliability configuration for your MariaDB service:
+
 - **Single Container**: One container with vertical scaling only. Suitable for development environments.
 - **Highly Available**: Multiple containers with built-in redundancy. Recommended for production environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 When a container fails in HA mode, Zerops automatically replaces it with a new container on a different physical machine and synchronizes data from healthy copies.
+
 ### Advanced settings
+
 **Start CPU cores**: Determines how many CPU cores are allocated during database startup. Increase this value if your MariaDB service starts slowly or requires more processing power during initialization.
+
 **RAM thresholds**: Help prevent out-of-memory crashes by maintaining buffer space:
+
 - **Absolute (GB)**: Maintains this amount of free RAM at all times
 - **Percentage**: Keeps this percentage of total RAM free
+
 Consider increasing these values if your database experiences memory-related issues.
-  
+
 :::info Read More
 For detailed technical parameters and scaling behavior, see [Automatic Scaling and High Availability](/features/scaling#resource-scaling-behavior).
 :::
+
 ## Monitor usage
+
 Navigate to your MariaDB service and select **Service containers & Overview** to view:
 - CPU, RAM, and disk usage over time
 - Historical scaling events
 - Container health status
+
 ## Technical details
+
 Zerops monitors database usage and automatically adjusts resources based on predefined thresholds and timing parameters. The scaling behavior follows the same principles as other services in the platform.
+
 For complete technical specifications including:
 - Resource monitoring intervals and thresholds
 - Scale-up and scale-down timing parameters
 - Scaling increments and steps
 - Detailed scaling behavior patterns
+
 See [Resource Scaling Behavior](/features/scaling#resource-scaling-behavior) in the general scaling documentation.
+
 ## Common issues
+
 **Out of memory errors**
 - Increase minimum free RAM settings in your scaling configuration
 - Consider raising the minimum RAM allocation
 - Check for memory-intensive queries or operations
+
 **Higher than expected costs**
 - Consider lowering your maximum resource limits
 - Review scaling patterns in the monitoring dashboard
+
 **Slow database startup**
 - Increase the "Start CPU cores" setting
 - Consider switching to dedicated CPU mode for consistent performance
+
 *Need help? Join our [Discord community](https://discord.gg/zerops) for assistance!*
 
 ----------------------------------------
 
 # Mariadb > Overview
 
+
 [MariaDB ↗](https://mariadb.org/) is one of the most popular open source relational databases. It’s made by the original developers of MySQL and guaranteed to stay open source.
+
 ## Feature Highlights
+
+- [Create MariaDB service](/mariadb/how-to/create) — Start with creating a MariaDB service using GUI or zCLI.
+- [Import config file](/mariadb/how-to/create#full-example) — Use an example config file to import your own app.
+
 ### Connect to MariaDB service
+
+- [Manage users and databases](/mariadb/how-to/manage)
+- [Connect from the same project](/mariadb/how-to/connect#connect-to-mariadb-from-runtime-services-of-the-same-project)
+- [Connect remotely](/mariadb/how-to/connect#connect-to-mariadb-in-zerops-remotely)
+
 ### Others
+
+- [Scale MariaDB service](/mariadb/how-to/scale)
+- [Export and import data](/mariadb/how-to/export-import-data)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/mariadb/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Mariadb > Tech Details > Cluster
 
+
 The following description applies only to the [highly available mode](/features/scaling#highly-available-ha-mode) of the MariaDB service.
+
 ## Description of MariaDB cluster
+
 MariaDB cluster in highly available mode contains 3 database containers and 2 free database proxies.
+
 #### 1 write node + 2 read nodes
+
 Zerops always keeps the 3 database containers on different physical machines. A MariaDB cluster node is installed in each database container. First a writer node is started followed by 2 read nodes. All your data is stored redundantly in 3 identical copies.
+
 If the container with one of the reader nodes fails, Zerops disconnects it from the MariaDB cluster. Zerops then creates a new container with a MariaDB read node inside, connects it to the cluster and starts the synchronisation of the data to the new node. Finally the broken container is deleted.
+
 If the container with the writer node fails, Zerops disconnects it from the MariaDB cluster and one of the read nodes is automatically promoted to the writer node. Zerops creates a new container with a MariaDB read node inside, connects it to the cluster and starts the synchronisation of the data to the new node. Finally the broken container is deleted.
+
 #### 2 database proxies
+
 Zerops uses [MaxScale 2.5 ↗](https://mariadb.com/kb/en/maxscale/), this database proxy is optimised specifically for MariaDB. MaxScale database proxy understands the mysql protocol. It forwards all **write requests** to the writer node and all **read requests** to read nodes.
+
 Zerops creates 2 containers with MaxScale database proxy and connects them to the database cluster in the highly available infrastructure. Zerops always keep the 2 database proxies on different physical machines.
+
 If a container with the database proxy fails, Zerops starts a new container automatically. Database proxy doesn't contain any data therefore the start of the new database proxy is fast.
+
 ## Synchronous vs. Asynchronous replication
+
 #### Synchronous replication
+
 Synchronous replication guarantees that when a change happens on the write node, it is replicated on the read nodes synchronously. Synchronous replication uses a distributed locking which proved to be very slow. The data replication from the write node to the read nodes takes some time and the write transactions must wait until the changed data is successfully replicated to all database nodes. In case one of the database nodes is overloaded, the whole cluster becomes very slow.
+
 #### Asynchronous replication
+
 Asynchronous replication gives no guarantees about the delay between applying changes on the write node and the propagation of changes to all read nodes. The delay is usually very short but when one of the read containers is overloaded the delay can be longer. The main benefit of the asynchronous replication is the performance. Write transaction is completed when the write node successfully commits the transaction locally and writes it to the write-ahead log that prevents the loss of data.
+
 The downside of the asynchronous replication is no guarantee that the read nodes will always return the current data. In some cases a `SELECT` query that quickly follows the previous `COMMIT` may return old data. As mentioned above, the database proxy forwards all read requests to read nodes. When the read node processes the `SELECT` query before the replication of the previous transaction is finished, old data is returned.
+
 Zerops uses the asynchronous replication in MariaDB cluster.
+
 ## How to deal with situations when old data is returned
+
 #### Use explicit transactions
+
 MariaDB cluster returns old data most often when you use the `SELECT` query right after the `COMMIT` in the same algorithm. This problem can be solved by moving the `SELECT` query into the transaction. All queries inside a `BEGIN..COMMIT` transaction are always executed against the write node.
+
 #### Enable synchronous checks for SELECT queries
+
 For a critical read that must have the most up-to-date data use the `wsrep_sync_wait` option:
+
 ```sh
 SET SESSION wsrep_sync_wait=1;
 SELECT ...;
 SET SESSION wsrep_sync_wait=0;
 ```
+
 When the `wsrep_sync_wait=1` option is used, the read node will synchronise data from the write node before executing the query. The read node will wait until all updates from the write node that were committed before the `SELECT` query was received and only then executes the query.
 
+
 ----------------------------------------
 
 # Mariadb > Tech Details > Limitations
 
+
 The following description applies only to the [highly available mode](/features/scaling#highly-available-ha-mode) of the MariaDB service.
+
 #### InnoDB only
+
 Only the InnoDB storage engine is supported.
+
 #### Mandatory table primary key
+
 All database tables should have a primary key. A multi-column primary key can also be used. `DELETE` operations are unsupported on tables without a primary key. Also, rows in tables without a primary key may appear in a different order on different nodes.
+
 #### Limited locks support
+
 No support for explicit locks, including `LOCK TABLES`, `FLUSH TABLES {explicit table list} WITH READ LOCK`, `GET_LOCK`, `RELEASE_LOCK`. These limitations can be overcome using transactions. Global locking operators like `FLUSH TABLES WITH READ LOCK` are supported.
+
 #### Do not use local exports
+
 Do not use `SELECT INTO OUTFILE` or `SELECT INTO DUMPFILE` commands. It will create a file on one of the database containers that will receive the request. Zerops doesn't support direct access into the MariaDB database containers so you won't be able to access the file. Learn more about [how to export and import MariaDB data](/mariadb/how-to/export-import-data).
+
 [Full list of MariaDB cluster limitations ↗](https://mariadb.com/kb/en/mariadb-galera-cluster-known-limitations/)
 
+
 ----------------------------------------
 
 # Meilisearch > Overview
 
+
 Deploy and manage Meilisearch on a fully managed infrastructure. Get instant access to fast, typo-tolerant search with zero operational overhead.
+
 ## Supported Versions
+
 Currently supported Meilisearch versions:
+
 Import configuration version:
+
+- `meilisearch@1.20`
+- `meilisearch@1.10`
+
 ## Service Configuration
+
 Our Meilisearch implementation runs as a **single-node** setup, as Meilisearch does not currently support cluster configurations.
+
 ### Environment Modes
+
 :::note
 Environment mode affects the availability of certain features and can impact your application's security. Choose carefully based on your use case.
 :::
+
 #### Production Mode (Default)
 - Optimized for performance and security
 - Search Preview (Mini-dashboard) disabled
 - Recommended for production deployments
+
 #### Development Mode
 - Includes Search Preview (Mini-dashboard)
 - Enhanced debugging capabilities
 - Suitable for development and testing
+
 To switch between modes:
 1. Navigate to the **Environment variables** section in the Meilisearch service detail and scroll to the **Generated Variables**
 2. Set the `environment` variable to either:
    - `production` - for production mode (default)
    - `development` - for development mode with Mini-dashboard
 3. Restart the service to apply changes
+
 ### API Key Management
+
 The service provides three pre-configured API keys, each with specific access levels:
+
 #### `masterKey`
 - Root access to your Meilisearch instance
 - Use only for initial setup and key management
 - **Never expose in application code or frontend**
+
 #### `defaultSearchKey`
 - Read-only search operations across all indices
 - Safe for frontend implementations
 - **Can be exposed in client-side code**
+
 #### `defaultAdminKey`
 - Full administrative access to all indices
 - For backend operations and index management
 - **Keep secure in backend services only**
+
 [Custom API keys](https://www.meilisearch.com/docs/reference/api/keys) provide fine-grained access control for specific use cases. For example, you might create:
 - Search-only keys for specific indices
 - Temporary keys with expiration dates
 - Keys with restricted actions for third-party integrations
+
 ## Network Architecture & Access
+
 ### Access Methods
+
 #### Public HTTPS Access
 When enabled, access via [Zerops subdomain](/references/networking/public-access#zerops-subdomain-access).
+
 #### Internal Project Access
 Services within the same project can reach Meilisearch directly:
 ```
 http://{hostname}:7700
 ```
+
 ## Backup
+
 Meilisearch backups are created using native dump commands:
+
 - **Format**: `.dump` (standard Meilisearch dump)
 - **Tooling**: Native dump command
 - **Content**: Contains index data and settings
+
 For backup configuration, scheduling, retention policies, and management options, see the [Zerops Backups](/features/backup) documentation.
+
 ### Restoring Backups
+
 To restore a Meilisearch backup:
+
 1. **Download** the backup file (`.dump`) from the Zerops UI
 2. **Prepare** your target environment (clean existing indices or use a new instance)
 3. **Restore** using the Meilisearch API. Use the dump import endpoint to restore your data. Follow the [official Meilisearch documentation](https://www.meilisearch.com/docs/learn/data_backup/dumps#importing-a-dump-in-self-hosted-instances) for detailed restore procedures.
+
 For assistance with the restoration process, contact Zerops support.
+
 ## Quick Start Example
+
 Here's a minimal example of implementing search in a React application:
+
 ```javascript
+
 const MEILISEARCH_URL = process.env.zeropsSubdomain;
 const SEARCH_KEY = process.env.defaultSearchKey;
+
 function SearchComponent() {
   const [results, setResults] = useState([]);
+
   const handleSearch = async (query) => {
     const response = await fetch(`${MEILISEARCH_URL}/indexes/products/search`, {
       method: 'POST',
@@ -14146,55 +20252,73 @@ function SearchComponent() {
         limit: 10
       })
     });
+
     const data = await response.json();
     setResults(data.hits);
   };
+
   return (
-    
-       handleSearch(e.target.value)}
+    <div>
+      <input
+        type="search"
+        onChange={(e) => handleSearch(e.target.value)}
         placeholder="Search products..."
       />
-      
+      <ul>
         {results.map(hit => (
-          {hit.name}
+          <li key={hit.id}>{hit.name}</li>
         ))}
-      
+      </ul>
+    </div>
   );
 }
 ```
+
 ## Best Practices
+
 #### Security
 - Store sensitive keys (`masterKey`, `defaultAdminKey`) securely in backend services
 - Use `defaultSearchKey` or custom keys with minimal permissions for frontend
 - Rotate custom keys periodically
+
 #### Performance
 - Implement debouncing for search inputs
 - Cache frequently accessed search results
 - Monitor response times and adjust index settings
 - Use appropriate batch sizes for bulk operations
+
 #### Error Handling
 - Implement retry logic for temporary failures
 - Set appropriate timeout values for your use case
 - Handle rate limiting gracefully
+
 ## Troubleshooting
+
 ### Common Issues
+
 #### Connection Problems
 - Check if your instance is in the correct environment mode
 - Ensure your API keys have the necessary permissions
 - Confirm your service is running and healthy in the Zerops dashboard
+
 #### Search Performance
 - Review your index settings for optimal search performance
 - Monitor your instance's resource usage
 - Consider implementing client-side caching for frequent searches
+
 #### API Key Issues
 - Verify you're using the correct key type for your operation (search vs. admin)
 - Check key permissions match your intended operations
 - Ensure keys are properly formatted in your Authorization header
 - Remember that master and admin keys should never be used in frontend code
+
 ## Learn More
+
 - [Official Meilisearch Documentation](https://www.meilisearch.com/docs) - Comprehensive guide to all Meilisearch features and capabilities
 - [API Reference](https://www.meilisearch.com/docs/reference/api/overview) - Detailed API specifications and usage examples
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zeropsio)
 - Contact support via [email](mailto:support@zerops.io)
@@ -14203,90 +20327,141 @@ For advanced configurations or custom requirements:
 
 # Nats > Overview
 
+
 Zerops provides a fully managed [NATS](https://nats.io/) messaging system with automated scaling and zero infrastructure overhead, letting developers focus entirely on development.
+
 ## Supported Versions
+
 Currently supported NATS version:
+
 Import configuration version:
+
+- `nats@2.12`
+- `nats@2.10`
+
 ## Service Configuration
+
 Our NATS implementation features optimized default settings designed for common use cases.
+
 **Key configuration aspects** include:
 - Standard protocol port `4222` for client connections
 - HTTP monitoring interface `8222` for management
 - Secure authentication with automatically generated credentials
 - Optimized settings for performance and reliability
+
 You can fine-tune your NATS service by adjusting **environment variables**:
+
 ### Available Configuration Options
+
 :::note
 If certain variables are not visible in your configuration, they may have been introduced after your service was created. Simply add them as [secret variables](/features/env-variables#2-secret-variables) to access the functionality.
 :::
-  
-      Variable
-      Description
-    
-      MAX_PAYLOAD
-      Defines the maximum allowed message size for all NATS traffic. Default: 8MB, Maximum: 64MB. See NATS limits documentation for details.
-    
-      JET_STREAM_ENABLED
-      Controls whether JetStream functionality is enabled. Default: 1 (enabled), Set to 0 to disable. See JetStream Configuration section below for more details.
-    
-:::important
-Configuration changes require a service **restart** to take effect. While NATS itself supports configuration hot-reload, this feature will be implemented in a future Zerops update.
-:::
-After restarting, check your service logs to confirm the changes were applied successfully.
-### JetStream Configuration
-The service includes [JetStream](https://docs.nats.io/nats-concepts/jetstream) functionality **enabled by default**, providing persistent storage capabilities for your messaging workloads:
-- **Memory store**: Up to 40GB for high-performance message caching
-- **File store**: Up to 250GB for persistent storage
-- **Regular sync intervals**: Ensures data durability and consistency
-:::note
-In HA deployments, data persistence is further enhanced with 1-minute sync intervals across all nodes, ensuring robust data durability and high availability.
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Variable</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><code>MAX_PAYLOAD</code></td>
+      <td className="w-fit">Defines the maximum allowed message size for all NATS traffic. Default: <code>8MB</code>, Maximum: <code>64MB</code>. See [NATS limits documentation](https://docs.nats.io/running-a-nats-service/configuration#limits) for details.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap"><code>JET_STREAM_ENABLED</code></td>
+      <td className="w-fit">Controls whether JetStream functionality is enabled. Default: <code>1</code> (enabled), Set to <code>0</code> to disable. See [JetStream Configuration](#jetstream-configuration) section below for more details.</td>
+    </tr>
+  </tbody>
+</table>
+
+:::important
+Configuration changes require a service **restart** to take effect. While NATS itself supports configuration hot-reload, this feature will be implemented in a future Zerops update.
 :::
+
+After restarting, check your service logs to confirm the changes were applied successfully.
+
+### JetStream Configuration
+
+The service includes [JetStream](https://docs.nats.io/nats-concepts/jetstream) functionality **enabled by default**, providing persistent storage capabilities for your messaging workloads:
+- **Memory store**: Up to 40GB for high-performance message caching
+- **File store**: Up to 250GB for persistent storage
+- **Regular sync intervals**: Ensures data durability and consistency
+
+:::note
+In HA deployments, data persistence is further enhanced with 1-minute sync intervals across all nodes, ensuring robust data durability and high availability.
+:::
+
 This configuration provides a robust foundation for message persistence while balancing performance and reliability.
+
 :::tip
 Disabling JetStream can reduce resource utilization for applications that don't require message persistence.
 :::
+
 ### Deployment Modes
+
 :::warning
 Deployment mode is selected during service creation and cannot be changed later.
 :::
+
 #### Non-HA Mode
 - Suitable for development and testing
 - Data persistence not guaranteed during node failures
 - Lower resource requirements
+
 #### HA Mode
 - Creates a multi-node NATS cluster
 - Configures routes between cluster nodes automatically
 - Implements [NATS clustering](https://docs.nats.io/running-a-nats-service/configuration/clustering) for high availability
 - Provides improved reliability compared to non-HA deployments
+
 ### Authentication Management
+
 Authentication credentials are automatically generated and managed by the platform. The system creates a default user (`zerops`) with a secure 16-character password. You can access these credentials through:
 - The service access details in the Zerops GUI
 - Environment variables in your service configuration:
   - `user` - Username for authentication (default: "zerops")
   - `password` - Generated secure password
   - `connectionString` - Complete connection string in the format `nats://${dbUser}:${dbPassword}@${hostname}:${port}`
+
 ## Health Monitoring
+
 Zerops continuously monitors your NATS service health using built-in health checks:
+
 - **HTTP Health Check**: The system checks the `/healthz` endpoint at port 8222
 - **Self-Healing**: The platform automatically recovers unhealthy nodes when issues are detected
+
 ### Health Status
+
 You can check the health status of your NATS service:
+
 1. Through the Zerops GUI dashboard
 2. By accessing the management interface at port `8222`
+
 ## Backup and Recovery
+
 NATS backups are created using filesystem archival:
+
 - **Format**: `.tar.gz` (archive of queue state)
 - **Tooling**: Filesystem archival
 - **Content**: Captures persistent message state
+
 For backup configuration, scheduling, retention policies, and management options, see the [Zerops Backups](/features/backup) documentation.
+
 ### Restoring Backups
+
 To restore a NATS backup:
+
 1. **Download** the backup file (`.tar.gz`) from the Zerops UI
 2. **Extract** the archive to access the queue state data
 3. **Prepare** your target environment (clear existing data if needed)
 4. **Restore** using NATS CLI commands via Zerops VPN or during deployment. Follow the [official NATS documentation](https://docs.nats.io/running-a-nats-service/nats_admin/jetstream_admin/disaster_recovery) for detailed restore procedures.
+
 For assistance with the restoration process, contact Zerops support.
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zerops)
 - Contact support via [email](mailto:support@zerops.io)
@@ -14295,25 +20470,33 @@ For advanced configurations or custom requirements:
 
 # Nginx > Faq
 
-  Question: How do I enable SEO optimization with prerender.io?
-Answer: 
-    Zerops provides built-in prerender.io support. Simply set the `PRERENDER_TOKEN` environment variable with your prerender.io service token. See our [prerender.io documentation](/nginx/how-to/env-variables#prerenderio-support) for details.
-  
+
+  **Question: How do I enable SEO optimization with prerender.io?**
+
+Zerops provides built-in prerender.io support. Simply set the `PRERENDER_TOKEN` environment variable with your prerender.io service token. See our [prerender.io documentation](/nginx/how-to/env-variables#prerenderio-support) for details.
+
 
 ----------------------------------------
 
 # Nginx > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your static content.
+
 :::tip Two Deployment Approaches
 You can use the Nginx service in two ways:
 - **Runtime only**: Deploy pre-built static files directly (no build phase needed)
 - **Build + Runtime**: Use a frontend framework (Node.js, PHP, Python, etc.) to build your application, then serve it with Nginx
+
 The build phase is completely optional. If you already have built files, skip the build section and configure only the [runtime](#runtime-configuration).
+
 If you just need to deploy your static content, use the [manual deploy](/nginx/how-to/trigger-pipeline#manual-deploy-using-zerops-cli) via Zerops CLI.
 :::
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -14325,51 +20508,65 @@ zerops:
     build:
       # REQUIRED (if using build). Set the base technology for the build environment:
       base: nodejs@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
+
       # REQUIRED (if using build). Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: nginx@latest
+
       # OPTIONAL. Customize the runtime Nginx environment by installing additional
       # dependencies to the base Nginx runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Nginx application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # OPTIONAL. Customize the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx configuration. The file must be deployed in
       # the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -14380,6 +20577,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -14389,12 +20587,20 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Nginx version for your runtime.
+
 Following options are available for Nginx builds:
+
+- `nginx@1.22`, `nginx@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -14404,18 +20610,25 @@ zerops:
       # REQUIRED (if using build). Sets the base technology for the build environment:
       base: nodejs@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: nginx@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
-  selected major version of Nginx, Zerops command line tool and `composer`, `git` and `wget`.
+  selected major version of Nginx, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -14425,6 +20638,7 @@ zerops:
       # REQUIRED (if using build). Sets the base technology for the build environment:
       base: nodejs@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -14434,52 +20648,86 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 :::info
 If no ports are specified, Zerops adds the port TCP 80 automatically.
 :::
+
 :::caution
 If you want the web server to listen on other port(s) than `:80`, you must [customize](/nginx/how-to/customize-web-server) your web server configuration as well.
 :::
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Nginx static service with hostname = "app" and port = 80 from another service of the same project, simply use `app:80`. Read more about [how to access a Nginx static service](/references/networking/internal-access#basic-service-communication).
+
 :::info
 Do not use the port **:443**. All the incoming traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your Nginx static service as a **http://** on the port **:80**.
 :::
+
 Each port has following attributes:
-  
-    Parameter
-    Description
-  
-    port
-    Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-  
-    protocol
-    Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-  
-    httpSupport
-    Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-  
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit"><strong>Parameter</strong></th>
+    <th className="w-fit"><strong>Description</strong></th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit">port</td>
+    <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+  </tr>
+  <tr>
+    <td className="w-fit">protocol</td>
+    <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+  </tr>
+  <tr>
+    <td className="w-fit">httpSupport</td>
+    <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+  </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the Nginx runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Nginx environment contains {data.alpine.default}, the selected
-  major version of Nginx, Zerops command line tool and `composer`, `git` and `wget`. To install
+  major version of Nginx, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -14487,6 +20735,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -14496,28 +20745,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/nginx/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
-  
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances.
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Nginx, Zerops command line tool and `composer`, `git` and `wget`.
+  selected major version of Nginx, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the build section of your chosen technology.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -14526,6 +20792,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -14535,15 +20802,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -14552,48 +20824,71 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Nginx application is started.
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/nginx/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/nginx/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances.
+
 ### documentRoot
+
 _OPTIONAL._ Customizes the folder that will be used as the root of the publicly accessible web server content.
+
 :::info
 By default, the document root is configured to `/var/www`.
 :::
+
 Customize the folder that will be used as the root of the publicly accessible web server content. Enter the path relative to the `/var/www` folder.
 E.g. `documentRoot: public` will set the web server document root to `/var/www/public`.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
 ```
+
 ### siteConfigPath
+
 _OPTIONAL._ Sets the custom Nginx configuration.
+
 :::info
 If you don't set your custom configuratiin Zerops applies the [default](/nginx/how-to/customize-web-server#default-nginx-configuration) configuration.
 :::
+
 The file must be deployed in the runtime container. Enter the path to the file relative to the `/var/www` folder.
 Read more about the [web server customization](/nginx/how-to/customize-web-server).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -14607,44 +20902,66 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/nginx/how-to/env-variables) in Zerops.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-    Parameter
-    Description
-  
-    port
-    Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-  
-    path
-    Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-  
-    host
-    Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-  
-    scheme
-    Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-  
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit whitespace-nowrap">Parameter</th>
+    <th className="w-fit whitespace-nowrap">Description</th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">port</td>
+    <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">path</td>
+    <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">host</td>
+    <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+    <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+  </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -14652,31 +20969,48 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-    Parameter
-    Description
-  
-    command
-    
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit"><strong>Parameter</strong></th>
+    <th className="w-fit"><strong>Description</strong></th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit"><strong>command</strong></td>
+    <td className="w-fit">
       Defines a local command to be run.
-      The command has access to the same environment variables as your Nginx application.
+
+      The command has access to the same [environment variables](/nginx/how-to/create#set-secret-environment-variables) as your Nginx application.
+
       A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-    
+    </td>
+  </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -14685,39 +21019,60 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/nginx/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-    Parameter
-    Description
-  
-    port
-    Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-  
-    path
-    Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-  
-    host
-    Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-  
-    scheme
-    Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-  
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit whitespace-nowrap">Parameter</th>
+    <th className="w-fit whitespace-nowrap">Description</th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">port</td>
+    <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">path</td>
+    <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">host</td>
+    <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+  </tr>
+  <tr>
+    <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+    <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+  </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -14726,30 +21081,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/nginx/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-    Parameter
-    Description
-  
-    command
-    
+
+<table className="w-full my-1.5">
+  <thead>
+  <tr>
+    <th className="w-fit"><strong>Parameter</strong></th>
+    <th className="w-fit"><strong>Description</strong></th>
+  </tr>
+  </thead>
+  <tbody>
+  <tr>
+    <td className="w-fit"><strong>command</strong></td>
+    <td className="w-fit">
       Defines a local command to be run.
-      The command has access to the same environment variables as your Nginx application.
+
+      The command has access to the same [environment variables](/nginx/how-to/create#set-secret-environment-variables) as your Nginx application.
+
       A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-    
+    </td>
+  </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -14761,6 +21134,7 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/nginx/how-to/deploy-process#readiness-checks) in Zerops.
 
 ----------------------------------------
@@ -14773,35 +21147,60 @@ Read more about how the [readiness check works](/nginx/how-to/deploy-process#rea
 
 # Nginx > How To > Create
 
+
 The Nginx static service contains the Nginx web server optimized for your static content. Nginx static service is highly scalable and customisable to suit both development and production.
+
 ## Create Nginx static service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Nginx static service:
+
+[Video: /vids/services/nginx-static.webm](/vids/services/nginx-static.webm)
+
 ### Choose Nginx version
+
 Following Nginx versions are currently supported:
+
 :::info
 You can [change](/nginx/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/nginx/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Nginx static service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Nginx static service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/nginx/how-to/create#create-a-project-description-file)
 3. [Create a project with a Nginx and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -14822,13 +21221,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Nginx version 8.1 service with default [auto scaling](/nginx/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/nginx/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -14867,110 +21271,187 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain an Nginx static service with `app` hostname. The internal port(s) the service listens on will be defined later in the [zerops.yaml](/nginx/how-to/build-pipeline#ports). Nginx static service will run on version 1.22 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains an Nginx static service but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [nginx service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/nginx/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/nginx/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/nginx/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/nginx/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Nginx static service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -14991,98 +21472,146 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Nginx static service version 1.22 with default [auto scaling](/nginx/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Nginx > How To > Customize Runtime
 
+
 ## Build Custom Runtime Images
+
 Zerops allows you to build custom runtime images (CRI) when the default base runtime images don't meet your Nginx Static application's requirements. This is an optional phase in the [build and deploy pipeline](/features/pipeline#runtime-prepare-phase-optional).
+
 :::important
 You should not include your application code in the custom runtime image, as your built/packaged code is deployed automatically into fresh containers.
 :::
+
 ## Configuration
+
 ### Default Nginx Static Runtime Environment
+
 The default Nginx Static runtime environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - Selected version of Nginx when the runtime service was created
 - [zCLI](/references/cli)
 - Git
+
 ### When You Need a Custom Runtime Image
+
 If your Nginx Static service needs additional tools beyond the default environment (SSL management, monitoring, security tools, etc.), you'll need to build a custom runtime image.
+
 Here are Nginx Static-specific examples of configuring custom runtime images in your `zerops.yml`:
+
 ### Basic Nginx Static Setup
-    
+
 For complete configuration details, see the [runtime prepare phase configuration guide](/features/pipeline#configuration).
+
 ## Process and Caching
+
 ### How Runtime Prepare Works
 The runtime prepare process follows the same steps for all runtimes. See [how runtime prepare works](/features/pipeline#how-it-works) for the complete process details.
+
 ### Caching Behavior
 Zerops caches custom runtime images to optimize deployment times. Learn about [custom runtime image caching](/features/pipeline#custom-runtime-image-caching) including when images are cached and reused.
+
 ### Build Management
 For information about managing builds and deployments, see [managing builds and deployments](/features/pipeline#manage-builds-and-deployments).
+
 :::warning
 Shared storage mounts are not available during the runtime prepare phase.
 :::
+
 ## Troubleshooting
+
 If your `prepareCommands` fail, check the [prepare runtime log](/nginx/how-to/logs#prepare-runtime-log) for specific error messages.
 
 ----------------------------------------
 
 # Nginx > How To > Customize Web Server
 
+
 ## Default Nginx configuration
+
 The default Nginx static service has following configuration:
+
 ```
 server {
     listen 80 default_server;
     listen [::]:80 default_server;
+
     server_name _;
     root {{.DocumentRoot}};
+
     location / {
         try_files $uri $uri/ /index.html;
     }
+
     access_log syslog:server=unix:/dev/log,facility=local1,tag=nginx,severity=info default_short;
     error_log syslog:server=unix:/dev/log,facility=local1,tag=nginx,severity=error;
 }
 ```
+
 The configuration contains 2 variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/nginx/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 ## Customize Nginx configuration
+
 Follow these steps to customize the Nginx configuration in Nginx static service:
+
 1. Create a **.tmpl** file with the Nginx configuration in your repository.
+
 2. Optionally use following variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/nginx/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 Example:
+
 ```
 root {{.DocumentRoot}};
 ```
+
 - **`{{.Environment.ENV_NAME}}`** is replaced by the [env variable](/nginx/how-to/env-variables) value. The env variable must be either defined in [run.envVariables](/nginx/how-to/build-pipeline#envvariables) in `zerops.yaml` or set as a [secret](/nginx/how-to/env-variables#set-secret-env-variables-in-zerops-gui) or [generated](/nginx/how-to/env-variables#generated-env-variables) env variable in Zerops GUI.
+
 :::caution
 Use the **.tmpl** file extension to make Zerops interpret the file as a template. Zerops will replace the supported variables listed above.
 :::
+
 3. Check that your Nginx configuration is consistent with Zerops requirements:
+
 - Do not use IP addresses in the `listen` directive
-- If you use other ports than `:80` in the `listen` directive, add them to the `run.ports` in your `zerops.yaml` as well.
+- If you use other ports than `:80` in the `listen` directive, add them to the [`run.ports`](/nginx/how-to/build-pipeline#ports) in your `zerops.yaml` as well.
 - Do not use the port **:443**. All the incoming `https://` traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your Nginx static service as a **http://** on the port **:80**.
-4. Add the `siteConfigPath` to the run section of your `zerops.yaml`
+
+4. Add the [`siteConfigPath`](/nginx/how-to/build-pipeline#siteconfigpath) to the run section of your `zerops.yaml`
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -15091,27 +21620,40 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: nodejs@latest
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - vendor
         - public
+
     # ==== how to run your application ====
     run:
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx or Apache configuration. The file must be deployed in the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
-5. Ensure that the `build.deployFiles` contains the folder with the `siteConfigPath` or add the path to the Nginx config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
+5. Ensure that the [`build.deployFiles`](/nginx/how-to/build-pipeline#deployfiles) contains the folder with the `siteConfigPath` or add the path to the Nginx config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
 6. [Trigger](/nginx/how-to/trigger-pipeline) the build & deploy pipeline.
+
 ## SEO & Prerender Support
+
 Single Page Applications and JavaScript-heavy sites render content client-side, which most crawlers can't process—they see an empty page instead of your content. This affects traditional search engines, social media platforms, and AI tools like ChatGPT, Perplexity, and Claude.
+
 ### Built-in Prerender.io Integration
+
 The default Nginx configuration includes automatic [Prerender.io](https://prerender.io) support. When enabled, it detects crawler requests (including AI crawlers) and serves them pre-rendered HTML while your users get the full interactive experience.
+
 ### Setup
+
 To enable prerender support:
+
 1. Set the `PRERENDER_TOKEN` environment variable with your Prerender.io token (see [environment variables](/nginx/how-to/env-variables#prerenderio-support))
 2. Optionally set `PRERENDER_HOST` if using a custom prerender server
+
 The Nginx configuration will automatically handle the rest—no additional configuration needed.
 
 ----------------------------------------
@@ -15124,27 +21666,40 @@ The Nginx configuration will automatically handle the rest—no additional confi
 
 # Nginx > How To > Env Variables
 
+
 ## Prerender.io Support
+
 Zerops provides built-in prerender.io support for SEO optimization. Configure it using these environment variables:
-  
-      Variable
-      Required
-      Description
-      Default
-    
-      PRERENDER_TOKEN
-      Yes
-      Your prerender.io service token
-      -
-    
-      PRERENDER_HOST
-      No
-      Prerender service host
-      service.prerender.io
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>Variable</strong></th>
+      <th className="w-fit"><strong>Required</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Default</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr className="text-center">
+      <td className="w-fit">PRERENDER_TOKEN</td>
+      <td className="w-fit">Yes</td>
+      <td className="w-fit">Your prerender.io service token</td>
+      <td className="w-fit">-</td>
+    </tr>
+    <tr className="text-center">
+      <td className="w-fit">PRERENDER_HOST</td>
+      <td className="w-fit">No</td>
+      <td className="w-fit">Prerender service host</td>
+      <td className="w-fit">service.prerender.io</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip
 Set `PRERENDER_TOKEN` as a secret environment variable in Zerops GUI for security.
 :::
+
 Example in zerops.yaml:
 ```yaml
 zerops:
@@ -15194,36 +21749,68 @@ zerops:
 
 # Nginx > Overview
 
+
 The Nginx static service contains the [Nginx ↗](https://nginx.org/) web server optimized for your static content.
+
 ## How to start
+
+- [Care for details?](/nginx/how-to/create) — Dive in all Zerops has to offer for your Nginx application.
+
 ## Feature Highlights
+
+- [Create Nginx static service](/nginx/how-to/create) — Start with creating a Nginx static service using GUI or zCLI.
+- [zerops.yaml](/nginx/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/nginx/how-to/scaling) — Set up scaling of your Nginx application so that it runs smoothly while using only necessary resources.
+- [SEO Optimization](/nginx/how-to/env-variables#prerenderio-support) — Built-in prerender.io support for better SEO.
+
 {" "}
+
+- [Customize build environment](/nginx/how-to/create)
+- [Customize runtime environment](/nginx/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/nginx/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Nodejs > Faq
 
-  Question: Why is my Node.js build timing out or hanging on interactive prompts?
-Answer: 
-    If your build process seems to be hanging or timing out, check your logs for interactive prompts that are waiting for input, such as:
+
+  **Question: Why is my Node.js build timing out or hanging on interactive prompts?**
+
+If your build process seems to be hanging or timing out, check your logs for interactive prompts that are waiting for input, such as:
     ```
     ? The modules directory at "/build/source/node_modules" will be removed and reinstalled from scratch. Proceed? (Y/n) ‣ true
     ```
+
     Set the environment variable `CI: true` to resolve the problem. This allows the installation to proceed automatically without requiring manual confirmation.
-  
+
 
 ----------------------------------------
 
 # Nodejs > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Node.js application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -15232,51 +21819,65 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: nodejs@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - dist
         - package.json
         - node_modules
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: node_modules
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: nodejs@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 3000
+
       # OPTIONAL. Customize the runtime Node.js environment by installing additional
       # dependencies to the base Node.js runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Node.js application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Node.js application start command
       start: npm start
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -15287,6 +21888,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -15296,11 +21898,22 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Node.js builds:
+
+- `nodejs@24`, `nodejs@latest`
+- `nodejs@22`
+- `nodejs@20`
+- `nodejs@18`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15311,12 +21924,18 @@ zerops:
       base: nodejs@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Node.js, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+  major version of Node.js, [Zerops command line tool](/references/cli), `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15330,34 +21949,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Node.js defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15366,6 +22003,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: nodejs@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -15373,20 +22011,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/nodejs/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15395,42 +22044,59 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: nodejs@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - npm i
         - npm run build
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     npm i
     npm run build
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - npm i
   - npm run build
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/nodejs/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - npm i --verbose
   - npm run build
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -15439,56 +22105,81 @@ deployFiles:
   - package.json
   - node_modules
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - dist
   - package.json
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -15500,22 +22191,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -15524,6 +22226,7 @@ zerops:
     build:
       base: nodejs@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         NODE_ENV: production
@@ -15532,12 +22235,23 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/nodejs/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Node.js version for your runtime.
+
 Following options are available for Node.js builds:
+
+- `nodejs@24`, `nodejs@latest`
+- `nodejs@22`
+- `nodejs@20`
+- `nodejs@18`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15547,18 +22261,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: nodejs@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: nodejs@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Node.js, Zerops command line tool, `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15568,6 +22289,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: nodejs@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -15577,43 +22299,74 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Node.js service with hostname = "app" and port = 3000 from another service of the same project, simply use `app:3000`. Read more about [how to access a Node.js service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Node.js runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Node.js environment contains {data.alpine.current} the selected
-  major version of Node.js, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools. To install
+  major version of Node.js, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15621,6 +22374,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -15630,27 +22384,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/nodejs/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the custom runtime cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.current}, the
-  selected major version of Node.js, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Node.js, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -15659,6 +22431,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -15668,15 +22441,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -15685,22 +22463,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Node.js application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/nodejs/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/nodejs/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -15715,57 +22506,84 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/nodejs/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Node.js application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Node.js application start command
       start: npm start
 ```
+
 We recommend starting your Node.js application using `npm start`.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Node.js application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -15773,30 +22591,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Node.js application.
+
+        The command has access to the same [environment variables](/nodejs/how-to/create#set-secret-environment-variables) as your Node.js application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Node.js application start command
       start: npm start
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -15805,13 +22640,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -15820,40 +22660,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/nodejs/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -15862,30 +22724,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/nodejs/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Node.js application.
+
+        The command has access to the same [environment variables](/nodejs/how-to/create#set-secret-environment-variables) as your Node.js application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -15897,8 +22777,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/nodejs/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Nodejs > How To > Build Process
@@ -15915,34 +22797,58 @@ Read more about how the [readiness check works](/nodejs/how-to/deploy-process#re
 
 # Nodejs > How To > Create
 
+
 Zerops provides a powerful Node.js runtime service with extensive build support. The Node.js runtime is highly scalable and customizable to suit your development and production needs. With just a few clicks or commands, you can have a production-ready Node.js environment up and running in no time.
+
 ## Create a Node.js service using Zerops GUI
+
 First, set up a project in the Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu under the **Services** section. From there, you can add a new Node.js service:
+
+[Video: /vids/services/nodejs.webm](/vids/services/nodejs.webm)
+
 ### Choose a Node.js version
+
 Zerops supports the following Node.js versions:
+
 :::info
 You can easily [upgrade](/nodejs/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app", "cache", "gui", etc. Duplicate services with the same name within the same project are not allowed.
+
 #### Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as passwords, tokens, salts, certificates, etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting secret environment variables is optional. You can always set them later in the Zerops GUI.
+
 Read more about the [different types of environment variables](/nodejs/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create a Node.js service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Node.js service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/nodejs/how-to/create#create-a-project-description-file)
 3. [Create a project with a Node.js and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a YAML format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory called `my-project`. Inside the `my-project` directory, create a `description.yaml` file with the following content:
 ```yaml
 # basic project data
@@ -15964,13 +22870,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Node.js version 20 service with default [auto scaling](/nodejs/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/nodejs/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -16015,114 +22926,172 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Node.js service and a [PostgreSQL](/postgresql/overview) service.
+
 Node.js service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/nodejs/how-to/build-pipeline#ports). Node.js service will run on version 20 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Node.js and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Node.js service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/nodejs/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/nodejs/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/nodejs/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/nodejs/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Node.js service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -16143,33 +23112,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Node.js service version 20 with default [auto scaling](/nodejs/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Nodejs > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add imagemagick, sudo apk add ffmpeg)',
-  'Global Node.js tools: When you need CLI tools or utilities available system-wide (like pm2 for process management)',
-  'Native dependencies: When your npm packages require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -16223,123 +23197,213 @@ System packages for processing: When your app processes images, videos, or files
 
 # Nodejs > Overview
 
+
 [Node.js ↗](https://nodejs.org/en) is an asynchronous event-driven JavaScript runtime, which is designed to build scalable network applications.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-nodejs), a **_recipe_**, containing the most simple Node.js web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Node.js app running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Node.js app running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "node-js" recipe on Zerops](https://app.zerops.io/recipe/?lf=node-js)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
+
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-nodejs/blob/main/zerops-project-import.yaml)):
+
 ```yaml
 project:
   name: recipe-nodejs
   tags:
     - zerops-recipe
+
 services:
   - hostname: api
     type: nodejs@20
     enableSubdomainAccess: true
     buildFromGit: https://github.com/zeropsio/recipe-nodejs
+
   - hostname: db
     type: postgresql@16
     mode: NON_HA
     priority: 1
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
 It doesn't matter whether it's your first curious introduction to Zerops, you have already mastered the basics and are looking for a tiny detail or inspiration. Below, choose a section that fits your needs:
+
+- [Care for details?](/nodejs/how-to/create) — Dive in all Zerops has to offer for your Node.js application.
+- [Node.js recipes](https://github.com/zeropsio?q=nodejs&type=all&language=&sort=) — Get inspired by already existing repositories, ready to be imported to Zerops.
+
 ## Feature Highlights
+
+- [Create Node.js service](/nodejs/how-to/create) — Start with creating a Node.js service using GUI or zCLI.
+- [zerops.yaml](/nodejs/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/nodejs/how-to/scaling) — Set up scaling of your Node.js application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/nodejs/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/nodejs/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/nodejs/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Object Storage > How To > Access
 
+
 Zerops Object storage is powered by [MinIO](https://min,io), a high-performance, S3 compatible object store. Object storage services are operated on an independent infrastructure separated from your other project services. You can access the object storage from any service hosted in Zerops or remotely over the internet.
+
 ## Object storage bucket
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 #### Name
+
 Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket cannot be changed later.
+
 #### Access policy
+
 The bucket's access policy was defined when the Object storage service was created. You can [change it] later in Zerops GUI.
+
 #### Quota
+
 The bucket quota size was defined when the Object storage service was created. You can [change it] later in Zerops GUI.
+
 ## Copy access details from Zerops GUI
+
 You will find the Object storage access details under the **Access details** button in the project dashboard page.
+
 The same information is available in the service detail page under the **Access & bucket details** menu.
-  
+
 ### Object storage access parameters
-  
-      Parameter
-      Description
-    
-      API URL
-      URL of the Object storage service
-    
-      Bucket Name
-      Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket is fixed and cannot be changed later.
-    
-      Access Key ID
-      The S3 Access Key ID
-    
-      Secret Key
-      The S3 Secret Key
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">API URL</td>
+      <td>URL of the Object storage service</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">Bucket Name</td>
+      <td>Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket is fixed and cannot be changed later.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">Access Key ID</td>
+      <td>The S3 Access Key ID</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">Secret Key</td>
+      <td>The S3 Secret Key</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Use Object storage environment variables
+
 Zerops creates default environment variables for each Object storage service to help you with connection from any runtime services in the same project. To avoid the need to copy Object storage access parameters manually, use environment variables in your runtime service.
+
 ### Prefix the environment variable key
+
 All services of the same project can reference environment variables from other services. To use an environment variable from one service in another service in the same project, you must prefix the environment variable key with the service name and underscore.
+
 #### Example
+
 To access the `bucketName` env variable of the `upload` service, use `upload_bucketName` as the env variable key. To access the `secretAccessKey` env variable of the `storage` service, use `storage_secretAccessKey` as the env variable key.
+
 ### Object storage environment variables
+
 List of service environment variables is available in Zerops GUI. Go to an Object storage service detail and choose **Environment variables** in the left menu.
-  
+
 Zerops creates following environment variables when the Object storage service is created:
-  
-      Variable
-      Description
-    
-      apiUrl
-      URL of the Object storage service
-    
-      accessKeyId
-      The S3 Access Key ID
-    
-      secretAccessKey
-      The S3 Secret Key
-    
-      bucketName
-      Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket is fixed and cannot be changed later.
-    
-      quotaGBytes
-      The bucket quota in GB.
-    
-      projectId
-      ID of the project. Generated by Zerops.
-    
-      serviceId
-      ID of the Object storage service. Generated by Zerops.
-    
-      hostname
-      The name of the Object storage service.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Variable</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">apiUrl</td>
+      <td>URL of the Object storage service</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">accessKeyId</td>
+      <td>The S3 Access Key ID</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">secretAccessKey</td>
+      <td>The S3 Secret Key</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">bucketName</td>
+      <td>Bucket is created with a name based on the selected service name and a random prefix. The name of the bucket is fixed and cannot be changed later.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">quotaGBytes</td>
+      <td>The bucket quota in GB.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">projectId</td>
+      <td>ID of the project. Generated by Zerops.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">serviceId</td>
+      <td>ID of the Object storage service. Generated by Zerops.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">hostname</td>
+      <td>The name of the Object storage service.</td>
+    </tr>
+  </tbody>
+</table>
+
 
 ----------------------------------------
 
@@ -16351,63 +23415,101 @@ Zerops creates following environment variables when the Object storage service i
 
 # Object Storage > How To > Create
 
+
 Zerops provides a S3 compatible Object storage service to store your files. Zerops Object storage is powered by [MinIO](https://min.io), a high-performance, S3 compatible object store. MinIO is built for large scale AI/ML, data lake and database workloads.
+
 ## Create Object storage service using Zerops GUI
+
 First, set up a project in Zerops GUI and add a runtime service. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Object storage service:
+
+[Video: /vids/services/object-storage.webm](/vids/services/object-storage.webm)
+
 ### Set a name
+
 Enter a unique service identifier like `storage`,`s3` etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 maximum 25 characters
 must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::note
 The name is fixed after the service is created. It can't be changed later.
 :::
+
 ### Object storage bucket
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 #### Name
+
 Bucket will be created with a name based on the given service name and a random prefix. The name of the bucket cannot be changed later.
+
 #### Access policy
+
 Select one of the basic policy templates:
-  
-      Template
-      Description
-    
-      Public read
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Template</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>Public read</strong></td>
+      <td className="w-fit">
         Allows anyone:
-        
-          to read the bucket's location `(s3:GetBucketLocation)`
-          to list all bucket's objects `(s3:ListBucket)`
-          to get any object of the bucket `(s3:GetObject)`
-        
-      Public objects read
-      
+        <ul>
+          <li>to read the bucket's location `(s3:GetBucketLocation)`</li>
+          <li>to list all bucket's objects `(s3:ListBucket)`</li>
+          <li>to get any object of the bucket `(s3:GetObject)`</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>Public objects read</strong></td>
+      <td className="w-fit">
         Allows anyone:
-        
-          to read the bucket's location `(s3:GetBucketLocation)`
-          to get any object of the bucket `(s3:GetObject)`
-        
-      Public read write
-      
+        <ul>
+          <li>to read the bucket's location `(s3:GetBucketLocation)`</li>
+          <li>to get any object of the bucket `(s3:GetObject)`</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>Public read write</strong></td>
+      <td className="w-fit">
         Allows anyone:
-        
-          to read the bucket's location `(s3:GetBucketLocation)`
-          to list all bucket's objects `(s3:ListBucket)`
-          to get any object of the bucket `(s3:GetObject)`
-          to create a new object in the bucket `(s3:PutObject,s3:ListMultipartUploadParts, s3:AbortMultipartUpload, s3:ListBucketMultipartUploads)`
-          to delete any object of the bucket `(s3:DeleteObject)`
-        
-      Public write
-      Allows anyone to create objects in the bucket `(PutObject action)`
-    
-      Private
-      Denies the access to unauthenticated users.
-    
+        <ul>
+          <li>to read the bucket's location `(s3:GetBucketLocation)`</li>
+          <li>to list all bucket's objects `(s3:ListBucket)`</li>
+          <li>to get any object of the bucket `(s3:GetObject)`</li>
+          <li>to create a new object in the bucket `(s3:PutObject,s3:ListMultipartUploadParts, s3:AbortMultipartUpload, s3:ListBucketMultipartUploads)`</li>
+          <li>to delete any object of the bucket `(s3:DeleteObject)`</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>Public write</strong></td>
+      <td className="w-fit">Allows anyone to create objects in the bucket `(PutObject action)`</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>Private</strong></td>
+      <td className="w-fit">Denies the access to unauthenticated users.</td>
+    </tr>
+  </tbody>
+</table>
+
 Or you can set your own access policy in the [IAM Policy JSON format](https://min.io/docs/minio/linux/administration/identity-access-management/policy-based-access-control.html#policy-document-structure).
+
 #### Example:
+
 ```yaml
 {
   'Version': '2012-10-17',
@@ -16428,171 +23530,250 @@ Or you can set your own access policy in the [IAM Policy JSON format](https://mi
     ],
 }
 ```
+
 :::tip
 The `{{ .BucketName }}` variable will be replaced by the bucket name.
 :::
+
 The bucket's policy can be changed later in Zerops GUI.
+
 #### Quota
+
 Set the bucket quota size in GB. The quota must be set manually. It can be changed later in Zerops GUI. Zerops doesn't support Object storage autoscaling. You can set the bucket quota from 1 to 100 GB.
-  
+
 ## Create Object storage using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Object storage service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](#create-a-project-description-file)
 3. Create a project and an Object storage service
+
 ### Create a project description file
+
 Zerops uses a yaml format file to describe the project infrastructure.
+
 #### Example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # basic project data
 project:
   # project name
   name: my-project
+
   # optional: project description
   description: A project with an Object storage
+
   # optional: project tags
   tags:
     - DEMO
     - ZEROPS
+
 # array of project services
 services:
   - # service name
     hostname: upload
+
     # service type
     type: objectstorage
+
     # Object storage size in GB
     objectStorageSize: 73
+
     # Choose object storage policy from a predefined list
     objectStoragePolicy: public-write
+
     # Or define a custom policy
     objectStorageRawPolicy:
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Object storage service named `upload`. The bucket quota will be set to 73 GB and the bucket access policy will be set to `public-write`.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      Maximum 255 characters
-    
-      description
-      Optional. Description of the new project.
-      
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit">Maximum 255 characters</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains only Object storage service but you can create a description.yaml with different types of services.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the Object storage type objectstorage and version.
-        
+
         Set type: `objectstorage`
-         
-        Limitations:
-        
+
+        <strong>Limitations:</strong>
+
         Currently `objectstorage` or `object-storage` is available.
-      
-      objectStorageSize
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>objectStorageSize</strong></td>
+      <td className="w-fit">
         The size of the bucket quota in GB.
-         
-        Limitations:
-        
+
+        <strong>Limitations:</strong>
+
         Set a whole number between 1 and 100.
-      
-      objectStoragePolicy
-      
-        Optional. Either `objectStoragePolicy` or `objectStorageRawPolicy` is required.
-         
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>objectStoragePolicy</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Either `objectStoragePolicy` or `objectStorageRawPolicy` is required.
+
         Set one of allowed values:
-        
-          `public-read`
-          `public-objects-read`
-          `public-read-write`
-          `public-write`
-          `private`
-        
-        Read more about the basic policy templates.
-      
-      objectStorageRawPolicy
-      
-        Optional. Either `objectStoragePolicy` or `objectStorageRawPolicy` is required.
-         
-        Set your own access policy in the IAM Policy JSON format.
-         
+        <ul>
+          <li>`public-read`</li>
+          <li>`public-objects-read`</li>
+          <li>`public-read-write`</li>
+          <li>`public-write`</li>
+          <li>`private`</li>
+        </ul>
+        Read more about [the basic policy templates](#access-policy).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>objectStorageRawPolicy</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Either `objectStoragePolicy` or `objectStorageRawPolicy` is required.
+
+        Set your own access policy in the [IAM Policy JSON format](https://min.io/docs/minio/linux/administration/identity-access-management/policy-based-access-control.html#policy-document-structure).
+
         The `{{ .BucketName }}` variable will be replaced by the bucket name.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 Bucket will be created with a name based on the given service name and a random prefix. The name of the bucket cannot be changed later.
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Object service to an existing project
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # array of project services
 services:
   - # service name
     hostname: upload
+
     # service type
     type: objectstorage
+
     # Object storage size in GB
     objectStorageSize: 73
+
     # Choose object storage policy from a predefined list
     objectStoragePolicy: public-write
+
     # Or define a custom policy
     objectStorageRawPolicy:
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Object storage service named upload will be created. The bucket quota will be set to 73 GB and the bucket access policy will be set to `public-write`.
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file]. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the `import.yaml` file is 100 kB.
+
 #### Example
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```bash
 # array of project services
 services:
@@ -16602,55 +23783,76 @@ services:
     # service type
     type: objectstorage
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Object storage service in the single container mode with default auto scaling configuration will be added to your project. Hostname of the new service will be set to `storage`.
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file](#create-a-project-description-file). The `import.yaml` never contains the `project:` section because the project already exists.
 
+
 ----------------------------------------
 
 # Object Storage > How To > Curl File
 
+
 This guide explains how to download a single file from a private Object Storage bucket using cURL and a bash script with Zerops object storage.
+
 ## Prerequisites
+
 - Access to Zerops Object Storage
 - Storage credentials (`ACCESS_KEY_ID` and `SECRET_ACCESS_KEY`)
 - Bash environment
 - OpenSSL and cURL installed
+
 :::caution
 Store your storage credentials securely and never commit them to version control.
 :::
+
 ## Script
+
 Save this script as `download-storage.sh`:
+
 ```bash
 #!/bin/bash
+
 server="${3:-storage-prg1.zerops.io}"
 file_path=$2
 bucket=$1
 set -eu pipefail
+
 contentType="application/octet-stream"
 dateValue=`date -R`
 signature_string="GET\n\n${contentType}\n${dateValue}\n/${bucket}/${file_path}"
+
 signature_hash=`echo -en ${signature_string} | openssl sha1 -hmac ${SECRET_ACCESS_KEY} -binary | base64`
+
 curl -sSo ${file_path} \
   -H "Date: ${dateValue}" \
   -H "Content-Type: ${contentType}" \
   -H "Authorization: AWS ${ACCESS_KEY_ID}:${signature_hash}" \
   "https://${server}/${bucket}/${file_path}"
+
 ```
+
 ## Usage
+
 1. Make the script executable:
 ```bash
 chmod +x download-storage.sh
 ```
+
 2. Set your storage credentials as environment variables:
 ```bash
 export ACCESS_KEY_ID=your-access-key
 export SECRET_ACCESS_KEY=your-secret-key
 ```
+
 3. Run the script:
 ```bash
 ./download-storage.sh my-bucket file.pdf
 ```
+
 ## Troubleshooting
+
 - **Permission Denied**: Check your `ACCESS_KEY_ID` and `SECRET_ACCESS_KEY`
 - **File Not Found**: Verify bucket name and file path
 - **Script Error**: Ensure the script has execute permissions
@@ -16659,23 +23861,35 @@ export SECRET_ACCESS_KEY=your-secret-key
 
 # Object Storage > How To > Update Bucket
 
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 To change the bucket size or the access policy, go to the **Access & bucket details** in the Object service detail in Zerops GUI, scroll down and click on the **Configure bucket quota size and access policy** button.
-  
+
 ### Quota
+
 Set the bucket quota size in GB. The quota must be set manually. It can be changed later in Zerops GUI. Zerops doesn't support Object storage autoscaling. You can set the bucket quota from 1 to 100 GB.
+
 ### Access policy
+
 Zerops creates one bucket automatically for each new Object storage service.
+
 :::note
 Each Object storage service can only contain one bucket. If your application needs multiple buckets, add more Object storage services.
 :::
+
 #### Name
+
 Bucket will be created with a name based on the given service name and a random prefix. The name of the bucket cannot be changed later.
+
 #### Access policy
+
 Select one of the basic policy templates:
+
 | Template                   | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                    |
 | -------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
 | <b>Public read</b>         | Allows anyone:<ul><li>to read the bucket's location `(s3:GetBucketLocation)`</li><li>to list all bucket's objects `(s3:ListBucket)`</li><li>to get any object of the bucket `(s3:GetObject)`</li></ul>                                                                                                                                                                                                                                        |
@@ -16684,8 +23898,11 @@ Select one of the basic policy templates:
 | <b>Public write</b>        | Allows anyone to create objects in the bucket `(PutObject action)`                                                                                                                                                                                                                                                                                                                                                                                                  |
 | <b>Private</b>             | Denies the access to unauthenticated users.                                                                                                                                                                                                                                                                                                                                                                                                                                    |
 | <b>Private</b>             | Denies the access to unauthenticated users.                                                                                                                                                                                                                                                                                                                                                                                                                                    |
+
 Or you can set your own access policy in the [IAM Policy JSON format](https://min.io/docs/minio/linux/administration/identity-access-management/policy-based-access-control.html#policy-document-structure).
+
 #### Example:
+
 ```yaml
 {
   'Version': '2012-10-17',
@@ -16706,29 +23923,53 @@ Or you can set your own access policy in the [IAM Policy JSON format](https://mi
     ],
 }
 ```
+
 :::tip
 The `{{ .BucketName }}` variable will be replaced by the bucket name.
 :::
 
+
 ----------------------------------------
 
 # Object Storage > Overview
 
+
 Zerops Object storage is powered by [MinIO ↗](https://min.io/), a high-performance, open-source S3 compatible object store. MinIO is built for large scale AI/ML, data lake and database workloads.
+
 ## Feature Highlights
+
+- [Create Object Storage](/object-storage/how-to/create) — Create your first storage bucket with our step-by-step guide.
+- [Customize Object Storage buckets](/object-storage/how-to/update-bucket) — Configure Object Storage to meet your application needs.
+- [Access Object storage](/object-storage/how-to/access#copy-access-details-from-zerops-gui) — Simplify configuration with environment variables.
+
 ## Popular Guides
+
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
 
+- [FAQ](/nodejs/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
+
 ----------------------------------------
 
 # Php > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your PHP application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -16737,49 +23978,63 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-apache@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - composer install
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - vendor
         - public
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: vendor
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: php-apache@latest
+
       # OPTIONAL. Customize the runtime PHP environment by installing additional
       # dependencies to the base PHP runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your PHP application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # OPTIONAL. Customize the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx or Apache configuration. The file must be deployed in
       # the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -16790,6 +24045,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -16799,11 +24055,22 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for PHP builds:
+
+- `php@8.5`, `php@latest`
+- `php@8.4`
+- `php@8.3`
+- `php@8.1`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -16814,12 +24081,18 @@ zerops:
       base: php-apache@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of PHP, Zerops command line tool, `composer`, `git` and `wget`.
+  major version of PHP, [Zerops command line tool](/references/cli), `composer`, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -16833,34 +24106,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customise your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of PHP defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `composer`, `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -16869,6 +24160,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-apache@latest
+
       # OPTIONAL. Customise the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -16876,20 +24168,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/php/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -16898,40 +24201,57 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-apache@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - composer install
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     composer install --optimize-autoloader --no-dev
     php artisan env
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - composer install --optimize-autoloader --no-dev
   - php artisan env
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/php/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the verbose option.
+
 ```yaml
 buildCommands:
   - composer install -v
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
@@ -16939,56 +24259,81 @@ deployFiles:
   - vendor
   - public
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - public
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -17000,22 +24345,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -17024,6 +24380,7 @@ zerops:
     build:
       base: php-apache@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         PHP_ENV: production
@@ -17032,13 +24389,29 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/php/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current PHP version for your runtime.
+
 Following options are available for PHP builds:
-```yaml
+
+- `php-apache@8.5`, `php-apache@latest`
+- `php-apache@8.4`
+- `php-apache@8.3`
+- `php-apache@8.1`
+
+- `php-nginx@8.5`, `php-nginx@latest`
+- `php-nginx@8.4`
+- `php-nginx@8.3`
+- `php-nginx@8.1`
+
+```yaml
 zerops:
   # hostname of your service
   - setup: app
@@ -17047,18 +24420,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: php-apache@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: php-apache@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
-  selected major version of PHP, Zerops command line tool and `composer`, `git` and `wget`.
+  selected major version of PHP, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17068,6 +24448,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: php-apache@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -17077,52 +24458,86 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 :::info
 If no ports are specified, Zerops adds the port TCP 80 automatically.
 :::
+
 :::caution
 If you want the web server to listen on other port(s) than `:80`, you must [customize](/php/how-to/customize-web-server) your web server configuration as well.
 :::
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a PHP service with hostname = "app" and port = 80 from another service of the same project, simply use `app:80`. Read more about [how to access a PHP service](/references/networking/internal-access#basic-service-communication).
+
 :::info
 Do not use the port **:443**. All the incoming traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your PHP+Nginx / PHP+Apache service as a **http://** on the port **:80**.
 :::
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the PHP runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base PHP environment contains {data.alpine.default}, the selected
-  major version of PHP, Zerops command line tool and `composer`, `git` and `wget`. To install
+  major version of PHP, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`. To install
   additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17130,6 +24545,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -17139,28 +24555,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/php/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
-  
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of PHP, Zerops command line tool and `composer`, `git` and `wget`.
+  selected major version of PHP, [Zerops command line tool](/references/cli) and `composer`, `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -17169,6 +24602,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -17178,15 +24612,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -17195,48 +24634,71 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your PHP application is started.
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/php/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/php/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### documentRoot
+
 _OPTIONAL._ Customizes the folder that will be used as the root of the publicly accessible web server content.
+
 :::info
 By default, the document root is configured to `/var/www`.
 :::
+
 Customize the folder that will be used as the root of the publicly accessible web server content. Enter the path relative to the `/var/www` folder.
 E.g. `documentRoot: public` will set the web server document root to `/var/www/public`.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
 ```
+
 ### siteConfigPath
+
 _OPTIONAL._ Sets the custom Nginx or Apache configuration.
+
 :::info
 By default, the default [nginx](/php/how-to/customize-web-server#default-nginx-configuration) or [Apache](/php/how-to/customize-web-server#default-apache-configuration) web server configuration is set.
 :::
+
 The file must be deployed in the runtime container. Enter the path to the file relative to the `/var/www` folder.
 Read more about the [web server customization](/php/how-to/customize-web-server).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -17251,44 +24713,66 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/php/how-to/env-variables) in Zerops.
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -17296,31 +24780,48 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your PHP application.
+
+        The command has access to the same [environment variables](/php/how-to/create#set-secret-environment-variables) as your PHP application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the folder that will be used as the root of the publicly
       # accessible web server content. Enter the path relative to the /var/www folder.
       documentRoot: public
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -17329,13 +24830,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -17344,40 +24850,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/php/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -17386,30 +24914,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/php/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your PHP application.
+
+        The command has access to the same [environment variables](/php/how-to/create#set-secret-environment-variables) as your PHP application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -17421,8 +24967,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/php/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Php > How To > Build Process
@@ -17439,35 +24987,58 @@ Read more about how the [readiness check works](/php/how-to/deploy-process#readi
 
 # Php > How To > Create
 
+
 Zerops provides 2 PHP services with an included web server: **PHP+Nginx** and **PHP+Apache**. PHP runtime is highly scalable and customisable to suit both development and production.
+
 ## Create PHP service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new PHP service:
+
 ### Choose PHP version
+
 Following PHP versions are currently supported:
+
 :::info
 You can [change](/php/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/php/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create PHP service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new PHP service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/php/how-to/create#create-a-project-description-file)
 3. [Create a project with a PHP and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -17488,13 +25059,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one PHP version 8.1 service with default [auto scaling](/php/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/php/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -17539,114 +25115,172 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a PHP service and a [PostgreSQL](/postgresql/overview) service.
+
 PHP service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/php/how-to/build-pipeline#ports). PHP service will run on version 8.1 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains PHP and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new service will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [PHP service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/php/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/php/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/php/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/php/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add PHP service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -17667,35 +25301,42 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one PHP service version 8.1 with default [auto scaling](/php/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Php > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add --no-cache imagemagick)',
-  'PHP extensions: When you need additional PHP extensions not included by default',
-  'Native dependencies: When your Composer packages require system libraries that aren\'t in the default environment',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 ## Overwrite php.ini files
+
 You can override PHP configuration directives by setting environment variables in your `zerops.yaml` file.
+
 Here's an example of how to adjust PHP's `post_max_size` directive:
 ```yaml
 zerops:
@@ -17705,17 +25346,24 @@ zerops:
     run:
       # REQUIRED. Sets the base technology for the runtime environment:
       base: php-nginx@8.3
+
       # OPTIONAL. Defines the env variables for the runtime:
       envVariables:
         PHP_INI_post_max_size: 10M
 ```
+
 :::info
 After updating PHP-FPM configuration in your `zerops.yaml` file, you need to restart or reload the app for the changes to take effect.
 :::
+
 ## PHP-FPM
+
 ### Default PHP-FPM configuration
+
 PHP-FPM (FastCGI Process Manager) uses the **dynamic** process management mode by default. In this mode, the system automatically adjusts the number of PHP processes based on current load.
+
 The default PHP-FPM configuration uses these values:
+
 - `PHP_FPM_PM` = `dynamic`
 - `PHP_FPM_PM_MAX_CHILDREN` = `20`
 - `PHP_FPM_PM_START_SERVERS` = `2`
@@ -17723,7 +25371,9 @@ The default PHP-FPM configuration uses these values:
 - `PHP_FPM_PM_MAX_SPARE_SERVERS` = `3`
 - `PHP_FPM_PM_MAX_SPAWN_RATE` = `32`
 - `PHP_FPM_PM_MAX_REQUESTS` = `500`
+
 ### Dynamic mode
+
 To adjust the dynamic mode settings, add the desired environment variables to the run section:
 ```yaml
 zerops:
@@ -17739,7 +25389,9 @@ zerops:
         PHP_FPM_PM_MAX_SPARE_SERVERS: 10
         PHP_FPM_PM_MAX_REQUESTS: 1000
 ```
+
 ### Ondemand mode
+
 The **ondemand** mode is ideal for applications with lower traffic, where processes are created only when requests arrive. To enable ondemand mode:
 ```yaml
 zerops:
@@ -17754,10 +25406,13 @@ zerops:
         PHP_FPM_PM_PROCESS_IDLE_TIMEOUT: 60s
         PHP_FPM_PM_MAX_REQUESTS: 500
 ```
+
 **Available parameters for ondemand mode:**
+
 - `PHP_FPM_PM_MAX_CHILDREN` – maximum number of child processes
 - `PHP_FPM_PM_PROCESS_IDLE_TIMEOUT` – time after which idle processes are terminated (default: `60s`)
 - `PHP_FPM_PM_MAX_REQUESTS` – number of requests each process handles before being recycled (default: `500`)
+
 :::info
 After updating PHP-FPM configuration in your `zerops.yaml` file, you need to restart or reload the app for the changes to take effect.
 :::
@@ -17766,61 +25421,91 @@ After updating PHP-FPM configuration in your `zerops.yaml` file, you need to res
 
 # Php > How To > Customize Web Server
 
+
 ## PHP + Nginx
+
 ### Default Nginx configuration
+
 The default PHP+Nginx service has following Nginx configuration:
+
 ```
 server {
     listen 80;
     listen [::]:80;
+
     server_name _;
+
     # Be sure that you set up the correct document root!
     root {{.DocumentRoot}};
+
     location ~ \.php {
         try_files _ @backend;
     }
+
     location / {
         # use this for pretty url
         try_files $uri /$uri /index.html /index.php$is_args$args;
     }
+
     location @backend {
         fastcgi_pass unix:{{.PhpSocket}};
         fastcgi_split_path_info ^(.+\.php)(/.*)$;
         include fastcgi_params;
+
         fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
         fastcgi_param DOCUMENT_ROOT $realpath_root;
         internal;
     }
+
     access_log syslog:server=unix:/dev/log,facility=local1,tag=nginx,severity=info default_short;
     error_log syslog:server=unix:/dev/log,facility=local1,tag=nginx,severity=error;
 }
 ```
+
 The configuration contains 2 variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/php/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 - **`{{.PhpSocket}}`** is replaced by a path to the PHP socket based on the PHP version.
+
 ### Customize Nginx configuration
+
 Follow these steps to customize the Nginx configuration in PHP+Nginx service:
+
 1. Create a **.tmpl** file with the Apache configuration in your repository.
+
 2. Optionally use following variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/php/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 Example:
+
 ```
 root {{.DocumentRoot}};
 ```
+
 - **`{{.PhpSocket}}`** is replaced by a path to the PHP socket based on the PHP version.
+
 Example:
+
 ```
 fastcgi_pass unix:{{.PhpSocket}};
 ```
+
 - **`{{.Environment.ENV_NAME}}`** is replaced by the [env variable](/php/how-to/env-variables) value. The env variable must be either defined in [run.envVariables](/php/how-to/build-pipeline#envvariables-1) in `zerops.yaml` or set as a [secret](/php/how-to/env-variables#set-secret-env-variables-in-zerops-gui) or [generated](/php/how-to/env-variables#generated-env-variables) env variable in Zerops GUI.
+
 :::caution
 Use the **.tmpl** file extension to make Zerops interpret the file as a template. Zerops will replace the supported variables listed above.
 :::
+
 3. Check that your Nginx configuration is consistent with Zerops requirements:
+
 - Do not use IP addresses in the `listen` directive
-- If you use other ports than `:80` in the `listen` directive, add them to the `run.ports` in your `zerops.yaml` as well.
+- If you use other ports than `:80` in the `listen` directive, add them to the [`run.ports`](/php/how-to/build-pipeline#ports) in your `zerops.yaml` as well.
 - Do not use the port **:443**. All the incoming `https://` traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your PHP+Nginx service as a **http://** on the port **:80**.
-4. Add the `siteConfigPath` to the run section of your `zerops.yaml`
+
+4. Add the [`siteConfigPath`](/php/how-to/build-pipeline#siteconfigpath) to the run section of your `zerops.yaml`
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -17829,63 +25514,84 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-nginx@latest
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - vendor
         - public
+
     # ==== how to run your application ====
     run:
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx or Apache configuration. The file must be deployed in the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
-5. Ensure that the `build.deployFiles` contains the folder with the `siteConfigPath` or add the path to the Nginx config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
+5. Ensure that the [`build.deployFiles`](/php/how-to/build-pipeline#deployfiles) contains the folder with the `siteConfigPath` or add the path to the Nginx config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
 6. [Trigger](/php/how-to/trigger-pipeline) the build & deploy pipeline.
+
 ## PHP + Apache
+
 ### Default Apache configuration
+
 The default PHP+Apache service has following Apache configuration:
+
 ```
-    ServerName localhost
-    DocumentRoot {{.DocumentRoot}}
-    DirectoryIndex index.htm index.html index.shtml index.php index.phtml
-    
-        Options -Indexes
-        Options FollowSymLinks
-        AllowOverride All
-        Require all granted
-    
-            SetHandler "proxy:unix:{{.PhpSocket}}|fcgi://localhost/"
-        
+
+    </FilesMatch>
+
     ErrorLog  "| /usr/bin/logger -tapache -plocal1.err"
     CustomLog "| /usr/bin/logger -tapache -plocal1.notice" combined
+</VirtualHost>
 ```
+
 The configuration contains 2 variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/php/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 - **`{{.PhpSocket}}`** is replaced by a path to the PHP socket based on the PHP version.
+
 ### Customize Apache configuration
+
 Follow these steps to customize the Apache configuration in PHP+Apache service:
+
 1. Create a **.tmpl** file with the Nginx configuration in your repository.
+
 2. Optionally use following variables:
-- **`{{.DocumentRoot}}`** is replaced by the `run.documentRoot` attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
+- **`{{.DocumentRoot}}`** is replaced by the [`run.documentRoot`](/php/how-to/build-pipeline#documentroot) attribute from the `zerops.yaml`. If the attribute is not specified, the default value `/var/www` is used.
+
 Example:
+
 ```
 DocumentRoot {{.DocumentRoot}};
 ```
+
 - **`{{.PhpSocket}}`** is replaced by a path to the PHP socket based on the PHP version.
+
 Example:
+
 ```
-    SetHandler "proxy:unix:{{.PhpSocket}}|fcgi://localhost/"
+
 ```
+
 - **`{{.Environment.ENV_NAME}}`** is replaced by the [env variable](/php/how-to/env-variables) value. The env variable must be either defined in [run.envVariables](/php/how-to/build-pipeline#envvariables-1) in `zerops.yaml` or set as a [secret](/php/how-to/env-variables#set-secret-env-variables-in-zerops-gui) or [generated](/php/how-to/env-variables#generated-env-variables) env variable in Zerops GUI.
+
 :::caution
 Use the **.tmpl** file extension to make Zerops interpret the file as a template. Zerops will replace the supported variables listed above.
 :::
+
 3. Check that your Apache configuration is consistent with Zerops requirements:
-- Do not use IP addresses in the `` directive
-- If you use other ports than `:80` in the `` directive, add them to the `run.ports` in your `zerops.yaml` as well.
+
+- Do not use IP addresses in the `<VirtualHost>` directive
+- If you use other ports than `:80` in the `<VirtualHost>` directive, add them to the [`run.ports`](/php/how-to/build-pipeline#ports) in your `zerops.yaml` as well.
   Do not use the port **:443**. All the incoming `https://` traffic is terminated on the Zerops internal balancer where the SSL certificate is installed and the request is forwarded to your PHP+Apache service as a **http://** on the port **:80**.
-4. Add the `siteConfigPath` to the run section of your `zerops.yaml`.
+
+4. Add the [`siteConfigPath`](/php/how-to/build-pipeline#siteconfigpath) to the run section of your `zerops.yaml`.
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -17894,20 +25600,26 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: php-apache@latest
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - vendor
         - public
+
     # ==== how to run your application ====
     run:
       documentRoot: public
+
       # OPTIONAL. Sets the custom Nginx or Apache configuration. The file must be deployed in the runtime container. Enter the path to the file relative to the /var/www folder
       siteConfigPath: site_config.tmpl
 ```
-5. Ensure that the `build.deployFiles` contains the folder with the `siteConfigPath` or add the path to the Apache config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
+5. Ensure that the [`build.deployFiles`](/php/how-to/build-pipeline#deployfiles) contains the folder with the `siteConfigPath` or add the path to the Apache config file to the `deployFiles` list. Zerops will deploy the file to the runtime container(s).
+
 6. [Trigger](/php/how-to/trigger-pipeline) the build & deploy pipeline.
 
+
 ----------------------------------------
 
 # Php > How To > Deploy Process
@@ -17960,13 +25672,21 @@ zerops:
 
 # Php > Overview
 
+
 [PHP ↗](https://www.php.net/), a popular general-purpose scripting language that is especially suited to web development.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-php-hello-world), a **_recipe_**, containing the most simple PHP web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of PHP running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of PHP running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "php" recipe on Zerops](https://app.zerops.io/recipe/?lf=php)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-php-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -17978,195 +25698,293 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-php-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/php/how-to/create) — Dive in all Zerops has to offer for your PHP application.
+
 ## Feature Highlights
+
+- [Create PHP service](/php/how-to/create) — Start with creating a PHP service using GUI or zCLI.
+- [zerops.yaml](/php/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/php/how-to/scaling) — Set up scaling of your PHP application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/php/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/php/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/php/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Postgresql > Faq
 
-  Question: How do I properly use PostgreSQL in HA mode?
-Answer: 
-    In High Availability (HA) mode, PostgreSQL runs on multiple containers with a primary node and replicas. To get the most out of this setup:
+
+  **Question: How do I properly use PostgreSQL in HA mode?**
+
+In High Availability (HA) mode, PostgreSQL runs on multiple containers with a primary node and replicas. To get the most out of this setup:
+
     - Use port `5432` for all write operations (INSERT, UPDATE, DELETE) — this always routes to the primary node
     - Use port `5433` for read operations (SELECT) — this distributes queries across all replicas, improving performance
+
     The read replica port (`5433`) is only available in HA mode. If you're running PostgreSQL in single container (NON_HA) mode, only port `5432` is available.
+
     See [Connection Parameters](/postgresql/how-to/connect#connection-parameters) for all available ports and environment variables.
-  
-  Question: Why is my connection to PostgreSQL from third-party software failing?
-Answer: 
-    *One possible cause:* 
+
+  **Question: Why is my connection to PostgreSQL from third-party software failing?**
+
+*One possible cause:*
+
     The connection string in Zerops always starts with `postgresql://`. While the official PostgreSQL documentation
     states that both `postgresql://` and `postgres://` URIs are valid, some software requires the shorter `postgres://`
     version.
-    
+
     To resolve this, create your own environment variable with the correct URI. For example, if your PostgreSQL service is named `db`, use the following format:
-    
+
     ```
     postgres://${db_user}:${db_password}@${db_hostname}:${db_port}
     ```
-  
+
 
 ----------------------------------------
 
 # Postgresql > How To > Backup
 
+
 Zerops provides automated data backup for PostgreSQL services with full encryption and flexible management options.
+
 For general backup information including configuration, scheduling, and management options, see the [Zerops Backups](/features/backup) documentation, which covers:
 - Backup scheduling and retention policies
 - Tagging system and storage quotas
 - Manual backup creation and CLI tools
 - Security and encryption details
+
 This page focuses on PostgreSQL-specific backup details.
+
 ## PostgreSQL Backup Format
+
 PostgreSQL backups are created using `pg_dump` and stored in `.zip` format:
+
 - **Format**: `.zip` (containing per-schema `.dump` files)
 - **Tooling**: `pg_dump`
 - **Compression**: Custom format (`-Fc`), schema files named `schemaName.dump`
 - **Storage**: Encrypted and stored in isolated object storage
+
 ## Restoring PostgreSQL Backups
+
 To restore a PostgreSQL backup:
+
 1. **Download** the backup file (`.zip`) from the Zerops UI
 2. **Extract** the zip file to access the individual schema dump files
 3. **Prepare** your target environment (clean existing data or use a new instance)
 4. **Restore** using PostgreSQL native tools. Follow the [official PostgreSQL backup documentation](https://www.postgresql.org/docs/current/backup-dump.html) for detailed restore procedures, or use web-based management tools like phpMyAdmin or Adminer as described in [PostgreSQL Management](/postgresql/how-to/manage).
+
 For assistance with the restoration process, contact Zerops support.
+
 ## High Availability
+
 For PostgreSQL services running in High Availability mode:
 - Backups are created on a randomly selected healthy node
 - Other nodes remain operational during the backup process
 - Manual backups typically run on the primary node
+
 ## Best Practices
+
 - Always create a manual backup with a protected tag before database migrations or major schema changes
 - Test your restore process periodically in a non-production environment
 - Monitor your backup storage usage in the Project Overview
 - Use descriptive tags like `pre-migration-v2` for important snapshots
 - Consider the order of schema restoration if you have dependencies between schemas
+
 For additional best practices and troubleshooting, refer to the [main backup documentation](/features/backup).
 
 ----------------------------------------
 
 # Postgresql > How To > Connect
 
+
 This guide covers how to connect to your PostgreSQL database in Zerops, both from services within the same project and from outside the Zerops environment.
+
 ## Connection Options Overview
+
 Zerops provides several ways to connect to PostgreSQL:
+
 1. **Internal connections** - Between services in the same Zerops project (via private network)
 2. **Remote connections**:
    - **VPN access** - From your local machine via Zerops VPN
    - **Direct IP access** - Enables external applications to connect using TLS encryption by opening public ports on IPv6 (available by default) or IPv4 (requires add-on activation if not already enabled)
+
 ## Connection Details
+
 You'll find PostgreSQL connection details in the service detail page under the **Peek access details** button (shows hostname, port, user, password, and connection string).
+
 The full list of connection-related environment variables is available in the service detail under **Environment variables**.
+
 ### Connection Parameters
-  
-      Parameter
-      Internal
-      External (TLS)
-      Env Variable
-    
-      Hostname
-      Service hostname
-      Public IP address
-      `hostname`
-    
-      Port (primary)
-      5432
-      6432 (via pgBouncer)
-      `port` / `portTls`
-    
-      Port (replicas, HA only)
-      5433
-      N/A
-      `portReplicas`
-    
-      User
-      Identical to hostname
-      Same as internal
-      `user`
-    
-      Password
-      Generated at creation
-      Same as internal
-      `password`
-    
-      Connection string (primary)
-      `postgresql://${user}:${password}@${hostname}:5432/${dbName}`
-      Same format with TLS port
-      `connectionString` / `connectionTlsString`
-    
-      Connection string (replicas, HA only)
-      `postgresql://${user}:${password}@${hostname}:5433/${dbName}`
-      N/A
-      `connectionStringReplicas`
-    
-      Database name
-      db
-      Same as internal
-      `dbName`
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Internal</th>
+      <th className="w-fit">External (TLS)</th>
+      <th className="w-fit">Env Variable</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Hostname</td>
+      <td className="w-fit">Service hostname</td>
+      <td className="w-fit">Public IP address</td>
+      <td className="w-fit">`hostname`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Port (primary)</td>
+      <td className="w-fit">5432</td>
+      <td className="w-fit">6432 (via pgBouncer)</td>
+      <td className="w-fit">`port` / `portTls`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Port (replicas, HA only)</td>
+      <td className="w-fit">5433</td>
+      <td className="w-fit">N/A</td>
+      <td className="w-fit">`portReplicas`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">User</td>
+      <td className="w-fit">Identical to hostname</td>
+      <td className="w-fit">Same as internal</td>
+      <td className="w-fit">`user`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Password</td>
+      <td className="w-fit">Generated at creation</td>
+      <td className="w-fit">Same as internal</td>
+      <td className="w-fit">`password`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Connection string (primary)</td>
+      <td className="w-fit">`postgresql://${user}:${password}@${hostname}:5432/${dbName}`</td>
+      <td className="w-fit">Same format with TLS port</td>
+      <td className="w-fit">`connectionString` / `connectionTlsString`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Connection string (replicas, HA only)</td>
+      <td className="w-fit">`postgresql://${user}:${password}@${hostname}:5433/${dbName}`</td>
+      <td className="w-fit">N/A</td>
+      <td className="w-fit">`connectionStringReplicas`</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold whitespace-nowrap">Database name</td>
+      <td className="w-fit">db</td>
+      <td className="w-fit">Same as internal</td>
+      <td className="w-fit">`dbName`</td>
+    </tr>
+  </tbody>
+</table>
+
 :::tip
 If you're running PostgreSQL in High Availability (HA) mode, configure your application to route read queries to port **5433**. This distributes the load across all replicas, reducing pressure on the primary node and improving overall throughput.
 :::
+
 :::warning
 Zerops creates a system user named `zps` with full privileges for maintenance purposes. Do not delete, change the password, or remove privileges from this user, as it will disrupt Zerops' ability to maintain the database cluster.
 :::
+
 :::info
 For more information about default PostgreSQL setup, users, and databases, see [Manage PostgreSQL Users and Databases](/postgresql/how-to/manage).
 :::
+
 ## Connect from Services in the Same Project
+
 All services within a Zerops project share a dedicated private network. There are two ways to implement connections between services in the same project:
+
 ### Method 1: Direct Connection Parameters
+
 You can directly use the connection parameters from Peek Access Details:
+
 ```
 host = database1
 port = 5432
 user = database1
 password = ********** (find under Peek Access Details)
 ```
+
 For read operations in HA mode, use port `5433` instead of `5432` with the same credentials.
+
 ### Method 2: Environment Variables (Recommended)
+
 For better maintainability, Zerops creates environment variables for each PostgreSQL service that you can use in your application configuration. List of service environment variables is available in Zerops GUI. Go to a PostgreSQL service detail and choose **Environment variables**.
+
 To use variables from one service in another, prefix the variable name with the service hostname and underscore - to access the `connectionString` variable of `postgresql1`, use `postgresql1_connectionString`.
+
 For read-only connections (HA mode only), use the `connectionStringReplicas` variable instead.
+
 For more details on how to use environment variables, and instructions for adding your own custom variables, see the [Environment Variables](/features/env-variables) documentation.
+
 :::caution Important notes
 - When changing passwords, update both the database user password and the environment variable separately - they don't automatically synchronize.
 - While both `postgresql://` and `postgres://` URI formats are valid, Zerops uses the `postgresql://` format. If your software requires `postgres://`, create a custom environment variable with this format.
 - Do not use SSL/TLS protocols for internal connections. Security is assured by the project's private network.
 :::
+
 ## Connect Remotely
+
 Zerops offers two methods for connecting to your PostgreSQL database from outside the Zerops environment:
+
 ### Method 1: Connect via Zerops VPN
+
 You can securely connect to PostgreSQL from your local workstation via Zerops VPN:
+
 1. [Install & set up zCLI](/references/cli)
 2. [Start the Zerops VPN](/references/networking/vpn#start-vpn)
 3. Use the connection details from Access Details in the PostgreSQL service detail in Zerops GUI
 4. When finished, [stop the Zerops VPN](/references/networking/vpn#stop-vpn)
+
 :::warning Important notes
 * Do not use SSL/TLS protocols when connecting over VPN. Security is provided by the VPN tunnel.
 * If your connection over VPN doesn't work, try adding `.zerops` suffix to the service hostname (e.g., `database1.zerops`). For additional help, check the [VPN troubleshooting page](/references/networking/vpn#troubleshooting).
 :::
+
 ### Method 2: Connect via Direct IP Access
+
 Direct IP Access uses [pgBouncer](https://www.pgbouncer.org/) for connection pooling and TLS termination.
+
 Internally, port `5432` is available without SSL (and port `5433` for reads in HA mode). Externally, connections are secured with TLS through pgBouncer (port `6432`) before being routed to your PostgreSQL service. The read replica port is not available for external connections.
+
 #### Enable external access
+
 1. Navigate to your PostgreSQL service in the Zerops GUI and choose the **Public Access through IP Addresses** section
 2. Choose either IPv6 (available by default) or IPv4 (requires the [unique IPv4](/references/networking/public-access#ipv4-configuration) add-on)
 3. Open one or more ports and point them to your PostgreSQL service (the system will direct them through pgBouncer)
@@ -18177,6 +25995,7 @@ Internally, port `5432` is available without SSL (and port `5433` for reads in H
    - Port configurations can be set independently for IPv4 and IPv6
 4. Optionally enable firewall protection for additional security
 5. Click the **Publish X IP access change(s)** button to apply your settings
+
 For database management tools and how to manage users and databases, see [Manage PostgreSQL Users and Databases](/postgresql/how-to/manage).
 
 ----------------------------------------
@@ -18189,43 +26008,70 @@ For database management tools and how to manage users and databases, see [Manage
 
 # Postgresql > How To > Create
 
+
 ## Create PostgreSQL using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new PostgreSQL service:
+
+[Video: /vids/services/postgres.webm](/vids/services/postgres.webm)
+
 ### Choose PostgreSQL version
+
 Following PostgreSQL versions are currently supported:
+
 ### Set a hostname
+
 Enter a unique service identifier like `postgresql`, `sql`, `db` etc.
+
 #### Limitations:
+
 - Duplicate services with the same name within the same project are not allowed
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created and cannot be changed later.
 :::
+
 ### Configure auto scaling
+
 Zerops automatically scales PostgreSQL services based on actual database usage. Configure the scaling parameters to match your database needs and control costs.
+
 **CPU Mode**: Choose between shared (cost-effective) or dedicated (consistent performance).
+
 **Resource Limits**: Set minimum and maximum resources for CPU, RAM, and disk to control costs and ensure performance.
+
 **Deployment Mode**: Choose the reliability configuration for your PostgreSQL service:
+
 - **Highly Available**: Multiple containers with redundancy across different physical machines. Recommended for production environments.
 - **Single Container**: One container suitable for development and non-critical environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 :::tip Learn More
 For detailed scaling configuration, deployment mode details, and troubleshooting, see:
 - [How Zerops scales PostgreSQL](/postgresql/how-to/scale) - Database-specific scaling guide
 - [Automatic Scaling and High Availability](/features/scaling) - Complete technical details
 :::
+
 ## Create PostgreSQL using zCLI
+
 zCLI is the Zerops command-line tool. To create a new PostgreSQL service via the command line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](#create-a-project-description-file)
 3. Create a project and a PostgreSQL service
+
 ### Create a project description file
+
 Zerops uses a YAML format file to describe the project infrastructure.
+
 #### Basic example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # Basic project data
 project:
@@ -18240,9 +26086,13 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The YAML file describes your future project infrastructure. The project will contain one PostgreSQL service in the single container mode with default [auto scaling](/postgresql/how-to/scale) configuration. The hostname will be set to `postgresql1`.
+
 #### Full example
+
 Create a directory `my-project`. Create a `description.yaml` file inside the directory with the following content:
+
 ```yaml
 # Basic project data
 project:
@@ -18281,124 +26131,194 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The YAML file describes your future project infrastructure. The project will contain two PostgreSQL services.
+
 The hostname of the first service will be set to `postgresql1`. The [high availability](/features/scaling#highly-available-ha-mode) mode will be chosen and the custom [auto scaling configuration](/postgresql/how-to/scale) will be set.
+
 The hostname of the second service will be set to `postgresql2`. The [single container](/features/scaling#single-container-mode) mode will be chosen and the default [auto scaling configuration](/postgresql/how-to/scale) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in the `services:` section is required. You can create a project with multiple services. The example above contains only PostgreSQL services but you can create a `description.yaml` with [different types] of services.
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        The hostname of the new database will be set to the `hostname` value. 
-        
-        Limitations:
-        
+
+        The hostname of the new database will be set to the `hostname` value.
+
+        <b>Limitations:</b>
+
 - duplicate services with the same name in the same project are
         forbidden
-        
+
         - maximum 25 characters
-        
+
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-      
-        type
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [PostgreSQL service types](/references/import-yaml/type-list#database-services) are currently supported.
-      
-    mode
-  
+      </td>
+    </tr>
+<tr>
+  <td className="w-fit">
+    <b>mode</b>
+  </td>
+  <td className="w-fit">
     Defines the operation mode of the PostgreSQL service.
-    
-    HA
-    
+
+    <b>HA</b>
+
     Creates a PostgreSQL cluster with 3 database containers and 2 free
     database proxies. This mode is suited for production.
-    
+
     Zerops always keeps the 3 database containers on different physical
     machines. All your data is stored redundantly in 3 identical copies. In
     case of a failure of a container or the underlying physical machine,
     Zerops automatically disconnects the failed container from the cluster,
     creates a new container and syncs all data from the remaining 2 copies.
     Finally, the broken container is automatically deleted.
-    
-    In HA mode, a dedicated read replica port (5433) is available, allowing you to route read queries to replicas for better performance. See Connection Parameters for details.
-    
-    NON_HA
-    
+
+    In HA mode, a dedicated read replica port (<code>5433</code>) is available, allowing you to route read queries to replicas for better performance. See [Connection Parameters](/postgresql/how-to/connect#connection-parameters) for details.
+
+    <b>NON_HA</b>
+
     Zerops will create a PostgreSQL database installed in a single
     container. Useful for non-essential data or dev environments.
-    
+
     Your data is stored only in a single container. If the container or the
     the underlying physical machine fails, your data since the last backup are
     lost. Zerops doesn't provide any automatic repairs of a single node
     PostgreSQL services.
-  
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto-scaling parameters.
+  </td>
+</tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto-scaling parameters](/postgresql/how-to/scale#configure-scaling).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 :::caution
 The PostgreSQL service **hostname** and **mode** are fixed after the service is created. They can't be changed later.
 :::
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project will be created.
       --working-dir string   Sets a custom working directory. The default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 The maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add PostgreSQL service to an existing project
+
 #### Example
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```bash
 # array of project services
 services:
@@ -18410,97 +26330,145 @@ services:
     # mode of operation "HA"/"NON_HA"
     mode: NON_HA
 ```
+
 The YAML file describes the list of one or more services that you want to add to your existing project. In the example above, one PostgreSQL service in the [single container](/features/scaling#single-container-mode) with default [auto scaling](/postgresql/how-to/scale) configuration will be added to your project. The hostname of the new service will be set to `postgresql1`.
+
 The content of the `services:` section of `import.yaml` is identical to the [project description file](#create-a-project-description-file). The `import.yaml` never contains the `project:` section because the project already exists.
+
 When your `import.yaml` is ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command will be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 The maximum size of the `import.yaml` file is 100 kB.
 
 ----------------------------------------
 
 # Postgresql > How To > Export Import Data
 
+
 ## Use Adminer or phpMyAdmin to export or import data
 * [Adminer ↗](https://www.adminer.org) - an open source full-featured database management tool written in PHP
 * [phpMyAdmin ↗](https://www.phpmyadmin.net) - a free software tool written in PHP, intended to handle the administration of PostgreSQL over the Web
+
 1. [Install the tools to Zerops](/postgresql/how-to/manage#installing-management-tools)
 2. Use their standard export or import functions
+
 ## Use a database management tool on your workstation to export or import data
+
 Do you already use a database management tool that supports PostgreSQL on your workstation? Connect it securely to PostgreSQL from your local workspace via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to PostgreSQL remotely](/postgresql/how-to/connect#connect-remotely).
 :::caution
 Do not use SSL/TLS protocols when connecting to PostgreSQL over VPN. Zerops PostgreSQL is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 Once the connection to PostgreSQL is established, use the standard export or import functions of your favourite management tool.
+
 ## Use psql CLI to export or import data
+
 If you are using the [psql ↗](https://www.postgresql.org/docs/current/app-psql.html) command-line client to manage your PostgreSQL on your local workspace, you can connect it securely to PostgreSQL via Zerops VPN.
+
 Zerops VPN client is included into zCLI, the Zerops command-line tool. To start the VPN connection, read [how to connect to PostgreSQL remotely](/postgresql/how-to/connect#connect-remotely).
+
 Once the VPN session is established, you have the secured connection to the project's private network in Zerops. You can access all project services locally by using their hostname. The only difference is that no [environment variables](/postgresql/how-to/connect#method-2-environment-variables-recommended) are available when connected through VPN. To connect to PostgreSQL in Zerops you have to copy the [access details](/postgresql/how-to/connect#connection-details) manually from Zerops GUI.
+
 Use [psql ↗](https://www.postgresql.org/docs/current/app-psql.html) command to connect to PostgreSQL in Zerops:
+
 ```sh
 psql -h [hostname] -U [user] -p [password] -d [database_name]
 ```
+
 :::caution
 Do not use SSL/TLS protocols when connecting to PostgreSQL over VPN. Zerops PostgreSQL is not configured to support these protocols. The security is assured by the VPN.
 :::
+
 To export your database data and structure, use the [pg_dump ↗](https://www.postgresql.org/docs/current/backup-dump.html) command.
+
 ```sh
 pg_dump [database_name] > dumpfilename.sql
 ```
+
 To import your database data and structure, use the `mysql` command.
+
 ```sh
 mysql [database_name] < dumpfilename.sql
 ```
 
+
 ----------------------------------------
 
 # Postgresql > How To > Manage
 
+
 This guide covers how to manage your PostgreSQL databases in Zerops, including default setup, database management tools, plugins, and best practices.
+
 ## Default Database and User
+
 Zerops creates a default database and user automatically when a new PostgreSQL service is [created](/postgresql/how-to/create).
+
 ### Database
+
 - **Name**: Identical to the service hostname
 - **Encoding**: `utf8mb4`
+
 ### DB User
+
 - **Username**: Identical to the service hostname
 - **Password**: Generated randomly
+
 :::info
 For connection methods and environment variables, see the [Connect to PostgreSQL in Zerops](/postgresql/how-to/connect) page.
 :::
+
 :::caution Important notes
 - When changing passwords, update both the database user password and the environment variable separately - they don't automatically synchronize.
 - While both `postgresql://` and `postgres://` URI formats are valid, Zerops uses the `postgresql://` format. If your software requires `postgres://`, create a custom environment variable with this format.
 - Do not use SSL/TLS protocols for internal connections. Security is assured by the project's private network.
 :::
+
 ## Database Management Tools
+
 You can use any PostgreSQL management tool of your choice to administer your databases in Zerops. For convenience, Zerops provides ready-to-use recipes for two popular web-based database management tools:
+
 * [Adminer](https://www.adminer.org) - a lightweight database management tool by Jakub Vrána
 * [phpMyAdmin](https://www.phpmyadmin.net) - a popular free database administration tool that works with both MySQL and PostgreSQL databases
+
 ### Installing Management Tools
+
 You can install these tools with a simple one-click import in Zerops:
+
 1. In Zerops GUI, open your project and select **Import services** from the left menu
 2. Copy and paste one of the following YAML configurations:
+
 ### Accessing Management Tools
+
 After installation, you can access these tools via VPN:
+
 1. [Start the Zerops VPN](/references/networking/vpn)
 2. Type `http://adminer` or `http://phpmyadmin` in your browser
+
 :::tip
 Try `http://adminer.zerops` or `http://phpmyadmin.zerops` if you encounter any connection issues.
 :::
+
 :::caution
 Do not use https when connecting to management tools via VPN.
 :::
+
 ## Database Tools on Your Workstation
+
 You can use various database management tools from your local workstation to connect to your PostgreSQL database in Zerops:
+
 1. **Establish a secure tunnel** using the [Zerops VPN](/references/networking/vpn) to create an encrypted connection to your Zerops project
 2. **Obtain the [connection details](/postgresql/how-to/connect#connection-details)** from Zerops GUI
     - Environment variables are not available through VPN connections
@@ -18511,31 +26479,45 @@ You can use various database management tools from your local workstation to con
         ```sh
         psql -h [hostname] -U [user] -d [database_name]
         ```
+
 :::tip
     Try `{hostname}.zerops` instead of just `{hostname}` if you encounter any connection issues.
 :::
+
 ## How to install and manage PostgreSQL plugins
+
 ### Viewing available plugins
 You can list all available PostgreSQL plugins by running the following query *(superuser privileges not required)*:
+
 ```sql
 SELECT * FROM pg_available_extensions ORDER BY name;
 ```
+
 ### Installing plugins (requires superuser)
+
 1. **Connect with superuser credentials**:
    - Use the `superUser` (user `postgres`) and `superUserPassword` environment variables from your PostgreSQL service
+
 2. **Switch to your service database**:
    When logging in as the superuser, you're initially in the `postgres` database, not your service database.
+
 3. **Install required extensions**:
    ```sql
    CREATE EXTENSION pg_stat_statements;
    CREATE EXTENSION vector;
    CREATE EXTENSION postgis;
    ```
+
 :::warning
 Currently, it is not possible to add new plugins that are not already listed in `pg_available_extensions`.
 :::
+
 When working with text search functionality, you'll need to reference the correct `stop`, `dict`, and `affix` files when creating dictionaries in your database. These files are essential for proper text search configuration.
+
 Zerops PostgreSQL includes the following dictionary files:
+
+#### Available dictionary files
+
 **Stop word files** - used to remove common words that don't add significant meaning:
 ```
 czech.stop
@@ -18572,101 +26554,165 @@ sk_SK.dict
 ```
 unaccent.rules
 ```
+
 For more information on text search dictionaries, refer to the [PostgreSQL documentation](https://www.postgresql.org/docs/16/textsearch-dictionaries.html).
 
 ----------------------------------------
 
 # Postgresql > How To > Scale
 
+
 Zerops automatically scales your PostgreSQL service based on actual database usage. When your database needs more power, resources increase. When demand drops, resources scale down to reduce costs.
+
 :::tip Read More
 For complete scaling details across all services, see [Automatic Scaling and High Availability](/features/scaling).
 :::
+
 ## How PostgreSQL scaling works
+
 PostgreSQL services use **vertical scaling** to adjust CPU, RAM, and disk resources within containers based on usage patterns. Unlike runtime services, PostgreSQL does not use horizontal scaling (adding/removing containers). Instead, PostgreSQL services use deployment modes for high availability.
+
 ## Configure scaling
+
 You can configure scaling settings:
+
 - **During service creation** - Set initial scaling parameters when [creating](/postgresql/how-to/create) your PostgreSQL service
 - **During import** - Define scaling configuration in your YAML import file using `verticalAutoscaling` parameters
 - **After service creation** - Navigate to your PostgreSQL service and select **Automatic scaling configuration** to modify settings
+
 ### Basic settings
-  
+
 **CPU Mode**: Choose between shared (cost-effective, variable performance) or dedicated (consistent performance, higher cost). You can change CPU mode once per hour. See [pricing](https://zerops.io/#pricing) for costs.
+
 **Resource limits**: Configure minimum and maximum resources for your PostgreSQL service:
+
 - **Lower the maximum** to control costs and prevent over-scaling
 - **Raise the minimum** when you need guaranteed baseline performance
 - **Set minimum = maximum** to disable automatic scaling for that specific resource
+
 **Deployment mode**: Choose the reliability configuration for your PostgreSQL service:
+
 - **Single Container**: One container with vertical scaling only. Suitable for development environments.
 - **Highly Available**: Multiple containers with built-in redundancy. Recommended for production environments.
+
 :::warning
 Deployment mode cannot be changed after service creation.
 :::
+
 :::tip HA Mode
 In HA mode, a dedicated read replica port (`5433`) is available for routing read queries to replicas. This improves performance by distributing load across all database containers. See [Connection Parameters](/postgresql/how-to/connect#connection-parameters) for details.
 :::
+
 When a container fails in HA mode, Zerops automatically replaces it with a new container on a different physical machine and synchronizes data from healthy copies.
+
 ### Advanced settings
+
 **Start CPU cores**: Determines how many CPU cores are allocated during database startup. Increase this value if your PostgreSQL service starts slowly or requires more processing power during initialization.
+
 **RAM thresholds**: Help prevent out-of-memory crashes by maintaining buffer space:
+
 - **Absolute (GB)**: Maintains this amount of free RAM at all times
 - **Percentage**: Keeps this percentage of total RAM free
+
 Consider increasing these values if your database experiences memory-related issues.
-  
+
 :::info Read More
 For detailed technical parameters and scaling behavior, see [Automatic Scaling and High Availability](/features/scaling#resource-scaling-behavior).
 :::
+
 ## Monitor usage
+
 Navigate to your PostgreSQL service and select **Service containers & Overview** to view:
 - CPU, RAM, and disk usage over time
 - Historical scaling events
 - Container health status
+
 ## Technical details
+
 Zerops monitors database usage and automatically adjusts resources based on predefined thresholds and timing parameters. The scaling behavior follows the same principles as other services in the platform.
+
 For complete technical specifications including:
 - Resource monitoring intervals and thresholds
 - Scale-up and scale-down timing parameters
 - Scaling increments and steps
 - Detailed scaling behavior patterns
+
 See [Resource Scaling Behavior](/features/scaling#resource-scaling-behavior) in the general scaling documentation.
+
 ## Common issues
+
 **Out of memory errors**
 - Increase minimum free RAM settings in your scaling configuration
 - Consider raising the minimum RAM allocation
 - Check for memory-intensive queries or operations
+
 **Higher than expected costs**
 - Consider lowering your maximum resource limits
 - Review scaling patterns in the monitoring dashboard
+
 **Slow database startup**
 - Increase the "Start CPU cores" setting
 - Consider switching to dedicated CPU mode for consistent performance
+
 **Not utilizing HA mode effectively**
 - Use port `5432` for write operations (INSERT, UPDATE, DELETE)
 - Use port `5433` for read operations (SELECT) to distribute load across replicas
 - See [Connection Parameters](/postgresql/how-to/connect#connection-parameters) for details
+
 *Need help? Join our [Discord community](https://discord.gg/zerops) for assistance!*
 
+
 ----------------------------------------
 
 # Postgresql > Overview
 
+
 [PostgreSQL ↗](https://www.postgresql.org/) is a powerful, open source object-relational database system with over 35 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance.
+
 ## Feature Highlights
+
+- [Create PostgreSQL service](/postgresql/how-to/create) — Start with creating a PostgreSQL service using GUI or zCLI.
+- [Import config file](/postgresql/how-to/create#full-example) — Use an example config file to import your own app.
+
 ### Connect to PostgreSQL service
+
+- [Manage users and databases](/postgresql/how-to/manage)
+- [Connect from the same project](/postgresql/how-to/connect#connect-from-services-in-the-same-project)
+- [Connect remotely](/postgresql/how-to/connect#connect-remotely)
+
 ### Others
+
+- [Scale postgresql service](/postgresql/how-to/scale)
+- [Export and import data](/postgresql/how-to/export-import-data)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/postgresql/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Python > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Python application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -18675,47 +26721,61 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: python@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - app.py
+
       # OPTIONAL. Copy files from build container to runtime container.
       addToRunPrepare:
         - requirements.txt
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: file.txt
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: python@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8000
+
       # OPTIONAL. Customize the runtime Python environment by installing additional
       # dependencies to the base Python runtime environment.
       # prepareCommands:
       #   - python3 -m pip install --ignore-installed -r requirements.txt
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Python application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Python application start command
       start: python3 app.py
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -18726,6 +26786,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -18735,11 +26796,21 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Python builds:
+
+- `python@3.14 (Ubuntu only)`, `python@latest`
+- `python@3.12`
+- `python@3.11`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -18750,12 +26821,18 @@ zerops:
       base: python@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Python, Zerops command line tool, `pip` and `git`.
+  major version of Python, [Zerops command line tool](/references/cli), `pip` and `git`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -18769,34 +26846,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Changing the OS setting will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache behavior.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Python defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `pip` and `git`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -18805,94 +26900,136 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: python@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
         - sudo apt install python3-pip # already installed for Python services
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/python/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Run prepare commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 prepareCommands:
   - |
     sudo apt update
     sudo apt install python3-pip # already installed for Python services
 ```
+
 #### Run prepare commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 prepareCommands:
   - sudo apt update
   - sudo apt install python3-pip # already installed for Python services
 ```
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app.py
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app.py
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -18904,22 +27041,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -18928,6 +27076,7 @@ zerops:
     build:
       base: python@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         PYTHON_ENV: production
@@ -18936,12 +27085,22 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/python/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Python version for your runtime.
+
 Following options are available for Python builds:
+
+- `python@3.14 (Ubuntu only)`, `python@latest`
+- `python@3.12`
+- `python@3.11`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -18951,18 +27110,25 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: python@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: python@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
-  selected major version of Python, Zerops command line tool, `pip` and `git`.
+  selected major version of Python, [Zerops command line tool](/references/cli), `pip` and `git`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -18972,6 +27138,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: python@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -18981,43 +27148,74 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Python service with hostname = "app" and port = 8000 from another service of the same project, simply use `app:8000`. Read more about [how to access a Python service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Python runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Python environment contains {data.alpine.default}, the selected
-  major version of Python, Zerops command line tool, `pip` and `git`. To install additional packages or tools add one or more
+  major version of Python, [Zerops command line tool](/references/cli), `pip` and `git`. To install additional packages or tools add one or more
   prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19025,6 +27223,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -19033,27 +27232,45 @@ zerops:
         - python3 -m pip install --ignore-installed -r requirements.txt
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/python/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build:prepareCommands](#preparecommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default} the
-  selected major version of Python, Zerops command line tool, `pip` and `git`.
+  selected major version of Python, [Zerops command line tool](/references/cli), `pip` and `git`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19063,6 +27280,7 @@ zerops:
       ...
       addToRunPrepare:
         - requirements.txt
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -19071,15 +27289,20 @@ zerops:
         - python3 -m pip install --ignore-installed -r requirements.txt
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -19088,22 +27311,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Python application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/python/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/python/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build:prepareCommands](#preparecommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -19118,56 +27354,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/python/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Python application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Python application start command
       start: app.py
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Python application start command
       start: app.py
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -19175,30 +27437,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Python application.
+
+        The command has access to the same [environment variables](/python/how-to/create#set-secret-environment-variables) as your Python application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Python application start command
       start: app.py
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -19207,13 +27486,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -19222,72 +27506,112 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/python/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
-**Example:**
-```yaml
-zerops:
-  # hostname of your service
-  - setup: app
-    # ==== how to build your application ====
-    build: ...
-    # ==== how to deploy your application ====
-    deploy:
-      # OPTIONAL. Define a readiness check with a HTTP GET request option.
-      # Configures the check on http://127.0.0.1:80/status
-      readinessCheck:
-        httpGet:
-          port: 80
-          path: /status
-    # ==== how to run your application ====
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
+**Example:**
+
+```yaml
+zerops:
+  # hostname of your service
+  - setup: app
+    # ==== how to build your application ====
+    build: ...
+
+    # ==== how to deploy your application ====
+    deploy:
+      # OPTIONAL. Define a readiness check with a HTTP GET request option.
+      # Configures the check on http://127.0.0.1:80/status
+      readinessCheck:
+        httpGet:
+          port: 80
+          path: /status
+
+    # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/python/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Python application.
+
+        The command has access to the same [environment variables](/python/how-to/create#set-secret-environment-variables) as your Python application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -19299,8 +27623,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/python/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Python > How To > Build Process
@@ -19317,35 +27643,60 @@ Read more about how the [readiness check works](/python/how-to/deploy-process#re
 
 # Python > How To > Create
 
+
 Zerops provides a Python runtime service with extensive build support. Python runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Python service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Python service:
+
+[Video: /vids/services/python.webm](/vids/services/python.webm)
+
 ### Choose Python version
+
 Following Python versions are currently supported:
+
 :::info
 You can [change](/python/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/python/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Python service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Python service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/python/how-to/create#create-a-project-description-file)
 3. [Create a project with a Python and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -19366,13 +27717,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Python version 3.12 service with default [auto scaling](/python/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/python/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -19417,114 +27773,172 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Python service and a [PostgreSQL](/postgresql/overview) service.
+
 Python service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Python service will run on version 3.12 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Python and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new service will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Python service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/python/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/python/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/python/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/python/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Python service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -19545,33 +27959,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Python service version 3.12 with default [auto scaling](/python/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Python > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add --no-cache imagemagick)',
-  'Python build tools: When you need setuptools, or other tools not included by default',
-  'Scientific libraries: When you need NumPy, SciPy, or other packages requiring system dependencies',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -19625,13 +28044,21 @@ System packages for processing: When your app processes images, videos, or files
 
 # Python > Overview
 
+
 [Python ↗](https://www.python.org/) is a programming language that lets you work quickly and integrate systems more effectively..
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-python-hello-world), a **_recipe_**, containing the most simple Python web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Python running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Python running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "python" recipe on Zerops](https://app.zerops.io/recipe/?lf=python)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-python-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -19643,37 +28070,76 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-python-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/python/how-to/create) — Dive in all Zerops has to offer for your Python application.
+
 ## Feature Highlights
+
+- [Create Python service](/python/how-to/create) — Start with creating a Python service using GUI or zCLI.
+- [zerops.yaml](/python/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/python/how-to/scaling) — Set up scaling of your Python application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/python/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/python/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/python/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Qdrant > Overview
 
+
 [Qdrant](https://qdrant.tech/) in Zerops provides a fully managed vector database solution designed for AI applications. Focus on building vector search features while we handle infrastructure maintenance, high availability, and data protection.
+
 ## Supported Versions
+
 Currently supported Qdrant versions:
+
 Import configuration version:
+
+- `qdrant@1.12`
+- `qdrant@1.10`
+
 ## Deployment Modes
+
 #### Non-HA Mode
 - Single node setup ideal for development and non-production projects
 - Simple deployment and management
+
 #### HA Cluster
 - Automatically configured with 3 nodes
 - Recommended for production environments
@@ -19681,31 +28147,47 @@ Import configuration version:
 - By default (`automaticClusterReplication=true`), automatically creates replicas of all shards across all three nodes
   - Can be disabled by setting `automaticClusterReplication` to `false`
 - Automatic cluster recovery and node replacement in case of failures
+
 ## Data Backup
+
 Qdrant backups are created using native snapshotting:
+
 - **Format**: `.snapshot` (compressed)
 - **Tooling**: Native snapshotting
 - **Source**: Taken from the primary node (leader in HA clusters)
+
 For backup configuration, scheduling, retention policies, and management options, see the [Zerops Backups](/features/backup) documentation.
+
 ### Restoring Backups
+
 To restore a Qdrant backup:
+
 1. **Download** the backup file (`.snapshot`) from the Zerops UI
 2. **Prepare** your target environment (clean existing collections or use a new instance)
 3. **Restore** using the Qdrant API. Use the snapshot restore endpoint to import the snapshot file. Follow the [official Qdrant documentation](https://qdrant.tech/documentation/database-tutorials/create-snapshot/#restore-from-snapshot) for detailed snapshot restore procedures.
+
 For assistance with the restoration process, contact Zerops support.
+
 ## Network Architecture & Access
+
 Qdrant can be accessed only from services within the same project, public access is not available.
+
 ### API Keys
 API key authentication is required for both HTTP and gRPC API calls. Include the key in your request headers. The keys are automatically generated when the Qdrant service is created and can be found in the service's environment variables:
+
 - **`apiKey`:** Full access API key for administrative operations (creating collections, indexing)
 - **`readOnlyApiKey`:** Restricted API key for search operations
+
 #### HTTP API
 - **Port:** `6333`
 - **Connection String:** Available as `connectionString` environment variable or construct using `http://${hostname}:${port}`
+
 #### gRPC API
 - **Port:** `6334`
 - **gRPC Connection String:** Available as `grpcConnectionString` environment variable or construct using `tcp://${hostname}:${grpcPort}`
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zeropsio)
 - Contact support via [email](mailto:support@zerops.io)
@@ -19714,9 +28196,13 @@ For advanced configurations or custom requirements:
 
 # Rust > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Rust application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -19725,48 +28211,62 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: rust@latest
+
       # OPTIONAL. Set the operating system for the build environment.
       # os: ubuntu
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Build your application
       buildCommands:
         - cargo b --release
+
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles:
         - target/release/~app
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       # cache: file.txt
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: rust@latest
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Rust environment by installing additional
       # dependencies to the base Rust runtime environment.
       # prepareCommands:
       #   - sudo apt-get something
       #   - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Rust application is started.
       # initCommands:
       #  - rm -rf ./cache
+
       # REQUIRED. Your Rust application start command
       start: ./app
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -19777,6 +28277,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -19786,12 +28287,24 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Rust builds:
-```yaml
+
+- `rust@1`, `rust@latest`, `rust@stable`
+- `rust@1.86`
+- `rust@1.80`
+- `rust@1.78`
+- `rust@nightly`
+
+```yaml
 zerops:
   # hostname of your service
   - setup: app
@@ -19801,12 +28314,18 @@ zerops:
       base: rust@latest
       ...
 ```
+
+<p>
   The base build environment contains {data.alpine.default}, the selected
-  major version of Rust, Zerops command line tool, `npm` , `yarn`, `git` and `npx` tools.
+  major version of Rust, [Zerops command line tool](/references/cli), `npm` , `yarn`, `git` and `npx` tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19820,34 +28339,52 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the build environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customized.
 :::
+
 :::note
 Modifying the OS will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.alpine.default}
+
+- <span>{data.alpine.default}</span>
 - selected version of Rust defined in the [base](#base) attribute
 - [Zerops command line tool](/references/cli)
 - `npm`, `yarn`, `git` and `npx` tools
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19856,26 +28393,38 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: rust@latest
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
         - cargo b --release
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/rust/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -19884,93 +28433,135 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: rust@latest
+
       # OPTIONAL. Build your application
       buildCommands:
         - cargo b --release
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 #### Run build commands as a single shell instance
+
 Use following syntax to run all commands in the same environment context. For example, if one command changes the current directory, the next command continues in that directory. When one command creates an environment variable, the next command can access it.
+
 ```yaml
 buildCommands:
   - |
     cargo b --release
 ```
+
 #### Run build commands as a separate shell instances
+
 When the following syntax is used, each command is triggered in a separate environment context. For example, each shell instance starts in the home directory again. When one command creates an environment variable, it won't be available for the next command.
+
 ```yaml
 buildCommands:
   - cargo b --release
 ```
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/rust/how-to/logs#build-log) to troubleshoot the error. If the error log doesn't contain any specific error message, try to run your build with the --verbose option.
+
 ```yaml
 buildCommands:
   - cargo b --release
 ```
+
 If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `buildCommands` are finished, the application build is completed and ready for the deploy phase.
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
 ```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - target/release/~app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - target/release/~app
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -19982,22 +28573,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -20006,6 +28608,7 @@ zerops:
     build:
       base: rust@latest
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         RUST_ENV: production
@@ -20014,12 +28617,24 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/rust/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Rust version for your runtime.
+
 Following options are available for Rust builds:
+
+- `rust@1`, `rust@latest`, `rust@stable`
+- `rust@1.86`
+- `rust@1.80`
+- `rust@1.78`
+- `rust@nightly`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -20029,19 +28644,26 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: rust@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: rust@latest
       ...
 ```
+
+<p>
   The base runtime environment contains {data.alpine.default}, the
   selected major version of Rust, Zerops command line tool, npm, yarn, git and
   npx tools.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the zerops.yaml in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -20051,6 +28673,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: rust@latest
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -20060,43 +28683,74 @@ zerops:
         - zsc add go@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customize your build environment use the `prepareCommands` attribute.
+
 ### os
+
 _OPTIONAL._ Sets the operating system for the runtime environment.
+
 Following options are available:
+
 - `alpine`
 - `ubuntu`
+
 Default value is `alpine`.
+
 We are currently using following os version:
-- {data.alpine.default}
-- {data.ubuntu.default}
+
+- <span>{data.alpine.default}</span>
+- <span>{data.ubuntu.default}</span>
+
 :::caution
 The os version is fixed and cannot be customised.
 :::
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Rust service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access a Rust service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Rust runtime environment by installing additional dependencies or tools to the runtime base environment.
+
+<p>
   The base Rust environment contains {data.alpine.default}, the selected
-  major version of Rust, Zerops command line tool and `npm` , `yarn`, `git` and `npx` tools. To install additional packages or tools add one or
+  major version of Rust, [Zerops command line tool](/references/cli) and `npm` , `yarn`, `git` and `npx` tools. To install additional packages or tools add one or
   more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -20104,6 +28758,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -20113,28 +28768,45 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/rust/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
-  
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
+
+<p>
   The prepare runtime container contains {data.alpine.default}, the
-  selected major version of Rust, Zerops command line tool and `npm`, `yarn`, `git` and `npx` tools.
+  selected major version of Rust, [Zerops command line tool](/references/cli) and `npm`, `yarn`, `git` and `npx` tools.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -20143,6 +28815,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -20152,15 +28825,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -20169,22 +28847,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Rust application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/rust/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/rust/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -20199,56 +28890,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/rust/how-to/env-variables) in Zerops.
+
 ### start
+
 _REQUIRED._ Defines the start command for your Rust application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Rust application start command
       start: ./app
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Rust application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -20256,30 +28973,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Rust application.
+
+        The command has access to the same [environment variables](/rust/how-to/create#set-secret-environment-variables) as your Rust application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Rust application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -20288,13 +29022,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -20303,40 +29042,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/rust/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -20345,30 +29106,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/rust/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Rust application.
+
+        The command has access to the same [environment variables](/rust/how-to/create#set-secret-environment-variables) as your Rust application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -20380,8 +29159,10 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/rust/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Rust > How To > Build Process
@@ -20398,35 +29179,60 @@ Read more about how the [readiness check works](/rust/how-to/deploy-process#read
 
 # Rust > How To > Create
 
+
 Zerops provides a Rust runtime service with extensive build support. Rust runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Rust service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Rust service:
+
+[Video: /vids/services/rust.webm](/vids/services/rust.webm)
+
 ### Choose Rust version
+
 Following Rust versions are currently supported:
+
 :::info
 You can [change](/rust/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/rust/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Rust service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Rust service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/rust/how-to/create#create-a-project-description-file)
 3. [Create a project with a Rust and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -20447,13 +29253,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Rust version 18 service with default [auto scaling](/rust/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/rust/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -20498,112 +29309,191 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Rust service and a [PostgreSQL](/postgresql/overview) service.
+
 Rust service with "app" hostname, the internal port(s) the service listens on will be defined later in the [zerops.yaml](/rust/how-to/build-pipeline#ports). Rust service will run on version 18 with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-      Limitations
-    
-      name
-      The name of the new project. Duplicates are allowed.
-      
-      description
-      Optional. Description of the new project.
-      Maximum 255 characters.
-    
-      tags
-      Optional. One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+      <th className="w-fit"><strong>Limitations</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>name</strong></td>
+      <td className="w-fit">The name of the new project. Duplicates are allowed.</td>
+      <td className="w-fit"></td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>description</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> Description of the new project.</td>
+      <td className="w-fit">Maximum 255 characters.</td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>tags</strong></td>
+      <td className="w-fit"><strong>Optional.</strong> One or more string tags. Tags do not have a functional meaning, they only provide better orientation in projects.</td>
+      <td className="w-fit"></td>
+    </tr>
+  </tbody>
+</table>
+
 At least one service in `services:` section is required. You can create a project with multiple services. The example above contains Rust and PostgreSQL services but you can create a `description.yaml` with your own combination of [services](/features/infrastructure).
-  
-      Parameter
-      Description
-    
-        hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit">Parameter</th>
+      <th className="w-fit">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">
+        <b>hostname</b>
+      </td>
+      <td className="w-fit">
         The unique service identifier.
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-        type
-      
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>type</b>
+      </td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Rust service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-        verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>verticalAutoscaling</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines [custom vertical auto scaling parameters](/rust/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified
         attributes will be set to their default values.
-      
-         - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-         - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-         - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-         - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-        minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers
-        for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - cpuMode</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minCpu/maxCpu</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minRam/maxRam</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b> - minDisk/maxDisk</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>minContainers</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Default = 1. Defines the minimum number of containers
+        for [horizontal autoscaling](/rust/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-        
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>maxContainers</b>
+      </td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/rust/how-to/create#horizontal-auto-scaling).
+
+        <b>Limitations:</b>
+
         Current maximum value = 10.
-      
-        envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value
-        map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit">
+        <b>envSecrets</b>
+      </td>
+      <td className="w-fit">
+        <b>Optional.</b> Defines one or more secret env variables as a key value
+        map. See env variable [restrictions](/rust/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Rust service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -20624,33 +29514,38 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Rust service version 18 with default [auto scaling](/rust/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Rust > How To > Customize Runtime
 
-System packages for processing: When your app processes images, videos, or files (requiring packages like sudo apk add --no-cache imagemagick)',
-  'Native dependencies: When your Cargo dependencies require system libraries that aren\'t in the default environment',
-  'Development tools: When you need debugging tools, profilers, or other development utilities',
-  'Different base OS: When you need Ubuntu instead of Alpine for specific compatibility requirements'
-]} />
+
 
 ----------------------------------------
 
@@ -20704,13 +29599,21 @@ System packages for processing: When your app processes images, videos, or files
 
 # Rust > Overview
 
+
 [Rust ↗](https://www.rust-lang.org/) - a language empowering everyone to build reliable and efficient software.
+
 As said, there is no need for coding yet, we have created a [Github repository ↗](https://github.com/zeropsio/recipe-rust-hello-world), a **_recipe_**, containing the most simple Rust web application. The repo will be used as a source from which the app will be built.
-  This is the most bare-bones example of Rust running in Zerops — as few libraries as possible,
+
+### 🚀 Feel free to deploy the recipe yourself
+
+This is the most bare-bones example of Rust running in Zerops — as few libraries as possible,
   just a simple endpoint with connect, read and write to a Zerops PostgreSQL database.
-  
+
+  [Deploy "rust" recipe on Zerops](https://app.zerops.io/recipe/?lf=rust)
+
 1. Log in/sign up to [Zerops GUI ↗](https://app.zerops.io)
 2. In the **Projects** box click on **Import a project** and paste in the following YAML config ([source ↗](https://github.com/zeropsio/recipe-rust-hello-world/blob/main/import-project/description.yaml)):
+
 ```yaml
 project:
   name: my-first-project
@@ -20722,105 +29625,176 @@ services:
     buildFromGit: https://github.com/zeropsio/recipe-rust-hello-world@main
     enableSubdomainAccess: true
 ```
+
 3. Click on **Import project** and wait until all pipelines have finished.
+
 **That's it, your application is now up and running! :star: Let's check it works:**
+
 1. A _subdomain_ should have been enabled and visible in the project's **IP addressed & Public Routing Overview** box. Its format should look similar to this `https://helloworld-24-8080.prg1.zerops.app`.
 2. Click or the `subdomain` URL to open it in a browser and you should see
+
 ```
 Hello, World!
 ```
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## How to start
+
+- [Care for details?](/rust/how-to/create) — Dive in all Zerops has to offer for your Rust application.
+
 ## Feature Highlights
+
+- [Create Rust service](/rust/how-to/create) — Start with creating a Rust service using GUI or zCLI.
+- [zerops.yaml](/rust/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to create your own app.
+- [Scaling configuration](/rust/how-to/scaling) — Set up scaling of your Rust application so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/rust/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/rust/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you build something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/rust/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Shared Storage > How To > Backup
 
+
 Zerops provides automated data backup for Shared Storage services with full encryption and flexible management options.
+
 For general backup information including configuration, scheduling, and management options, see the [Zerops Backups](/features/backup) documentation, which covers:
 - Backup scheduling and retention policies
 - Tagging system and storage quotas
 - Manual backup creation and CLI tools
 - Security and encryption details
+
 ## Shared Storage Backup Format
+
 Shared Storage backups are created using tar archival:
+
 - **Format**: `.tar.gz` (archive of directory contents)
 - **Tooling**: `tar`
-- **Content**: Compresses the entire shared volume (`/mnt/`)
+- **Content**: Compresses the entire shared volume (`/mnt/<volume>`)
 - **Storage**: Encrypted and stored in isolated object storage
+
 ### Restoring Backups
+
 To restore a Shared Storage backup: Download the backup file (`.tar.gz`) from the Zerops UI, extract the archive, and upload the contents back to your Shared Storage.
+
 ## Best Practices
+
 For Shared Storage backups:
 - Regularly clean up unnecessary files from your Shared Storage to reduce backup size
 - Create manual backups with protected tags before major file operations or migrations
 - Consider adjusting your backup frequency for optimal storage usage
 - Test your restore process periodically to ensure data integrity
+
 For additional best practices and troubleshooting, refer to the [main backup documentation](/features/backup).
 
 ----------------------------------------
 
 # Shared Storage > How To > Connect
 
+
 This page covers how to connect an existing shared storage to runtime services and how to disconnect services when needed.
+
 ## In Zerops GUI
+
 ### Connect a new shared storage
+
 When creating a new shared storage service, you can directly select which runtime services it should be connected to. See [Create Shared Storage](/shared-storage/how-to/create) for details about the creation process.
+
 ### Connect an existing shared storage
+
 For existing storage, go to the shared storage service detail page and select **Shared storage connections**. Toggle ON any runtime services you wish to connect to this storage.
-  
+
 ## Disconnect a shared storage in Zerops GUI
+
 To disconnect storage, access the shared storage service detail page, select **Shared storage connections**, and toggle OFF the desired runtime service.
 
+
 ----------------------------------------
 
 # Shared Storage > How To > Create
 
+
 Shared Storage provides persistent file storage that can be mounted as a POSIX-compatible filesystem to your runtime services. Built on [SeaweedFS ↗](https://github.com/seaweedfs/seaweedfs), it enables reliable data persistence and sharing across services in your infrastructure.
+
 ## Create Using Zerops GUI
+
 First, set up a project in Zerops GUI and add a runtime service. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Shared Storage service:
+
+[Video: /vids/services/shared-storage.webm](/vids/services/shared-storage.webm)
+
 ### Set a Hostname
+
 Enter a unique service identifier like "storage", "files" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Hostname Limitations:
+
 - Maximum 25 characters
 - Must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::note
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Connect to Services
+
 Select one or more project's runtime services in the Share with Services block:
-  
+
 The new Shared Storage will be connected to the selected runtimes.
+
 :::note
 Runtime services can be connected and disconnected at any time even after the shared storage is created.
 :::
+
 ### Choose Deployment Mode
+
 Choose between **Highly Available** (recommended for production) or **Single Container** (suitable for development) deployment.
+
 :::warning
 The Shared Storage deployment mode is fixed after the service is created. It can't be changed later.
+
 See [Technical Details](/shared-storage/tech-details#deployment-modes) for more information about deployment modes.
 :::
+
 ### Set Auto Scaling Configuration
+
 Configure vertical auto scaling parameters to control resource allocation and costs.
-  
+
 :::note
 For detailed information about auto scaling capabilities and recommendations, see [Technical Details](/shared-storage/tech-details#auto-scaling-configuration).
 :::
+
 ## Create Using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Shared Storage service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. Create a project description file
 3. Create a project with a runtime and a Shared Storage service
+
 ### Choose Your Runtime
+
 export const languages = [
     { name: "Node.js", link: "/nodejs/how-to/shared-storage#create-nodejs-service-with-a-shared-storage-using-zcli" },
     { name: "PHP", link: "/php/how-to/shared-storage#create-php-service-with-a-shared-storage-using-zcli" },
@@ -20834,104 +29808,164 @@ export const languages = [
 
 # Shared Storage > How To > Manage
 
+
 Zerops Shared Storage provides several web interfaces to manage, monitor, and troubleshoot your storage. These interfaces are accessible through the [Zerops VPN](/references/networking/vpn) and offer different capabilities for managing your data and monitoring system performance.
+
 ## Access Web Interfaces
+
 ### Filer UI
-* `http://.zerops:8888`
+
+* `http://<storage-service-hostname>.zerops:8888`
+
 The Filer UI provides a web-based interface for managing files and directories in your Shared Storage:
 - Browse the directory structure and create new directories
 - Upload new files (up to 64MB) and download existing files
 - Rename and delete files and directories
+
 ### Master UI
-* `http://node-stable-1.db..zerops:9333`
+* `http://node-stable-1.db.<storage-service-hostname>.zerops:9333`
+
 The Master UI provides system status and monitoring information:
+
 - View cluster topology
 - Monitor volume servers
 - Check system status and health
 - View statistics and metrics
+
 ### Volume UI
-* `http://node-stable-.db..zerops:8080/ui/index.html`
+
+* `http://node-stable-<node-number>.db.<storage-service-hostname>.zerops:8080/ui/index.html`
+
 The Volume UI allows you to monitor individual storage volumes:
+
 - View volume status
 - Check disk usage
 - Monitor I/O operations
 - View volume statistics
+
 ## Monitoring
+
 Several options are available to help you monitor your Shared Storage:
+
 ### Runtime Service Logs
-* Navigate to your runtime service detail page → **Runtime Logs** section → filter using the tag `zerops-mount-`
+* Navigate to your runtime service detail page → **Runtime Logs** section → filter using the tag `zerops-mount-<service-hostname>`
+
 ### Shared Storage Logs
 * Access from the Shared Storage service detail page → **Runtime Logs** tab → browse or search for relevant information
+
 ### System and Volume Status
 * Monitor replication status, disk usage, and performance metrics through the Master UI and Volume UI
 
+
 ----------------------------------------
 
 # Shared Storage > How To > Use
 
+
 Once a Shared Storage is [connected](/shared-storage/how-to/connect) to a runtime service, Zerops will create a new folder `/mnt/[shared storage name]` in the runtime service's filesystem.
+
 For example, `/mnt/teststorage` for a `teststorage` Shared Storage:
-  
+
 :::note
 The content of this folder is shared among all containers of the connected runtime service.
+
 If you connect multiple runtimes, the content of the folder will be shared among all containers of these services.
 :::
+
 ## Mount Points and Multiple Volumes
+
 - Multiple storage volumes can be mounted to a single service (e.g., `/mnt/files1`, `/mnt/files2`, etc.)
 - Shared storage mount is only available in runtime containers, not during build and prepare runtime phases
 - All filesystem operations are automatically logged to runtime logs
+
 For technical details about mount behavior and filesystem capabilities, see the [Technical Details](/shared-storage/tech-details#mount-integration) page.
+
 ## Use Cases
+
 Shared Storage is ideal for:
+
 - **Persistent filesystem-based databases**: SQLite, Prometheus DB, etc.
 - **Configuration sharing**: Deploy configurations once and share across multiple services
   - Example: Deploy Apache Airflow configurations and DAG files once and share with all worker nodes
 - **Alternative to object storage**: For applications that require filesystem semantics rather than object storage
 - **Application data**: Store and serve images, documents, and other assets
+
 ## Performance Considerations
+
 When using Shared Storage, keep in mind:
+
 - For write-heavy workloads, consider batching operations
 - Minimize operations with many small files for better performance
+
 For more detailed information about performance constraints and limitations, see the [Technical Details](/shared-storage/tech-details#performance-considerations) page.
+
 ## Troubleshooting
+
 ### Common Issues
+
 - The `df` command may show incorrect or misleading information when used with shared storage mounts. Please refer to the Zerops GUI for accurate storage metrics.
 
 ----------------------------------------
 
 # Shared Storage > Overview
 
+
 # Shared Storage
+
 Zerops provides a fully managed and scaled **Shared Storage** service, which can be mounted to your runtime services. It offers:
 - Persistent file sharing between containers of the same service or different services
 - Standard filesystem operations through a POSIX-compatible interface
 - Built-in high-availability configuration
+
 ## Documentation Sections
+
+- [Connect to Services](/shared-storage/how-to/connect) — Connect your Shared Storage to runtime services.
+- [Usage & Limitations](/shared-storage/how-to/use) — Learn how to save and access data, along with use cases and technical limits.
+- [Management & Access](/shared-storage/how-to/manage) — Access UI components and troubleshoot common issues.
+- [Backups](/shared-storage/how-to/backup) — Configure automatic backups of your data.
+- [Technical Details](/shared-storage/tech-details) — Explore the technical architecture and deployment options.
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Shared Storage > Tech Details
 
+
 Zerops Shared Storage is built on [SeaweedFS](https://github.com/seaweedfs/seaweedfs), a distributed filesystem optimized for high-volume storage with efficient retrieval.
+
 ## Architecture
+
 Shared Storage consists of three main components:
 - **Master Server**: Manages metadata and coordinates volume servers
 - **Volume Servers**: Store the actual file data
 - **Filer**: Provides a POSIX-compatible interface for file operations
+
 An **automatic vacuum process** helps maintain optimal storage performance by reclaiming space from deleted files. This process is triggered when the size of deleted content exceeds 15% (reduced from the default 30%).
+
 ### Mount Integration
+
 When connected to a runtime service:
-- Storage is mounted at `/mnt/`
+- Storage is mounted at `/mnt/<storage-hostname>`
 - Mount point is owned by the `zerops` user and group (no sudo required)
-- All filesystem operations are logged to runtime logs (tagged as `zerops-mount-`)
+- All filesystem operations are logged to runtime logs (tagged as `zerops-mount-<service-hostname>`)
 - Mounting will overwrite any existing content in the mount directory
 - Shared storage mount is only available in runtime containers, not during build and prepare runtime phases
+
 ## Deployment Modes
+
 Zerops provides Shared Storage in two deployment modes:
+
 ### Highly Available
+
 Recommended for production environments where data reliability is critical.
+
 - **Architecture**: 2 volume servers with the master located on one of them
 - **Data Durability**: Data and filer metadata are replicated 1:1 across nodes
 - **Fault Tolerance**:
@@ -20939,40 +29973,61 @@ Recommended for production environments where data reliability is critical.
     - A new container replaces the failed one
     - Data is automatically replicated to the new container (duration depends on data size)
     - During master node failure, mounted directories become temporarily unavailable until the new master initializes (~30s)
+
 ### Single Container
+
 Suitable for development environments or non-critical data storage.
+
 - **Architecture**: Master, volume, and filer server all located on a single container
 - **Data Durability**: All data is lost if the container fails
 - **Recommended For**: Development environments or temporary data storage
+
 :::warning
 The deployment mode is fixed after the service is created and cannot be changed later.
 :::
+
 ## Filesystem Capabilities
+
 Shared Storage supports standard POSIX filesystem operations:
+
 - Create, read, update, and delete files and directories
 - Set permissions (with some limitations)
 - Standard file locking operations
 - Hard and symbolic links
 - Directory listing and traversal
+
 For a complete list of supported features, see the [SeaweedFS FUSE documentation](https://github.com/seaweedfs/seaweedfs/wiki/FUSE-Mount#supported-features).
+
 ## Resource Constraints
+
 ### Storage Limits
+
 - Maximum storage space: 60GB (can be increased via support request)
 - Maximum file size: Unlimited within the 60GB total storage constraint
 - Maximum upload size via Filer UI: 64MB
+
 ### Memory Usage
+
 - Base memory consumption: ~60MB when idle
 - Peak memory usage: ~150MB under higher filesystem loads
 - Optimized for low RAM usage (may trade off some performance)
+
 ### Performance Considerations
+
 - **Latency**: Higher latency compared to local storage due to network-based distributed architecture
 - **Write Performance**: For write-heavy workloads, consider batching operations
 - **Small Files**: Minimize operations with many small files for better performance
+
 ## Auto Scaling Configuration
+
 Zerops scales Shared Storage services automatically by raising or lowering the hardware resources of each database container.
+
 Vertical auto scaling has the following default configuration:
+
 For most cases, the default parameters will work without issues. If you need to limit the cost of the Shared Storage service, lower the maximal resources. Zerops will never scale above the selected maximums.
+
 When you are experiencing problems with insufficient Shared Storage performance or capacity, increase the minimal resources. Zerops will never scale below the selected minimums.
+
 :::note
 You can change the auto scaling parameters later.
 :::
@@ -20981,11 +30036,19 @@ You can change the auto scaling parameters later.
 
 # Static > Overview
 
+
 The Static service provides a way to serve static content through a pre-configured Nginx setup. It balances simplicity with the flexibility needed for modern web applications.
-  Deploy an Analog app with static hosting in seconds. All you need is a Zerops account.
-  
+
+### Experience the simplicity of Zerops
+
+Deploy an Analog app with static hosting in seconds. All you need is a Zerops account.
+
+  [Deploy "analog" recipe on Zerops](https://app.zerops.io/recipe/?lf=analog)
+
 ## Quick Start
+
 Add a Static service to your project by including this in your `zerops.yaml`:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -20993,20 +30056,28 @@ zerops:
       os: alpine
       base: static
 ```
+
 ## Routing & Configuration
+
 ### Default Behavior
+
 Every Static service in Zerops comes with built-in defaults optimized for modern web applications, including Single Page Applications. By default, for any incoming request, the service will:
 1. Try to serve the exact path (`$uri`)
 2. Try with .html extension (`$uri.html`)
 3. Look for an index.html in the directory (`$uri/index.html`)
 4. Fall back to `/index.html` (suitable for SPAs)
 5. Return 404 if none of the above exist
+
 :::important SPAs
 Single Page Applications work out of the box without any additional configuration. The built-in fallback to `/index.html` ensures that client-side routing functions properly.
 :::
+
 ### Custom Routing Configuration
+
 The Static service allows you to configure additional URL routing and redirects through simple YAML configuration, abstracting away the complexity of Nginx configuration.
+
 Configure custom routing beyond the default behavior in the `run.routing` section of your `zerops.yaml`:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -21016,27 +30087,35 @@ run:
         to: /specific-landing-page
         status: 302
 ```
+
 ### Redirects
+
 #### Relative Redirects
+
 :::note
 Remember that SPA routing is already built into the default behavior. You don't need to add any custom redirects for client-side routing to work.
 :::
+
 Use relative redirects to route paths within your application. When both `from` and `to` are relative paths, you can omit the `status` code to create a masked redirect that shows the content of the target page while preserving the original URL:
+
 ```yaml title="zerops.yaml"
 routing:
   redirects:
     # Masked redirect - URL stays the same but shows content from about-us
     - from: /about
       to: /about-us
+
     # Standard redirect with status code
     - from: /old-page
       to: /new-page
       status: 301
+
     # Preserve the path when redirecting between directories
     - from: /blog/*
       to: /articles/
       preservePath: true
       status: 302
+
     # Preserve both path and query parameters
     - from: /posts/*
       to: /blog/
@@ -21044,11 +30123,15 @@ routing:
       preserveQuery: true
       status: 302
 ```
+
 :::caution Important
 When using `preservePath` with wildcards, ensure the `to` path ends with a `/` to maintain proper path concatenation. For example, `/blog/*` to `/new-blog/` will correctly redirect `/blog/hello.html` to `/new-blog/hello.html`, while `/new-blog` would result in `/new-bloghello.html`.
 :::
+
 #### Absolute Redirects
+
 For redirecting between domains or to external URLs, use absolute redirects by including `http://` or `https://`. When using absolute URLs in either `from` or `to`, you must specify a `status` code:
+
 ```yaml title="zerops.yaml"
 routing:
   redirects:
@@ -21057,17 +30140,22 @@ routing:
       to: https://new-domain.com
       status: 301
       preserveQuery: true  # Optional: maintain query parameters
+
     # Redirect with path preservation
     - from: https://old-site.com/*
       to: https://new-site.com/
       status: 301
       preservePath: true
 ```
+
 #### Wildcard Matching
+
 Use `*` as a wildcard in your paths:
 - **At the end of a path**: Matches any subsequent content
 - **At the start of a domain** (after `https://`): Enables regex matching for subdomains
+
 Example of domain management:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -21076,17 +30164,23 @@ run:
       - from: https://promo-domain.com/*
         to: https://main-site.com/special-offer
         status: 302
+
       # Redirect all subdomains to main site
       - from: https://*.old-domain.com/*
         to: https://main-site.com
         status: 302
 ```
+
 #### Matching Priority
+
 When multiple redirects are configured, they follow Nginx's matching priority system:
+
 1. Exact matches are checked first
 2. Simple path matches (without wildcards) are checked next
 3. Pattern matches (with wildcards) are checked last
+
 For example:
+
 ```yaml title="zerops.yaml"
 routing:
   redirects:
@@ -21094,21 +30188,26 @@ routing:
     - from: /
       to: /home
       status: 302
+
     # Simple path match - masked redirect
     - from: /about
       to: /about-us
+
     # Pattern match with path preservation
     - from: /blog/*
       to: /articles/
       preservePath: true
       status: 302
 ```
+
 In this configuration:
 - `/` will redirect to `/home` with a 302 status
 - `/about` will show content from `/about-us` but keep the URL as `/about`
 - `/blog/post-123.html` will redirect to `/articles/post-123.html`
 - Any other path will use the [default behavior](#default-behavior)
+
 #### Common Redirect Patterns
+
 **Domain Migration**
 ```yaml title="zerops.yaml"
 routing:
@@ -21118,6 +30217,7 @@ routing:
       status: 301
 ```
 Use permanent (301) redirects when permanently moving content to maintain SEO value.
+
 **Multiple Domain Management**
 ```yaml title="zerops.yaml"
 run:
@@ -21127,35 +30227,46 @@ run:
       - from: https://product-promo.com/*
         to: https://main-site.com/products
         status: 302
+
       # Campaign domain
       - from: https://special-offer.com/*
         to: https://main-site.com/campaign
         status: 302
+
       # Legacy domains and subdomains
       - from: https://*.legacy-domain.com/*
         to: https://main-site.com
         status: 302
 ```
+
 ### CORS Configuration
+
 You can enable CORS for your static service by adding a `cors` directive:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
     # Simple case - automatically converted to '*'
     cors: "*"
+
     # Full syntax with proper quoting
     cors: "'*' always"
 ```
+
 The `cors` directive sets the following headers:
 - `Access-Control-Allow-Origin`
 - `Access-Control-Allow-Methods`
 - `Access-Control-Allow-Headers`
 - `Access-Control-Expose-Headers`
+
 :::note
 The `cors` directive has a special case: if you specify just `"*"`, it's automatically converted to `'*'`. For any other values, you need to include the proper Nginx syntax including quotes.
 :::
+
 ### Custom Headers
+
 For more control over HTTP headers, use the `headers` directive:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -21164,46 +30275,61 @@ run:
         values:
           # All values need proper quoting since they're inserted directly into Nginx
           X-Frame-Options: "'DENY'"
+
           # Values with internal quotes need proper YAML escaping
           Content-Security-Policy: '"default-src ''self''"'
 ```
+
 :::important
 Header values are inserted directly into the Nginx configuration **without** additional quotes, which means:
+
 1. **All values must include their own quotes** (typically single quotes)
 2. If you need single quotes inside your header value, you must escape them in YAML (using double single quotes)
 3. To include the `always` directive, add it after your quoted value
 4. For complex values, you can use YAML's block scalar notation (`>-`) for better readability
 :::
+
 Here are examples for different header scenarios:
+
 ```yaml title="zerops.yaml"
 headers:
   - for: "/"
     values:
       # Simple header with proper quoting
       X-Frame-Options: "'DENY'"
+
       # Header with 'always' directive
       X-XSS-Protection: "'1; mode=block' always"
+
       # Header with internal single quotes - need double single quotes for escaping
       Content-Security-Policy: '"default-src ''self'' https://cdn.example.com"'
+
       # Complex header with block scalar notation for better readability
       Content-Security-Policy: >-
         "default-src 'self' https://cdn.example.com;
         script-src 'self' 'unsafe-inline';
         img-src * data:" always
 ```
+
 When this configuration is processed, it translates to the following Nginx directives:
+
 ```
 add_header X-Frame-Options 'DENY';
 add_header X-XSS-Protection '1; mode=block' always;
 add_header Content-Security-Policy "default-src 'self' https://cdn.example.com";
 add_header Content-Security-Policy "default-src 'self' https://cdn.example.com; script-src 'self' 'unsafe-inline'; img-src * data:" always;
 ```
+
 :::important Path Handling
 When you specify headers for a path that doesn't have an existing location block, the Static service automatically creates a location with the same [default behavior](#default-behavior) as the root path (trying files in order: `$uri`, `$uri.html`, `$uri/index.html`, `/index.html` or returning 404).
+
 If you add headers for a path that already has a location block, your headers will be merged with the existing configuration.
 :::
+
 ### Combining CORS and Custom Headers
+
 You can use both CORS and custom headers together:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -21213,28 +30339,42 @@ run:
         values:
           X-Frame-Options: "'DENY'"
 ```
+
 The `cors` directive sets default Access-Control headers for all routes, while the `headers` directive allows you to set additional headers for specific paths.
+
 :::important
 If you specify Access-Control headers in the `headers` directive, they will override the ones set by `cors` for that specific path.
 :::
+
 ## SEO with Prerender
+
 Single Page Applications render content with JavaScript, which most crawlers can't process—they see an empty page instead of your content. This affects traditional search engines, social media platforms, and AI tools like ChatGPT, Perplexity, and Claude.
+
 The Static service includes built-in support for Prerender.io, which automatically detects crawlers and serves them pre-rendered HTML while your users get the full interactive experience.
+
 ### Setup
+
 1. Set the `PRERENDER_TOKEN` secret variable with your Prerender.io token
 2. The service automatically configures necessary rewrites based on user agents
+
 ### Custom Prerender Host
+
 If you're using a custom Prerender host, add it to environment variables in `zerops.yaml`:
+
 ```yaml title="zerops.yaml"
 run:
   envVariables:
   - PRERENDER_HOST=your.prerender.host
 ```
+
 :::note Default
 The default host is `service.prerender.io` if not specified.
 :::
+
 ## Framework Integration
+
 The Static service handles static builds from any modern framework. Here's the typical deployment pattern:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -21248,29 +30388,41 @@ zerops:
     run:
       base: static
 ```
+
 The key is pointing `deployFiles` to wherever your framework outputs its built files (`dist/`, `build/`, `.output/public/`, etc.).
+
 This configuration:
 1. Uses Node.js for building the application
 2. Installs dependencies and builds the application
 3. Deploys the resulting static files to the Static service
+
 You can enhance this basic setup with:
 - Custom redirects for URL management
 - Prerender.io integration for SEO
 - Additional routing rules as needed
+
 For framework-specific examples, check out our [recipe collection](https://github.com/zeropsio/recipe-analog-static).
+
 ## Advanced Topics
+
 ### Switching to Full Nginx
+
 If you need more control over your Nginx configuration:
+
 1. Go to your Static service overview in the UI
 2. Click the three vertical dots in the left panel
 3. Select **Need to switch to full Nginx service?**
 4. Copy the generated Nginx configuration
 5. Use this configuration as a starting point for a full Nginx service
+
 :::tip
 This allows you to move to a more customizable setup while maintaining your existing routing logic.
 :::
+
 ### Complex Multi-Domain Setups
+
 For advanced scenarios involving multiple domains and complex routing:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -21279,18 +30431,24 @@ run:
       - from: https://product-promo.com/*
         to: https://main-site.com/products
         status: 302
+
       # Campaign domain
       - from: https://special-offer.com/*
         to: https://main-site.com/campaign
         status: 302
+
       # Legacy domains and subdomains
       - from: https://*.legacy-domain.com/*
         to: https://main-site.com
         status: 302
 ```
+
 ## Complete Examples
+
 ### Development Setup
+
 Configuration for local development with CORS and API proxying:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -21302,8 +30460,11 @@ run:
         to: https://api.your-domain.com
         status: 302
 ```
+
 ### Production Setup with Security
+
 Security-enhanced configuration for production environments:
+
 ```yaml title="zerops.yaml"
 run:
   routing:
@@ -21321,29 +30482,47 @@ run:
 
 # Typesense > Overview
 
+
 Zerops provides a fully managed [Typesense search engine](https://typesense.org/) service that combines developer productivity with enterprise-grade reliability. The platform handles infrastructure complexity through automated deployment, scaling, and maintenance while providing developers full access to Typesense's native capabilities.
+
 ## Supported Versions
+
 Currently supported Typesense version:
+
 Import configuration version:
+
+- `typesense@27.1`
+
 ## Service Configuration
+
 Our Typesense implementation comes with carefully tuned defaults that diverge from the [standard Typesense configuration](https://typesense.org/docs/27.1/api/server-configuration.html#using-command-line-arguments) in the following ways:
+
 ```yaml
 thread-pool-size: 16
 num-collections-parallel-load: 8
 ```
+
 These defaults are optimized for most common use cases and managed by the platform. If you need to adjust these settings, please contact us through our [support channels](#support).
+
 ### Data Persistence
+
 Typesense data is automatically persisted to disk at `/var/lib/typesense`.
+
 This ensures that data remains intact during service restarts (Typesense automatically reloads the persisted data into memory upon startup).
+
 This persistence mechanism works in both HA and non-HA deployment modes, though with different reliability guarantees as detailed below.
+
 ### Deployment Modes
+
 :::warning
 The choice between HA and non-HA mode must be made during service creation and cannot be changed later. Make sure to carefully consider your requirements before deploying.
 :::
+
 #### Non-HA Mode
 - Suitable for development and testing
 - Data persistence not guaranteed during node failures
 - Lower resource requirements
+
 #### HA Mode
 - Implements Typesense's native [**Raft consensus**](https://typesense.org/docs/guide/high-availability.html) mechanism for data replication
 - Deploys as a **3-node cluster by default** for optimal reliability
@@ -21353,26 +30532,39 @@ The choice between HA and non-HA mode must be made during service creation and c
   - Recovery typically takes up to 1 minute during node failures or leader transitions
   - During these periods, requests may temporarily receive `503 Not Ready or Lagging` or `500 Could not find a leader` responses
   - These states automatically resolve once consensus is reestablished
+
 ### API Key Management
+
 The master API key is automatically generated and managed by the platform. You can access it through:
 - The service access details in the Zerops GUI
 - The `apiKey` environment variable in your service configuration
+
 :::warning
 Currently, as a security-focused design decision, the master API key cannot be modified after generation.
 :::
+
 ### CORS Configuration
+
 Your Typesense instance comes with CORS enabled by default, ensuring seamless integration with frontend applications. Browser-based clients can directly access the instance by providing the `X-Typesense-Api-Key` header, maintaining security while enabling straightforward client-side implementation.
+
 ## Network Architecture & Access Patterns
+
 ### Access Methods
+
 #### HTTPS Access
+
 When using HTTPS access (either through Zerops subdomain or custom domain), traffic is distributed across nodes via our integrated Nginx proxy layer. This provides a single access point that handles load balancing automatically.
+
 For enabling HTTPS access:
 1. Configure through the [Zerops access documentation](/features/access)
 2. Or use `enableSubdomainAccess: true` when [importing](/references/import#service-configuration) a Typesense service
+
 #### Direct Node Access
+
 Allows to access individual nodes using internal DNS:
 1. **Via [Zerops VPN](/references/networking/vpn)**
 2. **Internal Project Access** - services within the same project can reach nodes directly
+
 Node addressing patterns:
 ##### Standard format
 **Format:**```node{n}.db.{hostname}.zerops```
@@ -21381,9 +30573,13 @@ Node addressing patterns:
 **Format:**```node-stable-{n}.db.{hostname}.zerops```
 - **maintain consistent IP mapping** until node retirement (scaling down or failure events)
 - e.g. `node-stable-1.db.typesenseha.zerops`, `node-stable-2.db.typesenseha.zerops`
+
 ## Quick Start Example
+
 Here's a simple example of using Typesense with the JavaScript client:
+
 ```javascript
+
 const client = new TypesenseClient({
   nodes: [{
     host: 'your-service.zerops.dev', // Your Zerops subdomain
@@ -21393,6 +30589,7 @@ const client = new TypesenseClient({
   apiKey: process.env.TYPESENSE_API_KEY,
   connectionTimeoutSeconds: 2
 })
+
 // Create a collection
 await client.collections().create({
   name: 'companies',
@@ -21403,6 +30600,7 @@ await client.collections().create({
   ],
   default_sorting_field: 'num_employees'
 })
+
 // Example search query
 const searchResults = await client.collections('companies')
   .documents()
@@ -21413,19 +30611,25 @@ const searchResults = await client.collections('companies')
     sort_by: 'num_employees:desc'
   })
 ```
+
 ## Best Practices
+
 #### API Key Security
 - Never expose the master API key in client-side code
 - Generate scoped search-only API keys for frontend applications
 - Rotate API keys periodically through your service configuration
+
 #### High Availability
 - Implement retry logic in clients for handling temporary unavailability
 - Use stable DNS records for direct node access when needed
+
 #### Performance Optimization
 - Utilize batch operations for bulk updates
 - Configure appropriate timeout values based on your use case
 - Consider data volume when designing collection schemas
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zeropsio)
 - Contact support via [email](mailto:support@zerops.io)
@@ -21434,9 +30638,13 @@ For advanced configurations or custom requirements:
 
 # Ubuntu > How To > Build Pipeline
 
+
 Zerops provides a customizable build and runtime environment for your Ubuntu application.
+
 ## Add zerops.yaml to your repository
+
 Start by adding `zerops.yaml` file to the **root of your repository** and modify it to fit your application:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -21445,45 +30653,57 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: ubuntu@24.04
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
         - sudo apt-get something
         - curl something else
+
       # OPTIONAL. Build your application, e.g. with not officially supported version of your favourite technology
       buildCommands:
         - go build -o app main.go
       # REQUIRED. Select which files / folders to deploy after
       # the build has successfully finished
       deployFiles: app
+
       # OPTIONAL. Which files / folders you want to cache for the next build.
       # Next builds will be faster when the cache is used.
       cache: some_file
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
       base: ubuntu@24.04
+
       # OPTIONAL. Sets the internal port(s) your app listens on:
       ports:
         # port number
         - port: 8080
+
       # OPTIONAL. Customize the runtime Ubuntu environment by installing additional
       # dependencies to the base Ubuntu runtime environment.
       prepareCommands:
         - sudo apt-get something
         - curl something else
+
       # OPTIONAL. Run one or more commands each time a new runtime container
       # is started or restarted. These commands are triggered before
       # your Ubuntu application is started.
       initCommands:
        - rm -rf ./cache
+
       # REQUIRED. Your Ubuntu application start command
       start: ./app
 ```
+
 The top-level element is always `zerops`.
+
 ### Setup
+
 The first element `setup` contains the **hostname** of your service. A runtime service with the same hostname must exist in Zerops.
 Zerops supports the definition of multiple runtime services in a single `zerops.yaml`. This is useful when you use a monorepo. Just add multiple setup elements in your `zerops.yaml`:
+
 ```yaml
 zerops:
   # definition for app service
@@ -21494,6 +30714,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   # definition for api service
   - setup: api
     # optional
@@ -21503,11 +30724,20 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration contains at least the `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Build pipeline configuration
+
 ### base
+
 _REQUIRED._ Sets the base technology for the build environment.
+
 Following options are available for Ubuntu builds:
+
+- `ubuntu@24.04`
+- `ubuntu@22.04`, `ubuntu@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -21518,11 +30748,17 @@ zerops:
       base: ubuntu@24.04
       ...
 ```
-  The base build environment contains {data.ubuntu.default}, Zerops command line tool, `git` and `wget`.
+
+<p>
+  The base build environment contains {data.ubuntu.default}, [Zerops command line tool](/references/cli), `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the build environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -21536,18 +30772,27 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [build base environments](/zerops-yaml/base-list#runtime-services).
+
 To customize your build environment use the [prepareCommands](#preparecommands) attribute.
+
 :::note
 Modifying the base technology will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for more details about cache invalidation.
 :::
+
 ### prepareCommands
+
 _OPTIONAL._ Customizes the build environment by installing additional dependencies or tools to the base build environment.
+
 The base build environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - [Zerops command line tool](/references/cli)
 - `git` and `wget`
+
 To install additional packages or tools add one or more prepare commands:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -21556,6 +30801,7 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: ubuntu@24.04
+
       # OPTIONAL. Customize the build environment by installing additional packages
       # or tools to the base build environment.
       prepareCommands:
@@ -21563,20 +30809,31 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first build is triggered, Zerops will
+
 1. create a build container
 2. download your application code from your repository
 3. run the prepare commands in the defined order
+
 The application code is available in `/build/source` before the prepare commands are triggered, so you can use any file from your repository in your prepare commands (e.g. a configuration file). The commands themselves run in the `/home/zerops` directory.
+
 :::note
 These commands are skipped when using cached environment. Modifying `prepareCommands` will invalidate your build cache. See our [Build Cache Documentation](/features/build-cache) for details about cache invalidation.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the build is canceled. Read the [build log](/ubuntu/how-to/logs#build-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all prepare commands are finished, your custom build environment is ready for the build phase.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### buildCommands
+
 _OPTIONAL._ Defines build commands.
+
 ```yaml
 zerops:
   # hostname of your service
@@ -21585,75 +30842,109 @@ zerops:
     build:
       # REQUIRED. Set the base technology for the build environment:
       base: ubuntu@24.04
+
       # OPTIONAL. Build your application
       buildCommands:
-        - 
+        - <your build commands>
       ...
 ```
+
 Build commands are optional. Zerops triggers each command in the defined order in a dedicated build container, running from the `/build/source` directory.
+
 Before the build commands are triggered the build container contains:
+
 1. base environment defined by the [base](#base) attribute
 2. optional customisation of the base environment defined in the [prepareCommands](#preparecommands) attribute
 3. your application code
+
 For detailed information about build commands, including how to run commands in single or separate shell instances and command exit code handling, refer to the documentation for your specific technology (e.g., [Node.js](/nodejs/how-to/build-pipeline), [Go](/ubuntu/how-to/build-pipeline), [Python](/python/how-to/build-pipeline), etc.).
+
 ### deployFiles
-_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use `.deployignore` file.
-```yaml
+
+_REQUIRED._ Selects which files or folders will be deployed after the build has successfully finished. To filter out specific files or folders, use [`.deployignore`](#deployignore) file.
+
+```yaml
 # REQUIRED. Select which files / folders to deploy after
 # the build has successfully finished
 deployFiles:
   - app
 ```
+
 Determines files or folders produced by your build, which should be deployed to your runtime service containers.
+
 The path starts from the **root directory** of your project (the location of `zerops.yaml`). You must enclose the name in quotes if the folder or the file name contains a space.
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Examples
+
 Deploys a folder, and a file from the project root directory:
+
 ```yaml
 deployFiles:
   - app
   - file.txt
 ```
+
 Deploys the whole content of the build container:
+
 ```yaml
 deployFiles: .
 ```
+
 Deploys a folder, and a file in a defined path:
+
 ```yaml
 deployFiles:
   - ./path/to/file.txt
   - ./path/to/dir/
 ```
+
 #### How to use a wildcard in the path
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 Deploys all folders that are located in any path that begins with `/path/to/`
+
 ```yaml
 deployFiles: ./path/to/~/
 ```
+
 Deploys all folders that are located in any path that begins with `/path/` and ends with `/to/`
+
 ```yaml
 deployFiles: ./path/~/to/
 ```
+
 :::note Example
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
 :::
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -21665,22 +30956,33 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
+
 ### cache
+
 _OPTIONAL._ Defines which files or folders will be cached for the next build.
+
 ```yaml
 # OPTIONAL. Which files / folders you want to cache for the next build.
 # Next builds will be faster when the cache is used.
 cache: file.txt
 ```
+
 The cache attribute helps optimize build times by preserving specified files between builds.
+
 The cache attribute supports the [~ wildcard character](#how-to-use-a-wildcard-in-the-path).
+
 Learn more about the [build cache system](/features/build-cache) in Zerops.
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the build environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -21689,6 +30991,7 @@ zerops:
     build:
       base: ubuntu@24.04
         …
+
       # OPTIONAL. Defines the env variables for the build environment:
       envVariables:
         MODE: production
@@ -21697,12 +31000,21 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/ubuntu/how-to/env-variables) in Zerops.
+
 ## Runtime configuration
+
 ### base
+
 _OPTIONAL._ Sets the base technology for the runtime environment.
 If you don't specify the `run.base` attribute, Zerops keeps the current Ubuntu version for your runtime.
+
 Following options are available for Ubuntu builds:
+
+- `ubuntu@24.04`
+- `ubuntu@22.04`, `ubuntu@latest`
+
 ```yaml
 zerops:
   # hostname of your service
@@ -21712,17 +31024,24 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: ubuntu@24.04
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
         base: ubuntu@24.04
       ...
 ```
+
+<p>
   The base runtime environment contains {data.ubuntu.default}, Zerops command line tool, `git` and `wget`.
+</p>
+
 :::info
 You can change the base environment when you need to. Just simply modify the `zerops.yaml` in your repository.
 :::
+
 If you need to install more technologies to the runtime environment, set multiple values as a yaml array. For example:
+
 ```yaml
 zerops:
   # hostname of your service
@@ -21732,6 +31051,7 @@ zerops:
       # REQUIRED. Sets the base technology for the build environment:
       base: ubuntu@24.04
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Sets the base technology for the runtime environment:
@@ -21741,29 +31061,52 @@ zerops:
         - zsc add nodejs@latest
       ...
 ```
+
 See the full list of supported [run base environments](/zerops-yaml/base-list).
+
 To customise your build environment use the `prepareCommands` attribute.
+
 ### ports
+
 _OPTIONAL._ Specifies one or more internal ports on which your application will listen.
+
 Projects in Zerops represent a group of one or more services. Services can be of different types (runtime services, databases, message brokers, object storage, etc.). All services of the same project share a **dedicated private network**. To connect to a service within the same project, just use the service hostname and its internal port.
+
 For example, to connect to a Ubuntu service with hostname = "app" and port = 8080 from another service of the same project, simply use `app:8080`. Read more about [how to access a Ubuntu service](/references/networking/internal-access#basic-service-communication).
+
 Each port has following attributes:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port number. You can set any port number between 10 and 65435. Ports outside this interval are reserved for internal Zerops systems.
-    
-      protocol
-      Optional. Defines the protocol. Allowed values are TCP or UDP. Default value is TCP.
-    
-      httpSupport
-      Optional. httpSupport = true is the default setting for TCP protocol. Set httpSupport = false if a web server isn't running on the port. Zerops uses this information for the configuration of public access. httpSupport = true is available only in combination with the TCP protocol.
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">port</td>
+      <td className="w-fit">Defines the port number. You can set any port number between <em>10</em> and <em>65435</em>. Ports outside this interval are reserved for internal Zerops systems.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">protocol</td>
+      <td className="w-fit"><strong>Optional.</strong> Defines the protocol. Allowed values are <code>TCP</code> or <code>UDP</code>. Default value is <code>TCP</code>.</td>
+    </tr>
+    <tr>
+      <td className="w-fit">httpSupport</td>
+      <td className="w-fit"><strong>Optional.</strong> <code>httpSupport = true</code> is the default setting for TCP protocol. Set <code>httpSupport = false</code> if a web server isn't running on the port. Zerops uses this information for the configuration of [public access](/features/access). <code>httpSupport = true</code> is available only in combination with the TCP protocol.</td>
+    </tr>
+  </tbody>
+</table>
+
 ### prepareCommands
+
 _OPTIONAL._ Customises the Ubuntu runtime environment by installing additional dependencies or tools to the runtime base environment.
-  The base Ubuntu environment contains {data.ubuntu.default}, Zerops command line tool and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+
+<p>
+  The base Ubuntu environment contains {data.ubuntu.default}, [Zerops command line tool](/references/cli) and `git` and `wget`. To install additional packages or tools add one or more prepare commands:
+</p>
+
 ```yaml
 zerops:
   # hostname of your service
@@ -21771,6 +31114,7 @@ zerops:
     # ==== how to build your application ====
     build:
       ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -21780,26 +31124,44 @@ zerops:
         - curl something else
       ...
 ```
+
 When the first deploy with a defined prepare attribute is triggered, Zerops will
+
 1. create a prepare runtime container
 2. optionally: [copy selected folders or files from your build container](#copy-folders-or-files-from-your-build-container)
 3. run the `prepareCommands` commands in the defined order
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
+
 #### Command exit code
+
 If any command fails, it returns an exit code other than 0 and the deploy is canceled. Read the [prepare runtime log](/ubuntu/how-to/logs#prepare-runtime-log) to troubleshoot the error. If the command ends successfully, it returns the exit code 0 and Zerops triggers the following command. When all `prepareCommands` commands are finished, your custom runtime environment is ready for the deploy phase.
+
 #### Cache of your custom runtime environment
+
 Some packages or tools can take a long time to install. Therefore, Zerops caches your custom runtime environment after the installation of your custom packages or tools is completed. When the second or following deploy is triggered, Zerops will use the custom runtime cache from the previous deploy if following conditions are met:
+
 1. Content of the [build.addToRunPrepare](#copy-folders-or-files-from-your-build-container) and `run.prepareCommands` attributes didn't change from the previous deploy
 2. The custom runtime cache wasn't invalidated in the Zerops GUI.
+
 To invalidate the Zerops runtime cache go to your service detail in Zerops GUI, choose **Service dashboard & runtime containers** from the left menu and click on the **Open pipeline detail** button. Then click on the **Clear runtime prepare cache** button.
+
 When the prepare cache is used, Zerops doesn't create a prepare runtime container and executes the deployment of your application directly.
+
 #### Single or separated shell instances
+
 You can configure your prepare commands to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### Copy folders or files from your build container
-  The prepare runtime container contains {data.ubuntu.default}, Zerops command line tool and `git` and `wget`.
+
+<p>
+  The prepare runtime container contains {data.ubuntu.default}, [Zerops command line tool](/references/cli) and `git` and `wget`.
+</p>
+
 The prepare runtime container does not contain your application code nor the built application. If you need to copy some folders or files from the build container to the runtime container (e.g. a configuration file) use the `addToRunPrepare` attribute in the [build section](#build-pipeline-configuration).
+
 ```yaml
 zerops:
   # hostname of your service
@@ -21808,6 +31170,7 @@ zerops:
     build:
       ...
       addToRunPrepare: ./runtime-config.yaml
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Customise the runtime environment by installing additional packages
@@ -21817,15 +31180,20 @@ zerops:
         - curl something else
       ...
 ```
+
 In the example above Zerops will copy the `runtime-config.yaml` file from your build container **after the build has finished** into the new **prepare runtime** container. The copied files and folders will be available in the `/home/zerops` folder in the new prepare runtime container before the prepare commands are triggered.
+
 ### initCommands
+
 _OPTIONAL._ Defines one or more commands to be run each time a new runtime container is started or a container is restarted.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Run one or more commands each time a new runtime container
@@ -21834,22 +31202,35 @@ zerops:
       initCommands:
         - rm -rf ./cache
 ```
+
 These commands are triggered in the runtime container before your Ubuntu application is started via the [start command](#start).
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
+
 Use init commands to clean or initialise your application cache or similar operations.
+
 :::caution
 The init commands will delay the start of your application each time a new runtime container is started (including the horizontal [scaling](/ubuntu/how-to/scaling) or when a runtime container is restarted).
+
 Do not use the init commands for customising your runtime environment. Use the [run:prepareCommands](#preparecommands-1) attribute instead.
 :::
+
 #### Command exit code
+
 If any of the `initCommands` fails, it returns an exit code other than 0, but deploy is **not** canceled. After all init commands are finished, regardless of the status code, the application is started. Read the [runtime log](/ubuntu/how-to/logs#runtime-log) to troubleshoot the error.
+
 #### Single or separated shell instances
+
 You can configure your `initCommands` to be run in a single shell instance or multiple shell instances. The format is identical to [build commands](#buildcommands).
+
 ### envVariables
+
 _OPTIONAL._ Defines the environment variables for the runtime environment.
+
 Enter one or more env variables in following format:
+
 ```yaml
 zerops:
   # define hostname of your service
@@ -21864,56 +31245,82 @@ zerops:
         DB_USER: db
         DB_PASS: ${db_password}
 ```
+
 Read more about [environment variables](/ubuntu/how-to/env-variables) in Zerops.
+
 ### start
+
 _OPTIONAL._ Defines the start command for your Ubuntu application.
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Your Ubuntu application start command
       start: ./app
 ```
+
 ### health check
+
 _OPTIONAL._ Defines a health check.
+
 `healthCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the health check to request a local URL using a HTTP GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # OPTIONAL. Your Ubuntu application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a HTTP GET request option.
       # Configures the check on http://127.0.0.1:80/status
       healthCheck:
@@ -21921,30 +31328,47 @@ zerops:
           port: 80
           path: /status
 ```
+
 #### exec
+
 Configures the health check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Ubuntu application.
+
+        The command has access to the same [environment variables](/ubuntu/how-to/create#set-secret-environment-variables) as your Ubuntu application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to run your application ====
     run:
       # REQUIRED. Your Ubuntu application start command
       start: ./app
+
       # OPTIONAL. Define a health check with a shell command.
       healthCheck:
         exec:
@@ -21953,13 +31377,18 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 ### crontab
+
 _OPTIONAL._ Defines cron jobs.
+
 Setup cron jobs in the following format:
+
 ```yaml
 zerops:
   # define hostname of your service
   - setup: app
+
     # ==== how to run your application ====
     run:
       crontab:
@@ -21968,40 +31397,62 @@ zerops:
         # REQUIRED. Sets the interval time to execute:
           timing: "0 * * * *"
 ```
+
 Read more about setting up [cron](/zerops-yaml/cron) in Zerops.
+
 ## Deploy configuration
+
 ### readiness check
+
 _OPTIONAL._ Defines a readiness check. Read more about how the [readiness check works](/ubuntu/how-to/deploy-process#readiness-checks) in Zerops.
+
 `readinessCheck` requires either one `httpGet` object or one `exec` object.
+
 #### httpGet
+
 Configures the readiness check to request a local URL using a http GET method.
+
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      port
-      Defines the port of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      path
-      Defines the URL path of the HTTP GET request.
-The readiness check will trigger a GET request on {'http://127.0.0.1:{port}/{path}'}
-    
-      host
-      Optional. The readiness check is triggered from inside of your runtime container so it always uses the localhost 127.0.0.1. If you need to add a host to the request header, specify it in the host attribute.
-    
-      scheme
-      Optional. The readiness check is triggered from inside of your runtime container so no https is required.
-If your application requires a https request, set scheme: https
-    
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit whitespace-nowrap">Parameter</th>
+      <th className="w-fit whitespace-nowrap">Description</th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">port</td>
+      <td>Defines the port of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">path</td>
+      <td>Defines the URL path of the HTTP GET request.
+The readiness check will trigger a GET request on <code>{'http://127.0.0.1:{port}/{path}'}</code></td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">host</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so it always uses the localhost <code>127.0.0.1</code>. If you need to add a <code>host</code> to the request header, specify it in the <code>host</code> attribute.</td>
+    </tr>
+    <tr>
+      <td className="w-fit whitespace-nowrap font-semibold">scheme</td>
+      <td><strong>Optional.</strong> The readiness check is triggered from inside of your runtime container so no https is required.
+If your application requires a https request, set <code>scheme: https</code></td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -22010,30 +31461,48 @@ zerops:
         httpGet:
           port: 80
           path: /status
+
     # ==== how to run your application ====
     run: ...
 ```
+
 Read more about how the [readiness check works](/ubuntu/how-to/deploy-process#readiness-checks) in Zerops.
+
 #### exec
+
 Configures the readiness check to run a local command.
 Following attributes are available:
-  
-      Parameter
-      Description
-    
-      command
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>command</strong></td>
+      <td className="w-fit">
         Defines a local command to be run.
-        The command has access to the same environment variables as your Ubuntu application.
+
+        The command has access to the same [environment variables](/ubuntu/how-to/create#set-secret-environment-variables) as your Ubuntu application.
+
         A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example below.
-      
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 **Example:**
+
 ```yaml
 zerops:
   # hostname of your service
   - setup: app
     # ==== how to build your application ====
     build: ...
+
     # ==== how to deploy your application ====
     deploy:
       # OPTIONAL. Define a readiness check with a HTTP GET request option.
@@ -22045,80 +31514,124 @@ zerops:
             rm -rf life
             mv /outside/user /home/user
 ```
+
 Read more about how the [readiness check works](/ubuntu/how-to/deploy-process#readiness-checks) in Zerops.
 
+
 ----------------------------------------
 
 # Ubuntu > How To > Build Process
 
-  
+
 ## Build process overview
+
 Zerops starts a temporary build container and performs the following actions:
+
 1. **Installs the build environment** - Sets up base system and  runtime
 2. **Downloads your application source code** - From [GitHub ↗](https://www.github.com), [GitLab ↗](https://www.gitlab.com) or via [Zerops CLI](/references/cli)
 3. **Optionally customizes the build environment** - Runs prepare commands if configured
 4. **Runs the build commands** - Executes your build process
 5. **Uploads the application artifact** - Stores build output to internal Zerops storage
 6. **Caches selected files** - Preserves specified files for faster future builds
+
 The build container is automatically deleted after the build has finished or failed.
+
 ## Build configuration
-Configure your  build process in your `zerops.yaml` file according to the full build & deploy  pipeline guide.
+
+Configure your  build process in your `zerops.yaml` file according to the  pipeline guide</VarLink>.
+
 ## Build environment
+
 ### Default  build environment
+
 The default  build environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - [zCLI](/references/cli), Zerops command line tool
-- 
+-
+
 ### Customize build environment
-To install additional packages or tools, add one or more build.prepareCommands to your `zerops.yaml`.
+
+To install additional packages or tools, add one or more  to your `zerops.yaml`.
+
 :::info
 The application code is available in the `/build/source` folder in your build container before the prepare commands are triggered. This allows you to use any file from your application code in your prepare commands (e.g. a configuration file).
 :::
+
 ### Build hardware resources
+
 All runtime services use the same hardware resources for build containers:
-  
-      HW resource
-      Minimum
-      Maximum
-    
-      CPU cores
-      1
-      5
-    
-      RAM
-      8 GB
-      8 GB
-    
-      Disk
-      1 GB
-      100 GB
-    
+
+<table className="w-fit my-1.5">
+  <thead>
+    <tr className="text-center rounded-lg">
+      <th className="w-fit"><strong>HW resource</strong></th>
+      <th className="w-fit"><strong>Minimum</strong></th>
+      <th className="w-fit"><strong>Maximum</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit font-semibold">CPU cores</td>
+      <td className="w-fit">1</td>
+      <td className="w-fit">5</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">RAM</td>
+      <td className="w-fit">8 GB</td>
+      <td className="w-fit">8 GB</td>
+    </tr>
+    <tr>
+      <td className="w-fit font-semibold">Disk</td>
+      <td className="w-fit">1 GB</td>
+      <td className="w-fit">100 GB</td>
+    </tr>
+  </tbody>
+</table>
+
 Build containers start with minimum resources and scale vertically up to maximum capacity as needed.
+
 ### Build time limit
+
 The time limit for the whole build pipeline is **1 hour**. After 1 hour, Zerops will terminate the build pipeline and delete the build container.
+
 :::info
 Build container resources are not charged separately. Limited build time is included in your [project core plan](/company/pricing#project-core-plans), with additional build time available if needed.
 :::
+
 ## Troubleshooting  builds
+
 :::tip Advanced troubleshooting
 For complex build issues that require investigation, you can enable [debug mode](/features/debug-mode) to pause the build process at specific points and inspect the build container state interactively.
 :::
+
 ### Build and prepare command failures
-If any build command or prepare command fails (returns non-zero exit code), the build is canceled. Check the build log to troubleshoot the error.
+
+If any  or  fails (returns non-zero exit code), the build is canceled. Check the  to troubleshoot the error.
+
 ### Build cache issues
+
 If you encounter unexpected build behavior or dependency issues, the problem might be related to cached build data. While Zerops maintains the build cache to speed up deployments, sometimes you may need to start fresh.
+
 To invalidate the build cache:
+
 1. Go to your service detail in Zerops GUI
 2. Choose **Pipelines & CI/CD Settings** from the left menu
 3. Click on the **Invalidate build cache** button
+
 This will force Zerops to run the next build clean, including all prepare commands.
+
 Learn more about [build cache behavior](/features/build-cache).
+
 ## More resources
+
 For more details about the build and deploy pipeline, including how to cancel builds and manage application versions, see the [general pipeline documentation](/features/pipeline).
+
 ## Next steps
-- Understand the deployment process
-- Learn how to customize the runtime environment
-- Explore build and runtime logs
+
+- Understand the
+- Learn how to
+- Explore
 
 ----------------------------------------
 
@@ -22130,35 +31643,60 @@ For more details about the build and deploy pipeline, including how to cancel bu
 
 # Ubuntu > How To > Create
 
+
 Zerops provides a Ubuntu runtime service with extensive build support. Ubuntu runtime is highly scalable and customisable to suit both development and production.
+
 ## Create Ubuntu service using Zerops GUI
+
 First, set up a project in Zerops GUI. Then go to the project dashboard page and choose **Add new service** in the left menu in the **Services** block. Then add a new Ubuntu service:
+
+[Video: /vids/services/golang.webm](/vids/services/golang.webm)
+
 ### Choose Ubuntu version
+
 Following Ubuntu versions are currently supported:
+
 :::info
 You can [change](/ubuntu/how-to/upgrade) the major version at any time later.
 :::
+
 ### Set a hostname
+
 Enter a unique service identifier like "app","cache", "gui" etc. Duplicate services with the same name in the same project are forbidden.
+
 #### Limitations:
+
 - maximum 25 characters
 - must contain only lowercase ASCII letters (a-z) or numbers (0-9)
+
 :::caution
 The hostname is fixed after the service is created. It can't be changed later.
 :::
+
 ### Set secret environment variables
+
 Add environment variables with sensitive data, such as password, tokens, salts, certificates etc. These will be securely saved inside Zerops and added to your runtime service upon start.
+
 Setting the secret environment variables is optional. You can set them later in Zerops GUI.
+
 Read more about [different types of env variables](/ubuntu/how-to/env-variables#service-env-variables) in Zerops.
+
 ## Create Ubuntu service using zCLI
+
 zCLI is the Zerops command-line tool. To create a new Ubuntu service via the command-line, follow these steps:
+
 1. [Install & setup zCLI](/references/cli)
 2. [Create a project description file](/ubuntu/how-to/create#create-a-project-description-file)
 3. [Create a project with a Ubuntu and PostgreSQL service](#full-example)
+
 ### Create a project description file
+
 Zerops uses a yaml format to describe the project infrastructure.
+
 #### Basic example:
+
 Create a directory `my-project`. Create an `description.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -22179,13 +31717,18 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes your future project infrastructure. The project will contain one Ubuntu service with default [auto scaling](/ubuntu/how-to/scaling) configuration. Hostname will be set to "app", the internal port(s) the service listens on will be defined later in the [zerops.yaml](/ubuntu/how-to/build-pipeline#ports). Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 #### Full example:
+
 Create a directory my-project. Create an description.yaml file inside the my-project directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -22230,98 +31773,143 @@ services:
     # mode of operation "HA"/"non_HA"
     mode: NON_HA
 ```
+
 The yaml file describes your future project infrastructure. The project will contain a Ubuntu service and a [PostgreSQL](/postgresql/overview) service.
+
 Ubuntu service with "app" hostname, the internal port(s) the service listens on will be defined later in the zerops.yaml. Ubuntu service will run with a custom vertical and horizontal scaling. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The hostname of the PostgreSQL service will be set to "db". The [single container](/features/scaling#single-container-mode)(/features/scaling#deployment-modes-databases-and-shared-storage) mode will be chosen and the default auto [scaling configuration](/postgresql/how-to/scale#configure-scaling) will be set.
+
 #### Description of description.yaml parameters
+
 The `project:` section is required. Only one project can be defined.
-  
-      Parameter
-      Description
-    
-      hostname
-      
+
+<table className="w-full my-1.5">
+  <thead>
+    <tr>
+      <th className="w-fit"><strong>Parameter</strong></th>
+      <th className="w-fit"><strong>Description</strong></th>
+    </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit"><strong>hostname</strong></td>
+      <td className="w-fit">
         The unique service identifier.
-         
+
         The hostname of the new database will be set to the `hostname` value.
-         
-        Limitations:
-        
-        duplicate services with the same name in the same project are forbidden
-        maximum 25 characters
-        must contain only lowercase ASCII letters (a-z) or numbers (0-9)
-        
-      type
-      
+
+        <strong>Limitations:</strong>
+        <ul>
+        <li>duplicate services with the same name in the same project are forbidden</li>
+        <li>maximum 25 characters</li>
+        <li>must contain only lowercase ASCII letters (a-z) or numbers (0-9)</li>
+        </ul>
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>type</strong></td>
+      <td className="w-fit">
         Specifies the service type and version.
-        
+
         See what [Ubuntu service types](/references/import-yaml/type-list#runtime-services) are currently supported.
-      
-      verticalAutoscaling
-      
-        Optional. Defines custom vertical auto scaling parameters.
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>verticalAutoscaling</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines [custom vertical auto scaling parameters](/ubuntu/how-to/create#set-auto-scaling-configuration).
+
         All verticalAutoscaling attributes are optional. Not specified attributes will be set to their default values.
-      
-      - cpuMode
-      
-        Optional. Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
-      
-      - minCpu/maxCpu
-      
-        Optional. Set the minCpu or maxCpu in CPU cores (integer).
-      
-      - minRam/maxRam
-      
-        Optional. Set the minRam or maxRam in GB (float).
-      
-      - minDisk/maxDisk
-      
-        Optional. Set the minDisk or maxDisk in GB (float).
-      
-      minContainers
-      
-        Optional. Default = 1. Defines the minimum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- cpuMode</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Accepts `SHARED`, `DEDICATED` values. Default is `SHARED`
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minCpu/maxCpu</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minCpu or maxCpu in CPU cores (integer).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minRam/maxRam</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minRam or maxRam in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>- minDisk/maxDisk</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Set the minDisk or maxDisk in GB (float).
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>minContainers</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Default = 1. Defines the minimum number of containers for [horizontal autoscaling](/ubuntu/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      maxContainers
-      
-        Defines the maximum number of containers for horizontal autoscaling.
-         
-        Limitations:
-        
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>maxContainers</strong></td>
+      <td className="w-fit">
+        Defines the maximum number of containers for [horizontal autoscaling](/ubuntu/how-to/create#horizontal-auto-scaling).
+
+        <strong>Limitations:</strong>
+
         Current maximum value = 10.
-      
-      envSecrets
-      
-        Optional. Defines one or more secret env variables as a key value map. See env variable restrictions.
-      
+      </td>
+    </tr>
+    <tr>
+      <td className="w-fit"><strong>envSecrets</strong></td>
+      <td className="w-fit">
+        <strong>Optional.</strong> Defines one or more secret env variables as a key value map. See env variable [restrictions](/ubuntu/how-to/env-variables#env-variable-restrictions).
+      </td>
+    </tr>
+  </tbody>
+</table>
+
 ### Create a project based on the description.yaml
+
 When you have your `description.yaml` ready, use the `zcli project project-import` command to create a new project and the service infrastructure.
+
 ```sh
 Usage:
   zcli project project-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project import command.
       --org-id string        If you have access to more than one organization, you must specify the org ID for which the
                             project is to be created.
       --working-dir string   Sets a custom working directory. Default working directory is the current directory. (default "./")
 ```
+
 Zerops will create a project and one or more services based on the `description.yaml` content.
+
 Maximum size of the `description.yaml` file is 100 kB.
+
 You don't specify the project name in the `zcli project project-import` command, because the project name is defined in the `description.yaml`.
+
 If you have access to more than one client, you must specify the client ID for which the project is to be created. The `clientID` is located in the Zerops GUI under the client name on the project dashboard page.
-  
+
 ### Add Ubuntu service to an existing project
+
 #### Example:
+
 Create a directory `my-project` if it doesn't exist. Create an `import.yaml` file inside the `my-project` directory with following content:
+
 ```yaml
 # basic project data
 project:
@@ -22342,65 +31930,90 @@ services:
       S3_ACCESS_KEY_ID: 'P8cX1vVVb'
       S3_ACCESS_SECRET: 'ogFthuiLYki8XoL73opSCQ'
 ```
+
 The yaml file describes the list of one or more services that you want to add to your existing project. In the example above, one Ubuntu service version 1 with default [auto scaling](/ubuntu/how-to/scaling) configuration will be added to your project. Hostname of the new service will be set to `app`. Following secret env variables will be configured:
+
 ```env
 S3_ACCESS_KEY_ID="P8cX1vVVb"
 S3_ACCESS_SECRET="ogFthuiLYki8XoL73opSCQ"
 ```
+
 The content of the `services:` section of `import.yaml` is identical to the project description file. The `import.yaml` never contains the `project:` section because the project already exists.
+
 When you have your `import.yaml` ready, use the `zcli project service-import` command to add one or more services to your existing Zerops project.
+
 ```sh
 Usage:
   zcli project service-import importYamlPath [flags]
+
 Flags:
   -h, --help                Help for the project service import command.
   -P, --project-id string   If you have access to more than one project, you must specify the project ID for which the
                            command is to be executed.
 ```
+
 zCLI commands are interactive, when you press enter after `zcli project service-import importYamlPath`, you will be given a list of your projects to choose from.
+
 Maximum size of the import.yaml file is 100 kB.
 
+
 ----------------------------------------
 
 # Ubuntu > How To > Customize Runtime
 
-System packages: Install any packages you need via apt-get, such as imagemagick, ffmpeg, or chromium',
-  'Specific language versions: Install versions of Go, Node.js, PHP, Python, or other runtimes that are not available as dedicated Zerops services (e.g., older or cutting-edge versions)',
-  'Custom binaries: Add compiled binaries or tools not available in the default repositories',
-  'Development tools: Include debugging tools, profilers, or other utilities',
-  'Specific libraries: Install dependencies required by your application'
-]} />
+
 ## Build Custom Runtime Images
+
 Zerops allows you to build custom runtime images (CRI) when the default base runtime images don't meet your application's requirements. This is an optional phase in the [build and deploy pipeline](/features/pipeline#runtime-prepare-phase-optional).
+
 Ubuntu is a versatile base for running anything not explicitly offered as a dedicated Zerops runtime. You can install any packages and tools you need, treating it as a clean OS to customize however you want.
+
 It is also a great option when you need a specific version of a technology (like Go, Node.js, or PHP) that Zerops doesn't support by default—whether it's an older version for legacy projects or a newer release not yet available.
+
 ## Configuration
+
 ### Default  Runtime Environment
+
 The default  runtime environment contains:
-- {data.ubuntu.default}
+
+- <span>{data.ubuntu.default}</span>
 - [zCLI](/references/cli)
-- 
+-
+
 ### When You Need a Custom Runtime Image
+
 Since Ubuntu serves as a general-purpose base, you'll likely want to customize it for your specific use case. Common scenarios include:
+
 :::important
 You should not include your application code in the custom runtime image, as your built/packaged code is deployed automatically into fresh containers.
 :::
+
 Here are examples of configuring custom runtime images in your `zerops.yml`:
+
 ### Basic  Setup
+
 ### Using Build Files in Runtime Preparation
+
 For complete configuration details, see the [runtime prepare phase configuration guide](/features/pipeline#configuration).
+
 ## Process and Caching
+
 ### How Runtime Prepare Works
 The runtime prepare process follows the same steps for all runtimes. See [how runtime prepare works](/features/pipeline#how-it-works) for the complete process details.
+
 ### Caching Behavior
 Zerops caches custom runtime images to optimize deployment times. Learn about [custom runtime image caching](/features/pipeline#custom-runtime-image-caching) including when images are cached and reused.
+
 ### Build Management
 For information about managing builds and deployments, see [managing builds and deployments](/features/pipeline#manage-builds-and-deployments).
+
 :::warning
 Shared storage mounts are not available during the runtime prepare phase.
 :::
+
 ## Troubleshooting
-If your `prepareCommands` fail, check the prepare runtime log for specific error messages.
+
+If your `prepareCommands` fail, check the  for specific error messages.
 
 ----------------------------------------
 
@@ -22454,39 +32067,76 @@ If your `prepareCommands` fail, check the prepare runtime log for specific error
 
 # Ubuntu > Overview
 
+
 [Ubuntu ↗](https://ubuntu.com/) is a popular Linux distribution based on Debian, widely used for servers, cloud computing, and containerized applications.
+
 Ubuntu services in Zerops provide a flexible base environment for running applications built with technologies that aren't officially supported by Zerops, or for custom setups requiring full control over the runtime environment.
+
 :::tip
 Do you have any questions? Check the step-by-step tutorial, browse the documentation and join our **[Discord](https://discord.com/invite/WDvCZ54)** community to get help from our team and other members.
 :::
+
 ## Feature Highlights
+
+- [Create Ubuntu service](/ubuntu/how-to/create) — Start with creating an Ubuntu service using GUI or zCLI.
+- [zerops.yaml](/ubuntu/how-to/build-pipeline#add-zeropsyaml-to-your-repository) — See a full example of zerops.yaml file to configure your own app.
+- [Scaling configuration](/ubuntu/how-to/scaling) — Set up scaling of your Ubuntu service so that it runs smoothly while using only necessary resources.
+
 {" "}
+
+- [Customize build environment](/ubuntu/how-to/build-process#customize-build-environment)
+- [Customize runtime environment](/ubuntu/how-to/customize-runtime)
+
 ## When in doubt, reach out
+
 Don't know how to start or got stuck during the process? You might not be the first one, visit the FAQ section to find out.
+
 In case you haven't found an answer (and also if you have), we and our community are looking forward to hearing from you on Discord.
+
 Have you built something that others might find useful? Don't hesitate to share your knowledge!
+
+- [FAQ](/ubuntu/faq) — Most common questions in one place.
+- [Discord](https://discord.com/invite/WDvCZ54) — Join our core team and Zerops community on Discord. Ask questions and share your tips with other members.
+
 ## Popular Guides
 
+- [zCLI](/references/cli) — Get even more out of Zerops with the zCLI command line tool.
+- [Zerops VPN](/references/networking/vpn) — Connect to your services easily with Zerops VPN.
+
+
 ----------------------------------------
 
 # Valkey > Overview
 
+
 Valkey is a powerful, open-source alternative to Redis, offering full compatibility with Redis clients while providing an independent development path focused on community-driven innovation. Deploy and manage Valkey in Zerops' fully managed infrastructure to get instant access to high-performance in-memory data storage.
+
 :::tip
 Valkey is our recommended Redis alternative as KeyDB's development has slowed significantly in recent times.
 :::
+
 ## Supported Versions
+
 Currently supported Valkey versions:
+
 Import configuration version:
+
+- `valkey@7.2`
+
 ## Service Configuration
+
 Zerops offers Valkey in two deployment configurations to meet different availability requirements.
+
 ### Non-HA Setup
 - Single node deployment on port `6379` (non-TLS) and `6380` (TLS)
 - No backup mechanism beyond Zerops infrastructure reliability
 - Data persists unless the hardware node fails
 - Suitable for development or non-critical workloads
+
 ### HA (High Availability) Setup
+
 Our HA implementation uses a unique approach to ensure high availability while maintaining compatibility with all Redis clients:
+
 - 3-node configuration (1 master + 2 replicas)
 - Access ports:
   - `6379` - read/write operations (non-TLS, routed to master)
@@ -22501,170 +32151,2365 @@ Our HA implementation uses a unique approach to ensure high availability while m
   - When a master fails, a replica is promoted and routing is updated automatically
   - DNS entries are updated for seamless client connection
   - This implementation provides traffic forwarding to master (not natively supported by Valkey)
+
 :::note
 Be aware that replica data may lag slightly behind the master due to asynchronous replication.
 :::
+
 ## Learn More
+
 - [Official Valkey Documentation](https://valkey.io/docs) - Comprehensive guide to Valkey features
+
 ## Support
+
 For advanced configurations or custom requirements:
 - Join our [Discord community](https://discord.gg/zeropsio)
 - Contact support via [email](mailto:support@zerops.io)
 
+----------------------------------------
+
+# Zcp > Concept > How It Works
+
+
+The ZCP MCP setup gives a coding agent a **work loop** for Zerops app work. The agent reads live state, chooses the app runtime and dependencies, changes the app, deploys through Zerops, verifies real behavior, and returns proof or a blocker.
+
+The loop is carried by project-scoped Zerops operations, Zerops-specific knowledge, and instructions for what to inspect, what to change, when to ask, and what counts as done. You describe the product outcome; the agent uses the loop to make its decisions visible while it works.
+
+The source of truth is the real project: runtimes, managed services, env references, logs, events, and deploy results. A separate preview sandbox is not the source of truth.
+
+## The work loop
+
+```mermaid
+flowchart TD
+  intent["Product intent
+<code>Build a task board for my team.</code>"]
+  state["Live state
+services, runtime layout, env vars,
+logs, events, saved work state"]
+  scope["Runtime target
+which app service changes"]
+  setup{"Missing or unsuitable
+services?"}
+  provision["Service setup
+use existing services or create
+missing runtimes/dependencies"]
+  appwork["App work
+code, <code>zerops.yaml</code>, env refs,
+migrations, seeds, framework config"]
+  deploy["Direct deploy through Zerops"]
+  reachability{"Runtime reachable?
+status, logs, HTTP probe"}
+  behavior{"Requested behavior works?
+endpoint, UI flow, worker result,
+persisted state"}
+  evidence["Evidence
+build logs, runtime logs,
+events, verify output"]
+  proof["Proof
+URL, endpoint result,
+UI state, or stored result"]
+  delivery["Delivery after proof
+keep direct deploy, push to git,
+or hand off"]
+  blocker["Blocker
+credential, decision,
+unsupported fit,
+repeated failure"]
+
+  intent --> state --> scope --> setup
+  setup -->|yes| provision --> appwork
+  setup -->|no| appwork
+  appwork --> deploy --> reachability
+  reachability -->|no, fixable| evidence --> appwork
+  reachability -->|yes| behavior
+  behavior -->|no, fixable| evidence
+  behavior -->|yes| proof --> delivery
+  setup -->|needs decision| blocker
+  reachability -->|needs human| blocker
+  behavior -->|needs human| blocker
+
+  classDef user fill:#f7fbff,stroke:#2d72d9,stroke-width:1.5px,color:#172033;
+  classDef zcpbox fill:#eef7f1,stroke:#32845a,stroke-width:1.5px,color:#172033;
+  classDef work fill:#fffaf0,stroke:#c47f17,stroke-width:1.5px,color:#172033;
+  classDef done fill:#f5f3ff,stroke:#7157d9,stroke-width:1.5px,color:#172033;
+  classDef stop fill:#fff1f2,stroke:#d33f49,stroke-width:1.5px,color:#172033;
+
+  class intent user;
+  class state,scope zcpbox;
+  class setup,provision,appwork,deploy,reachability,behavior,evidence work;
+  class proof,delivery done;
+  class blocker stop;
+```
+
+The loop keeps the agent working from evidence instead of a guessed checklist: current state, Zerops wiring rules, deploy evidence, and the distinction between proof and blocker.
+
+## What "live state" means
+
+The MCP tools read Zerops instead of asking you to paste a service inventory into the prompt. Useful state includes:
+
+- runtime services and managed services,
+- whether the app has one runtime, a dev+stage pair, or local files linked to a Zerops runtime,
+- env-var keys and Zerops references,
+- recent build/deploy events,
+- build logs, runtime logs, and verification output,
+- saved work state after an interrupted session.
+
+This is why a short prompt can be enough. The agent can ask what exists, which runtime was last deployed, which checks passed, and where a previous run stopped.
+
+Chat history is not the source of truth. If the agent sounds confused, starts from an old assumption, or a session was interrupted, the recovery move is:
+
+```text
+Read current project status and tell me where this project stands before changing anything.
+```
+
+## What the workflow handles
+
+The workflow handles the things an agent must resolve during app work so you do not have to name them in the prompt. The tools and instructions supply the state, guidance, operations, and verification surface so the agent can work from evidence.
+
+| What the workflow handles | What the agent gets                                                                                                 | What that means for you                                                       |
+| ------------------------- | ------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------- |
+| Live state       | Services, env-var keys, Zerops references, recent events, logs, verification output, and saved work state.          | You do not have to paste a service inventory or reconstruct what happened.    |
+| Runtime target   | Rules for choosing the app runtime that should receive code changes.                                                | The agent can identify where app work belongs before editing or deploying.    |
+| Managed services | Knowledge and env wiring patterns for database, cache, queue, search, storage, mail, and similar services.          | Product intent can imply real dependencies without a manual wiring checklist. |
+| Service setup    | Operations for using existing services or creating missing runtimes and dependencies.                               | Runtime layout and dependencies can be established before app work starts.    |
+| App wiring       | Zerops-specific rules for `zerops.yaml`, env references, ports, commands, public access, and build/deploy behavior. | The app is wired for Zerops rather than for a generic cloud template.         |
+| Deploy evidence  | Build logs, runtime logs, platform events, service status, HTTP checks, and structured verification output.         | A failed deploy becomes a diagnosis surface instead of guesswork.             |
+| Behavior proof   | The proof gate is the requested behavior, not only a successful build or reachable root URL.                        | The final answer can point to what was actually checked.                      |
+| Delivery handoff | Direct proof first; then git push, CI, or human handoff when that is the chosen delivery choice.                    | Shipping setup follows a verified running result.                             |
+| Delivery handoff | Direct proof first; then git push, CI, or human handoff when that is the chosen delivery choice.                    | Shipping setup follows a verified running result.                             |
+
+The exact labels for layouts, delivery modes, and setup routes live in the [Glossary](/zcp/glossary) and [Workflows in depth](/zcp/reference/agent-workflow).
+
+## Service setup prepares the project layout
+
+Before app code work starts, the workflow makes three decisions visible:
+
+- Which runtime service is the app target?
+- Which managed services are dependencies?
+- Does the existing project layout fit the request?
+
+If the services already exist, the agent can use them. If a needed runtime or dependency is missing, the tools can create it. If the choice affects cost, product scope, credentials, a destructive action, or which stage/runtime should be used, the agent should stop and ask.
+
+Service setup is finished when the app runtime and dependencies are known. It is the layout that lets app work happen in the right place.
+
+## App work changes code and platform wiring together
+
+After the runtime target is known, the agent gets the platform knowledge needed to make the application change. In practice this often spans both source code and Zerops wiring:
+
+- app files,
+- `zerops.yaml` build and run setup,
+- env references to managed services,
+- migrations, seeds, and framework config,
+- start commands, ports, and public HTTP support,
+- local `.env` generation when using local setup.
+
+That guidance matters because Zerops is its own platform. Service references, build/deploy behavior, public access, scaling, and env resolution do not follow Docker Compose or Kubernetes conventions.
+
+The first functional deploy goes directly through MCP so the agent has a running result to verify. A repository push or CI handoff can follow, but it should not replace the first proof.
+
+## Recovery is evidence-driven
+
+When something fails, the workflow puts the agent on the matching evidence surface — build logs for build failures, prepare/runtime logs for start failures, verify output and request-time logs for behavior failures, transport surfaces for network failures, field-level rejection for config, and the named credential surface for credential failures. The full categories, what to read first, and what to avoid live in [Troubleshooting](/zcp/reference/troubleshooting).
+
+Retrying the same deploy without new evidence is not progress. The loop pushes toward one of three outcomes: fix from a cause, ask for the missing decision, or report a blocker with the category, evidence read, and attempts made.
+
+## Verification has two layers
+
+A successful deploy proves that Zerops accepted the build and started the runtime. Reachability checks prove the service is running and reachable. They still do not prove the product request.
+
+For a task-board app, useful behavior proof might be:
+
+- create a task,
+- move it between columns,
+- refresh the page,
+- confirm the task is still there.
+
+For an API task, proof might be a JSON response from the requested endpoint and stored data behind it. For a worker task, proof might be a processed job and the resulting database or object-storage state. For a staging request, proof belongs on the stage runtime, not only on dev.
+
+The final answer should make proof inspectable: runtime name, URL or endpoint, behavior checked, and delivery choice if one was set.
+
+## Delivery happens after proof
+
+Delivery choice controls how future changes ship after a verified runtime exists: keep direct deploy, push to git, or hand off to CI/release/human action. The user-facing version of this choice and what to tell the agent for each option lives in [Build and ship → Choose delivery after proof](/zcp/workflows/build-with-zcp#choose-delivery-after-proof).
+
+Packaging a running service turns a deployed runtime into a re-importable bundle for another Zerops project. It is useful for handoff or reuse after proof, not for deploying the next app change; see [Package a running service](/zcp/workflows/package-running-service).
+
+## Remote and local setup use the same loop
+
+The same `zcp` binary can run in two places. The control loop stays the same; filesystem and network access change. A human can take over from the same evidence either way: files, runtime target, logs, events, verification result, and delivery state.
+
+| Setup        | What runs where                                                                                                                                             | Practical effect                                                                                                                                                                                     |
+| ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| Remote setup | A `zcp@1` service runs the `zcp` binary inside Zerops. **Include Coding Agent** adds the bundled agent CLI; **Cloud IDE** adds Browser VS Code. | Work happens inside the remote workspace, with private networking and runtime file mounts. |
+| Local setup  | The `zcp` binary runs on your laptop after `zcp init`, and your local editor or CLI agent talks to it.                                         | App files, deploy source, and git credentials stay local. Managed services are reached over Zerops VPN, and `.env` generation bridges credentials into your local app. |
+| Local setup  | The `zcp` binary runs on your laptop after `zcp init`, and your local editor or CLI agent talks to it.                                         | App files, deploy source, and git credentials stay local. Managed services are reached over Zerops VPN, and `.env` generation bridges credentials into your local app. |
+
+Choose setup by where the agent and filesystem should live: [Remote or local setup](/zcp/setup/choose-workspace).
+
+## Signs of a healthy run
+
+A well-shaped run should:
+
+- name the runtime target before editing or deploying,
+- use existing services when they fit,
+- create missing services only before app work starts,
+- read logs, events, and verify output when failure occurs,
+- distinguish runtime reachability from requested behavior,
+- stop before destructive actions, ambiguous runtime/stage choices, or missing credentials,
+- end with proof or a blocker.
+
+That is the practical difference between "the agent wrote code" and "the app task is done".
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) — normal app work after setup.
+- [Workflows in depth](/zcp/reference/agent-workflow) — process gates, generated files, runtime layouts, delivery labels, and completion evidence.
+
+
+----------------------------------------
+
+# Zcp > Glossary
+
+
+Use these definitions when a page, workflow status, agent handoff, or policy needs exact wording. In normal prompts, describe the outcome you want.
+
+## Core names
+
+**ZCP MCP** - Zerops Control Plane MCP: the MCP tool surface that exposes project-scoped Zerops operations to coding agents.
+
+**MCP server** - the Model Context Protocol server exposed by the `zcp` binary.
+
+**ZCP MCP tools** - the project-scoped Zerops operations exposed to an agent or MCP-capable client. In MCP clients, this usually appears as the `zerops` server.
+
+**`zcp` binary** - the executable that can run inside remote setup or on your machine in local setup.
+
+**`zcp` service** - the service instance in a Zerops project that hosts remote setup.
+
+**`zcp@1` service** - the Zerops service type used for remote setup.
+
+**zCLI** - the Zerops command-line client for humans, scripts, VPN, and CI. It is separate from ZCP MCP.
+
+**zsc** - the in-container Zerops Setup Control utility used from `zerops.yaml`.
+
+## Setup and workspace
+
+**Remote setup** - the `zcp` binary running inside a Zerops `zcp@1` service.
+
+**Include Coding Agent** - remote setup option that adds the bundled agent CLI, currently Claude Code, and preconfigures it to use ZCP MCP tools.
+
+**Cloud IDE** - browser-based VS Code served by remote setup.
+
+**Browser VS Code** - dashboard entry point into the Cloud IDE.
+
+**AI Agent environment** - recipe environment preset that creates app services plus remote setup with **Include Coding Agent** enabled.
+
+**Local setup** - the `zcp` binary running on your machine after `zcp init`, while your local editor or CLI agent talks to it.
+
+**Env bridge** - local setup behavior that writes a local `.env` snapshot from Zerops env vars and references so local app code can reach managed services over VPN.
+
+**Agent client** - the editor, CLI, hosted agent runtime, or custom MCP client that connects to ZCP MCP.
+
+## Generated files and state
+
+**Generated workflow block** - the managed section in `CLAUDE.md` between `<!-- ZCP:BEGIN -->` and `<!-- ZCP:END -->`. Durable project instructions belong outside it.
+
+**`.mcp.json`** - local MCP server config. It points the local agent client at `zcp serve` and stores `ZCP_API_KEY`; keep it out of git.
+
+**`.zcp/state/`** - local workflow metadata for a project directory: known runtimes, pairing, delivery choice, sessions, deploy attempts, verify attempts, and coordination locks. It is not source code.
+
+**Workflow state** - saved metadata that lets the agent resume, audit, or close a guided run after interruption.
+
+## Workflow
+
+**Bootstrap** - workflow phase that reads the current project and settles which runtime services and managed services the app should use before app code work starts.
+
+**Service setup** - the phase that decides which runtime services and managed services the app should use before app code work starts.
+
+**Develop** - workflow phase that changes app code/config, deploys, verifies reachability and behavior, and fixes failures from evidence.
+
+**Runtime target** - the app runtime selected for the current change, such as `appdev`, `appstage`, `app`, or a linked local target.
+
+<span id="runtime-layout"></span>**Runtime layout** - which app runtime services the workflow should use:
+
+- `standard` - dev runtime plus explicit stage runtime.
+- `dev` - one mutable development runtime.
+- `simple` - one runtime with no dev/stage split.
+- `local-stage` - local source directory linked to one Zerops runtime as deploy target.
+- `local-only` - local source directory with no linked runtime yet.
+
+**Managed service** - database, cache, queue, search, storage, mail, or similar dependency. It provides connection details; it is not an app deploy target.
+
+**Direct deploy** - deploy from the current source to the scoped runtime through ZCP MCP. The first verified running result uses direct deploy before delivery setup is applied.
+
+**Reachability verification** - checks that the runtime exists, is running, has no recent blocking errors, and can answer an HTTP probe when it is an HTTP service.
+
+**Behavior verification** - checks that the requested app behavior works on the real URL, endpoint, worker result, or stored state.
+
+**Proof** - user-inspectable completion evidence, such as a URL, endpoint result, UI state, processed job, or stored result.
+
+**Blocker** - a clear stop state with evidence: failure category, runtime in scope, what was tried, and what decision or credential is needed.
+
+## Delivery and production
+
+**Delivery choice** - what happens after a verified deploy: keep direct deploy, push to git, or hand off to CI/release/human process.
+
+**Delivery mode** - exact reference label for delivery choice:
+
+- `auto` - keep direct deploy for future changes.
+- `git-push` - commit and push to a configured remote, then observe/verify any tracked build.
+- `manual` - external CI, release process, or a human owns future delivery.
+
+**Git-push capability** - whether remote setup has enough remote URL and credential setup to push from remote setup. It can exist even when the current delivery mode is `auto`.
+
+**Build integration** - repository-triggered build/deploy path that ZCP MCP may configure or observe, such as a Zerops dashboard webhook or GitHub Actions. It is separate from git-push capability and delivery mode.
+
+**Package a running service** - workflow that turns one verified runtime and its managed dependencies into a re-importable, git-backed Zerops bundle.
+
+**Production release** - the release operation that moves verified dev or stage work into a separate production Zerops project. It is set up once per project (production infrastructure) and once per runtime (production deploy trigger), then runs every release.
+
+**Production boundary** - policy that production should live in a separate Zerops project without a `zcp` service and receive promoted work through CI, release process, or human action.
+
+## Platform and failure terms
+
+**Service scaling mode** - Zerops scaling setting such as `HA` or `NON_HA`. Different from runtime layout.
+
+**Public subdomain access** - Zerops `.zerops.app` URL access for an eligible HTTP runtime. Workers and non-HTTP services do not get useful public URLs.
+
+<span id="failure-category"></span>**Failure category** - label that points to the first useful evidence surface:
+
+- `build` - build phase failed.
+- `start` - build passed, but runtime start or prepare failed.
+- `verify` - runtime exists, but reachability or behavior failed.
+- `network` - transport, DNS, VPN, SSH, or service-to-service reach failed.
+- `config` - `zerops.yaml`, env vars, setup block, or service settings mismatch.
+- `credential` - Zerops, git, SSH, managed-service, or external API credential failed.
+- `other` - no known category matched.
+
+**Confirmation gate** - an operation that pauses until the user explicitly confirms the named target or consequence.
+
+**Destructive import override** - import action that would replace an existing service stack. ZCP MCP refuses first, names affected services, and requires a matching acknowledgement before proceeding.
+
+## Credentials
+
+**Single-project token** - Zerops token that can access exactly one project. ZCP MCP expects this shape.
+
+**`ZCP_API_KEY`** - single-project Zerops token used by ZCP MCP.
+
+**`GIT_TOKEN`** - git provider credential used by remote git-push delivery when needed.
+
+**`ZEROPS_TOKEN`** - Zerops token commonly used by GitHub Actions or external CI that runs `zcli`.
+
+**External secret** - third-party credential such as Stripe, OpenAI, Mailgun, or GitHub API access. The agent can wire placeholders and env vars, but the secret value remains your responsibility.
+
+
+----------------------------------------
+
+# Zcp > Overview
+
+
+:::info Public preview
+ZCP MCP is a public preview and is under active development. If you hit a bug, confusing behavior, or a missing workflow, please report it on [Discord](/discord); feedback from real projects is especially useful.
+:::
+
+This section covers, in order:
+
+- **How a run unfolds.** [Quickstart](/zcp/quickstart) for hands-on; [How it works](/zcp/concept/how-it-works) for the work loop.
+- **Where the agent runs.** [Remote or local setup](/zcp/setup/choose-workspace), [Trust model](/zcp/security/trust-model), and [Production boundary](/zcp/security/production-policy).
+- **What you decide while working.** [Build and ship](/zcp/workflows/build-with-zcp), [Package a running service](/zcp/workflows/package-running-service), [Promote to production](/zcp/workflows/promote-to-production).
+- **Exact labels when they matter.** [Workflows in depth](/zcp/reference/agent-workflow), [ZCP MCP tools](/zcp/reference/mcp-operations), [Troubleshooting](/zcp/reference/troubleshooting), [Glossary](/zcp/glossary).
+
+For the broader feature concept — why coding agents need real project infrastructure rather than a sandbox or generated artifact — start with [Infrastructure for Coding Agents](/features/coding-agents).
+
+With the generated workflow instructions enabled, an app task ends in proof or a blocker. **Proof** is a deployed runtime plus the URL, endpoint response, UI state, worker result, or stored data that shows the requested behavior works. A **blocker** is the agent reading the relevant Zerops evidence and naming the missing credential, decision, unsupported fit, or repeated failure.
+
+Your prompt can stay about the product. Name the stack, runtime layout, acceptance criteria, delivery path, external credentials, or risky approval only when those decisions matter.
+
+## What the agent gets
+
+**Current state.** Services, runtime layout, managed dependencies, env-var keys and references, logs, events, deploy history, verification state, and saved work state.
+
+**Zerops operations.** Project-scoped tools for discovering services, changing env vars, managing runtimes, deploying, verifying, scaling, public access, and delivery setup.
+
+**Workflow.** The generated instructions combine service setup and app development: inspect state, choose the runtime target, use or create services, wire code and `zerops.yaml`, deploy, verify, and choose delivery. The Zerops work stays behind the product task instead of becoming another checklist.
+
+**Evidence-based completion.** A build or deploy is not the finish line. A completed app task should end with a working URL, endpoint result, UI proof, or a blocker backed by logs, events, and verification evidence.
+
+## What you no longer have to script
+
+Without this layer, an app prompt often turns into an operations runbook. With MCP tools and workflow instructions enabled, you should not need to paste:
+
+- the service map, runtime target, dev/stage state, or managed-service inventory,
+- database credentials, private hostnames, env-var references, or generated connection strings,
+- build logs, runtime logs, event timelines, or a guess about why the last deploy failed,
+- a deploy/verify/recovery script for every task,
+- a recap after the chat loses context; the agent can read current workflow status.
+
+**You still own the decisions that need human judgment:** product intent, technology constraints, acceptance criteria, external credentials, repository policy, and approval for destructive actions.
+
+## Where it runs
+
+The **same `zcp` binary** runs in both setups. In [remote setup](/zcp/setup/hosted-workspace), Zerops packages it as a `zcp@1` service with Browser VS Code and bundled agent wiring. In [local setup](/zcp/setup/local-agent-bridge), you install it on your machine and connect your own editor or CLI agent. The project surface is the same; the workspace, network access, deploy source, and safety profile differ.
+
+To start, add remote setup in Zerops or initialize local setup beside your editor or CLI agent. The [Quickstart](/zcp/quickstart) uses remote setup because it needs no local install.
+
+## Your agent, credentials, and workspace
+
+**Agent account.** Remote setup can include a bundled agent CLI, currently Claude Code, already configured for MCP. Zerops wires the agent to the tools; you still authenticate with your own subscription login or API credentials.
+
+**Zerops token.** The MCP server connects through `ZCP_API_KEY`, a Zerops token limited to one project. Remote setup gets it from the platform; local setup reads it from `.mcp.json`. Token details live in [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+**Workspace freedom.** The `zcp@1` service is still a normal Zerops service. You can install another agent CLI, add private MCP servers or helper tools, edit `CLAUDE.md`, add team dotfiles, and adapt the workspace. Details live in [What remote workspace gives you](/zcp/setup/hosted-workspace#make-customization-persistent).
+
+:::caution Production boundary
+Use this setup for development or staging work. Production should stay in a separate Zerops project and receive released work through your CI or release process; see [Promote to production](/zcp/workflows/promote-to-production) for the practical flow and [Production boundary](/zcp/security/production-policy) for the policy.
+:::
+
+## What stays outside
+
+This section is not a replacement for Zerops platform references. The Zerops [build and deploy pipeline](/features/pipeline), [permissions](/features/rbac), networking, scaling, and service references remain canonical for platform behavior.
+
+
+----------------------------------------
+
+# Zcp > Quickstart
+
+
+Use this when you want the fastest hands-on ZCP loop: deploy an **AI Agent** recipe, authorize Claude Code, open Browser VS Code, and ask for one product change.
+
+Some [Zerops recipes](https://app.zerops.io/recipes) include an **AI Agent** environment. That preset creates app services, managed services, the `zcp@1` workspace, Browser VS Code, and bundled agent wiring in one deploy.
+
+This quickstart uses [Laravel showcase](https://app.zerops.io/recipes/laravel-showcase?environment=ai-agent) because it includes real managed services. The same flow works for other recipes that offer AI Agent (local variants exist too).
+
+## Prerequisites
+
+- A Zerops account with permission to create a project.
+- A Claude Code subscription login or API authentication. Zerops wires Claude Code to ZCP, but your agent subscription or model credentials stay yours.
+
+## 1. Choose the AI Agent recipe
+
+1. Open the [Zerops recipes catalog](https://app.zerops.io/recipes).
+2. Open a recipe with an **AI Agent** environment. For example, open [Laravel showcase](https://app.zerops.io/recipes/laravel-showcase?environment=ai-agent).
+3. Select **AI Agent**.
+4. Keep **Coding Agent** and **Cloud IDE** enabled.
+5. Deploy the recipe.
+
+The deploy creates app runtimes, managed dependencies, and a `zcp@1` workspace. In this recipe it appears as the `zcp` service. The agent, terminal, and browser IDE run there. App code still deploys to the app runtimes, not to `zcp`.
+
+## 2. Authorize Claude Code
+
+When provisioning finishes, the dashboard opens the Claude Code authentication flow. Use your own Claude Code subscription login or API credentials.
+
+This is separate from `ZCP_API_KEY`, the Zerops token used by ZCP. Your Claude login or API key is used only by the bundled agent.
+
+If you close the prompt, open the `zcp` service in the dashboard. Its panel shows the browser workspace, web terminal, SSH access, desktop editor access, and agent authorization state.
+
+## 3. Open the workspace
+
+After authentication, continue into **Browser VS Code**. The workspace opens with files, ZCP configuration, terminal access, and the Claude Code panel.
+
+You are now inside the remote workspace. The agent can read live state, use the MCP tools, reach private services, and deploy app changes to the runtimes created by the recipe.
+
+## 4. Ask for a product outcome
+
+In Claude Code, ask for the app behavior in natural language. A good first prompt is intentionally short:
+
+```text
+Build a task board for my team.
+Tasks should stay saved after refresh.
+```
+
+The agent should deploy, verify, read evidence, and return proof for the app task. Add detail only when it changes the work.
+
+Add details when they change the product, stack, runtime layout, acceptance criteria, or delivery preference:
+
+```text
+In this Laravel app, add a task board backed by the existing PostgreSQL service.
+A user can create a task, refresh the page, and still see it.
+```
+
+:::note Prompt shape
+
+Quickstart prompts are short so you can see what ZCP carries behind the request. Longer, detailed prompts are fine for larger engineering work, especially when they change product behavior, stack, runtime layout, acceptance criteria, delivery preference, credentials, or safety approvals.
+:::
+
+## 5. Read the proof
+
+The final answer should give you a real URL, endpoint, UI state, stored result, or blocker. Open the URL and try the behavior the agent says it verified.
+
+For the task-board prompt, create a task, refresh the page, and confirm the task is still there. If it disappears, the app is not done; ask the agent to verify that exact behavior again and continue from current evidence rather than starting over.
+
+If the agent cannot finish, useful output names the blocker: missing credential, missing decision, unsupported runtime choice, or repeated failure it could not recover from.
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) — Runtime layout, development work, delivery, packaging, and production release.
+- [How it works](/zcp/concept/how-it-works) — Live state, runtime fit, app wiring, deploy evidence, behavior proof, and blockers.
+- [Trust model](/zcp/security/trust-model) — What the project-scoped token lets the agent do, and where the safety boundary sits.
+
+
+----------------------------------------
+
+# Zcp > Reference > Agent Workflow
+
+
+Use this page when you want the process and exact labels behind a run that follows the generated workflow. Normal prompts should still describe outcomes. The workflow exists so the agent can read the project, prepare the right runtime and services, make the app change, deploy, verify, recover from evidence, and stop with proof or a concrete blocker.
+
+The useful mental split is:
+
+| Phase | What it settles | What should be true when it ends |
+| ----- | --------------- | -------------------------------- |
+| **Bootstrap** | Where the app should run and which services it depends on. | Runtime target and managed dependencies are known. |
+| **Develop** | Code, `zerops.yaml`, env wiring, deploy, verification, recovery, and delivery choice. | The requested behavior is proved, or the blocker is concrete. |
+| **Develop** | Code, `zerops.yaml`, env wiring, deploy, verification, recovery, and delivery choice. | The requested behavior is proved, or the blocker is concrete. |
+
+For the loop itself, see [How it works](/zcp/concept/how-it-works). This page catalogs the exact phases, routes, layouts, labels, and gates.
+
+## Session layers
+
+Most workflow mistakes come from confusing these layers:
+
+| Layer | What it is | What changes here |
+| ----- | ---------- | ----------------- |
+| **Workspace** | Where `zcp` and the agent run: remote `zcp@1` service or local machine. | Agent config, tools, local workflow state. App code should not be deployed to the workspace itself. |
+| **Target runtime service** | The app runtime in scope: `appdev`, `appstage`, `app`, or a linked local deploy target. | App files, `zerops.yaml`, deploys, runtime logs, verification target. |
+| **Managed services** | Databases, caches, queues, search, storage, mail, and similar dependencies. | Schema/data operations and credentials, never app code deploys. |
+| **Managed services** | Databases, caches, queues, search, storage, mail, and similar dependencies. | Schema/data operations and credentials, never app code deploys. |
+
+The `zcp` service is the control surface, not the app runtime.
+
+## What drives the workflow
+
+The generated workflow is made from four pieces:
+
+| Piece | Role |
+| ----- | ---- |
+| **MCP tools** | Project-scoped Zerops operations: discover, deploy, read logs/events, manage env vars, verify, import/export, and related actions. |
+| **Generated instructions** | Agent policy for when to inspect, when to ask, when to deploy, what evidence to read, and what counts as done. |
+| **Saved workflow state** | Local metadata about bootstrap sessions, runtime pairing, delivery choice, deploy attempts, verify attempts, and interrupted work. |
+| **Live Zerops project** | Source of truth for services, status, env refs, logs, events, deploys, runtime files, and public access. |
+| **Live Zerops project** | Source of truth for services, status, env refs, logs, events, deploys, runtime files, and public access. |
+
+The workflow does not replace judgment from the user or the agent. It gives the agent a process and evidence surface so app work does not depend on stale chat memory or a pasted runbook.
+
+## Bootstrap
+
+Bootstrap starts before app code changes when the workflow needs to understand or prepare the project layout.
+
+```mermaid
+flowchart TD
+  start(["Read live project state"])
+  interrupted{"Interrupted bootstrap
+to resume?"}
+  runtime{"Runtime services
+already exist?"}
+  known{"Request matches
+known recipe or stack?"}
+  resume(["resume"])
+  adopt(["adopt"])
+  recipe(["recipe"])
+  classic(["classic"])
+  done(["Runtime target and dependencies known"])
+
+  start --> interrupted
+  interrupted -- yes --> resume --> done
+  interrupted -- no --> runtime
+  runtime -- yes --> adopt --> done
+  runtime -- no --> known
+  known -- yes --> recipe --> done
+  known -- no --> classic --> done
+```
+
+| Route | Use when | Wrong signal |
+| ----- | -------- | ------------ |
+| `adopt` | Runtime services already exist, including recipe-created projects. | Recreating services that already fit, or targeting the `zcp` service as the app. |
+| `recipe` | The project is empty or only has remote setup, and the request matches a known stack recipe. | Treating an unchanged starter as the finished requested product. |
+| `classic` | The project is empty and needs a custom service plan. | Writing app code before service ownership and runtime target are known. |
+| `resume` | A previous bootstrap was interrupted. | Starting from scratch without checking live services and saved state. |
+| `resume` | A previous bootstrap was interrupted. | Starting from scratch without checking live services and saved state. |
+
+Bootstrap ends when the app runtime target and managed dependencies are known. It should also make visible any choice that needs human judgment: cost, credentials, data, runtime layout, production risk, or destructive behavior.
+
+## Runtime layouts
+
+Runtime layout describes which app runtime services the workflow should use. Exact layout labels (`standard`, `dev`, `simple`, `local-stage`, `local-only`) and the runtime names they map to live in the [Glossary](/zcp/glossary#runtime-layout). The user-facing three (dev, dev + stage, stage / linked target) are in [Build and ship → Choose the runtime layout](/zcp/workflows/build-with-zcp#choose-the-runtime-layout). Service scaling mode (`HA`/`NON_HA`) is a separate service setting.
+
+In `standard`, stage is explicit. Work scoped to `appdev` does not silently touch `appstage`; a release or stage verification happens when the user asks for it.
+
+## Develop
+
+Develop is the main app-work loop. It begins after bootstrap has a runtime target and dependencies. It closes only when runtime reachability and requested behavior both pass, or when the agent has a blocker that needs a human decision. The loop itself is in [How it works → The work loop](/zcp/concept/how-it-works#the-work-loop). The labeled steps are:
+
+1. **Name runtime target.** State which runtime is in scope: `appdev`, `appstage`, `app`, or a linked local target.
+2. **Change code and config.** Edit app files, `zerops.yaml`, env references, migrations, seeds, framework config, or local `.env` bridge when needed.
+3. **Deploy directly first.** The first verified runtime deploy goes through MCP tools. Git or CI handoff comes after proof.
+4. **Start or restart if needed.** Dynamic dev runtimes may need an explicit start or restart after deploy. Built-in webserver runtimes do not need a separate dev-server step unless the framework requires one.
+5. **Verify runtime reachability.** Check service status, recent error logs, and HTTP readiness when the runtime is an HTTP service.
+6. **Verify requested behavior.** Check endpoint body, UI state, job result, persisted data, or another result tied to the user request.
+7. **Fix from evidence.** Read failure category, logs, events, and check output. Repeating the same deploy without new evidence is not progress.
+
+Reachability and requested behavior are separate gates. A green deploy with a broken route is not done.
+
+## Failure categories
+
+Failure categories (`build`, `start`, `verify`, `network`, `config`, `credential`, `other`) point the agent to the first useful evidence surface. The full read-first / avoid playbook is in [Troubleshooting → Evidence order](/zcp/reference/troubleshooting#evidence-order); the term definitions are in the [Glossary](/zcp/glossary#failure-category).
+
+Categorization is what turns retries into evidence-driven fixes.
+
+## Delivery after proof
+
+Delivery mode applies after a verified deploy. It does not replace the first proof.
+
+| Exact mode | User-facing choice | Meaning |
+| ---------- | ------------------ | ------- |
+| `auto` | Keep direct deploy | The agent keeps deploying future changes directly to the target runtime. |
+| `git-push` | Push to git | The agent commits and pushes to a configured remote; any resulting build still needs observation and verification. |
+| `manual` | External handoff | CI, release process, or a human owns future delivery; the workflow records evidence but does not initiate the next deploy. |
+| `manual` | External handoff | CI, release process, or a human owns future delivery; the workflow records evidence but does not initiate the next deploy. |
+
+Git-push capability, delivery mode, and build integration are separate. A project can have git-push configured while still using direct deploy for a given session.
+
+Packaging and production release are deliberate handoffs after proof. Packaging turns a verified runtime into a git-backed import bundle. A production release moves verified work into a separate production project through GUI setup, git/CI triggers, or the team's release process.
+
+## Generated files and state
+
+Remote setup and `zcp init` create configuration around the MCP server and workflow guidance.
+
+| File or directory | Created where | Purpose |
+| ----------------- | ------------- | ------- |
+| `CLAUDE.md` | Remote workspace or local project directory | Claude Code instruction surface. ZCP MCP writes a managed block between `<!-- ZCP:BEGIN -->` and `<!-- ZCP:END -->`. User content outside that block is preserved. |
+| `.claude/settings.local.json` | Remote workspace or local project directory | Claude Code per-project settings and ZCP MCP tool permissions for that directory. |
+| `.mcp.json` | Local project directory | Project-local MCP server config. It contains the local `zcp` command and the project-scoped `ZCP_API_KEY`; keep it out of git. |
+| `~/.claude.json` and SSH config | Remote setup | Workspace-level Claude Code and SSH wiring used inside the Zerops-hosted workspace. |
+| `.zcp/state/` | Working directory where the MCP server runs | Workflow state and service metadata for that project directory. |
+| `.zcp/state/` | Working directory where the MCP server runs | Workflow state and service metadata for that project directory. |
+
+The managed `CLAUDE.md` block is refreshed by `zcp init` and by the MCP server when the block already exists. Put durable project instructions outside the ZCP markers. Edits inside the managed block are treated as generated content.
+
+`.zcp/state/` is not application source code and should not be committed. It stores metadata such as known runtime services, local/stage pairing, delivery preference, git-push setup, build integration, first-deploy stamps, workflow sessions, deploy attempts, verify attempts, and local coordination locks.
+
+ZCP MCP does not use `.zcp/state/` as a stale copy of the Zerops project. Service status, logs, events, runtime files, env-var values, and current platform configuration are read from Zerops or from the local filesystem when tools run. Local `.env` files are generated separately and may contain secrets.
+
+Do not edit `.zcp/state/` by hand during normal work. Use workflow operations to reset, resume, iterate, or reconfigure state. Deleting it intentionally discards local memory of services and delivery setup for that directory; the tools can rediscover live Zerops state, but delivery preferences and workflow history may need to be set again.
+
+## Completion evidence
+
+A completed app task should answer:
+
+- which bootstrap route was used when setup was needed,
+- which runtime target changed,
+- which managed services were used or created,
+- which deploy passed,
+- which reachability check passed,
+- which requested behavior passed,
+- which URL, endpoint, UI state, worker result, or stored value proves it,
+- which delivery choice applies next,
+- or which blocker remains and what evidence supports it.
+
+A clear blocker is acceptable completion only when it names the runtime in scope, failure category, evidence read, fixes tried, and human decision or credential still needed.
+
+## Confirmation gates
+
+Two operations pause because the loss is not safely reversible from inside the conversation: **service deletion** (named approval) and **destructive import override** (refuse-then-acknowledge). See [Tokens and credentials → What ZCP enforces for destructive actions](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions) for the user-facing confirmation flow.
+
+## Auditing a workflow
+
+A workflow run is well-shaped if the evidence answers:
+
+| Question | Evidence |
+| -------- | -------- |
+| Where did bootstrap start? | Live service list, saved workflow state, and bootstrap route. |
+| Where did bootstrap end? | Runtime target, managed dependencies, and any human decisions. |
+| Which runtime was developed and deployed? | Runtime target, deploy result, events, and logs. |
+| What proved reachability? | Verify output, service status, public URL, or HTTP probe. |
+| What proved behavior? | Endpoint, UI flow, job result, database/object state, or other requested proof. |
+| What controls future delivery? | Delivery mode, git-push state, build integration, package bundle, or production release handoff note. |
+| What controls future delivery? | Delivery mode, git-push state, build integration, package bundle, or production release handoff note. |
+
+## Related reference
+
+- [ZCP MCP tools](/zcp/reference/mcp-operations) — operation names and direct tool calls.
+- [Troubleshooting](/zcp/reference/troubleshooting) — recovery order when a run gets stuck.
+- [Glossary](/zcp/glossary) — exact terms used across the ZCP MCP reference.
+
+
+----------------------------------------
+
+# Zcp > Reference > Index
+
+
+Reference pages exist for the moments when an exact label, tool name, or recovery step matters. For day-to-day app work, start in [Build and ship](/zcp/workflows/build-with-zcp); for the loop itself, [How it works](/zcp/concept/how-it-works).
+
+- [Workflows in depth](/zcp/reference/agent-workflow) — Catalog of phases, routes, layouts, and labels behind a generated-workflow run.
+- [ZCP MCP tools](/zcp/reference/mcp-operations) — Exact tool names and surface for custom MCP clients or agent policy.
+- [Troubleshooting](/zcp/reference/troubleshooting) — When the agent is stuck, a session was interrupted, deploys keep failing, or you are taking over manually.
+- [Glossary](/zcp/glossary) — Definitions for terms across pages and workflow status (`appdev`, `local-stage`, `delivery mode`, etc.).
+
+## Common scenarios
+
+<div className="zcp-claim-grid">
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Debugging a stuck deploy
+
+[Troubleshooting → Evidence order](/zcp/reference/troubleshooting#evidence-order) names what to read first; [Workflows in depth → Failure categories](/zcp/reference/agent-workflow#failure-categories) maps the labels.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Building a custom MCP client
+
+[ZCP MCP tools](/zcp/reference/mcp-operations) for the tool surface; [Workflows in depth → What drives the workflow](/zcp/reference/agent-workflow#what-drives-the-workflow) for what the generated workflow adds on top of bare tools.
+
+</div>
+
+<div className="zcp-claim-card">
+
+<span>SCENARIO</span>
+
+### Auditing a finished run
+
+[Workflows in depth → Completion evidence](/zcp/reference/agent-workflow#completion-evidence) for what should be in the final answer; [Trust model → Audit evidence](/zcp/security/trust-model#audit-evidence) for what Zerops records platform-side.
+
+</div>
+
+</div>
+
+
+----------------------------------------
+
+# Zcp > Reference > Mcp Operations
+
+
+Most app work should be phrased as an outcome: build this, fix that, deploy and prove it. Operation names matter when you configure agent-client policy, debug an MCP integration, build a custom client, or use ZCP MCP pragmatically as a set of project-scoped Zerops tools.
+
+ZCP MCP is the MCP server exposed by the `zcp` binary. Any MCP-capable client can connect to it and call tools such as `zerops_discover`, `zerops_logs`, `zerops_events`, `zerops_deploy`, or `zerops_verify`.
+
+## Tool-only use
+
+The MCP server exposes operations. It does not, by itself, decide the whole app lifecycle.
+
+Claude Code with the generated workflow uses its instructions to decide sequencing: inspect state before changing things, choose the runtime target, use existing services or create missing ones, deploy, read failure evidence, verify requested behavior, and stop with proof or a blocker.
+
+Tool-only use is valid when you want a custom MCP client, script, dashboard, policy-gated agent, or narrow operational task. In that setup, your integration owns the sequencing:
+
+- which project services are in scope,
+- when a deploy is allowed,
+- what counts as verification,
+- which logs or events should be read after failure,
+- when to ask a human,
+- when to stop.
+
+Tool-level gates still apply. Service deletion requires explicit named approval, and destructive import override requires an acknowledgement of the exact targets.
+
+If you use Claude Code but do not want the generated workflow guidance, keep the MCP connection and remove the ZCP-managed workflow block from `CLAUDE.md`, or keep your own policy outside the ZCP markers. What you lose is the generated instruction layer that makes the agent plan around live state, deploy with bounded retries, verify behavior, and report proof or a concrete blocker.
+
+Generated files and workflow state are documented in [Workflows in depth](/zcp/reference/agent-workflow#generated-files-and-state).
+
+## What the tools can do
+
+| Area | Tools | Typical use |
+| ---- | ----- | ----------- |
+| Discover | `zerops_discover` | Read services, service metadata, env-var keys, and project topology. |
+| Observe | `zerops_logs`, `zerops_events`, `zerops_verify`, `zerops_process` | Diagnose deploys, read runtime/build evidence, run health checks, and watch async processes. |
+| Deploy | `zerops_deploy` | Push source through Zerops build/deploy pipeline and return build/deploy evidence. |
+| Configure | `zerops_env`, `zerops_subdomain`, `zerops_scale`, `zerops_manage` | Change env vars, public subdomain access, scaling, lifecycle, reload/restart, and storage attachment. |
+| Import/export | `zerops_import`, `zerops_export`, `zerops_preprocess` | Import project/service YAML, read export YAML, and expand Zerops preprocessor expressions. |
+| Workspace | `zerops_mount` | Mount or unmount runtime filesystems in remote setup. |
+| Workflow | `zerops_workflow` | Track, recover, or configure workflow sessions and packaging/export flow. |
+| Destructive | `zerops_delete` | Delete one named service after explicit user approval. |
+| Destructive | `zerops_delete` | Delete one named service after explicit user approval. |
+
+Recipe-authoring and ZCP-internal maintenance operations are intentionally out of scope for this public reference.
+
+## Read-only operations
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_discover` | Read services, ports, env-var keys, and current state. |
+| `zerops_export` | Read platform project/service export YAML and service metadata. |
+| `zerops_logs` | Read runtime/build logs filtered by service, severity, time, or search. |
+| `zerops_events` | Read service activity, deploys, builds, scaling, and failures. |
+| `zerops_verify` | Run service health, recent error log, and HTTP-readiness checks. |
+| `zerops_knowledge` | Fetch ZCP MCP guidance or platform knowledge for the current state. |
+| `zerops_process` | Check a known async process; cancel is a mutating action. |
+| `zerops_process` | Check a known async process; cancel is a mutating action. |
+
+## Mutating operations
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_deploy` | Ship code through the Zerops build and deploy pipeline. |
+| `zerops_env` | Read, set, delete, or generate env vars and local `.env` files. |
+| `zerops_manage` | Start, stop, restart, reload, or connect storage. |
+| `zerops_scale` | Change CPU, RAM, disk, CPU mode, or container autoscaling where supported. `HA`/`NON_HA` is set at service creation. |
+| `zerops_subdomain` | Enable or disable public subdomain access. |
+| `zerops_delete` | Delete a service. Explicit named approval is required. |
+| `zerops_delete` | Delete a service. Explicit named approval is required. |
+
+## Operational setup
+
+| Operation | Purpose |
+| --------- | ------- |
+| `zerops_workflow` | Track, recover, or configure workflow sessions; also carries the package-running-service export flow. |
+| `zerops_import` | Import project/service definitions. Destructive override is gated. |
+| `zerops_mount` | Mount or unmount runtime filesystems in remote setup. |
+| `zerops_preprocess` | Expand Zerops preprocessor expressions. |
+| `zerops_preprocess` | Expand Zerops preprocessor expressions. |
+
+## Remote and local tool differences
+
+The operation names are the same, but the filesystem and network boundary differ.
+
+| Area | Remote setup | Local setup |
+| ---- | ------------ | ----------- |
+| Files | Runtime files through SSHFS or remote containers. | Local working directory. |
+| Deploy source | Remote service or batch deploy inside Zerops. | Local `workingDir`. |
+| Dev server | Remote setup can run or inspect remote dev processes. | Your local tool owns the dev server. |
+| Env bridge | Env vars are already available in Zerops. | `.env` generation resolves Zerops references for local use. |
+| Git | Workspace-managed credentials. | User's local git credentials. |
+| Git | Workspace-managed credentials. | User's local git credentials. |
+
+## Confirmation gates
+
+Two operations require explicit care:
+
+- **Service deletion** requires explicit user approval in the current conversation, by service name.
+- **Destructive import override** first refuses and names what would be replaced; a second call must acknowledge the same targets.
+
+See [Tokens and credentials](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions) for the user-facing confirmation flow.
+
+## Related reference
+
+- [Workflows in depth](/zcp/reference/agent-workflow) - how a generated-workflow run uses these tools.
+- [Troubleshooting](/zcp/reference/troubleshooting) - evidence order when a run gets stuck.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, and confirmation gates.
+
+
+----------------------------------------
+
+# Zcp > Reference > Troubleshooting
+
+
+Use troubleshooting when the agent is confused, a session was interrupted, deploy keeps failing, verification does not match the final answer, or you are taking over manually.
+
+Start from current state, not chat memory:
+
+```text
+Read current project status and tell me where things stand before changing anything.
+```
+
+That should make the agent read live services, saved workflow state, recent deploys, logs, events, and verification output before it edits anything else.
+
+## Find where the run is stuck
+
+| Stuck point | Ask for | What you should get |
+| ----------- | ------- | ------------------- |
+| Agent lost context | Current project status and services in scope. | Runtime target, managed services, last deploy, last verify result, and any saved workflow state. |
+| Service setup is unclear | Runtime target and dependency plan. | Which existing services will be used, which missing services are needed, and what needs human approval. |
+| Deploy failed | Failure category plus build logs, runtime logs, and recent service events. | A cause or next diagnostic step, not another blind deploy. |
+| Runtime is reachable but app behavior fails | The failing behavior check and request-time runtime logs. | Endpoint/UI/job/data evidence tied to the product request. |
+| Local app cannot reach services | VPN state, generated `.env`, and selected runtime/setup. | Whether MCP auth works separately from private service access. |
+| Delivery is ambiguous | Delivery mode, git-push state, build integration, or handoff note. | What will happen after proof: direct deploy, git push, CI, package, or production handoff. |
+| Delivery is ambiguous | Delivery mode, git-push state, build integration, or handoff note. | What will happen after proof: direct deploy, git push, CI, package, or production handoff. |
+
+Useful prompt:
+
+```text
+Show me the runtime in scope, failure category, evidence read, fixes tried, and the next decision needed.
+```
+
+## Evidence order
+
+The useful evidence depends on the failure category surfaced by deploy or verify tools.
+
+| Category | Read first | Avoid |
+| -------- | ---------- | ----- |
+| `build` | Build logs, build commands, dependency manifests, deploy file list. | Runtime logs; the runtime did not start yet. |
+| `start` | Prepare/runtime logs, start command, ports, env references. | Rebuilding without checking why the process exited. |
+| `verify` | Failing check detail, HTTP response, request-time runtime logs, stored state. | Calling a green deploy "done" before behavior passes. |
+| `network` | VPN, SSH, DNS, subdomain readiness, service status, transport error. | Editing app code before proving connectivity. |
+| `config` | Field-level rejection, `zerops.yaml`, setup name, env references, service settings. | Guessing from service names or dashboard memory. |
+| `credential` | The named credential surface: `ZCP_API_KEY`, git, SSH, managed-service, CI, or external API. | Rotating unrelated secrets. |
+| `other` | Raw events/logs and the exact phase that failed. | Repeating the same attempt after the same unknown reason. |
+| `other` | Raw events/logs and the exact phase that failed. | Repeating the same attempt after the same unknown reason. |
+
+Failure categories come from the deploy/verify evidence surface. They are not a verdict; they tell the agent where the next useful signal is.
+
+## Local setup checks
+
+Local setup has two separate connections:
+
+- MCP uses `ZCP_API_KEY` to talk to the Zerops API.
+- Your local app and shell use `zcli vpn up` to reach private service hostnames such as `db` or `cache`.
+
+That means MCP can work while the app cannot reach the database.
+
+| Symptom | Check |
+| ------- | ----- |
+| Agent does not list the `zerops` MCP server. | Relaunch the agent from the directory containing `.mcp.json`. |
+| MCP startup says the token reaches multiple projects. | Replace `ZCP_API_KEY` with a single-project token. |
+| Re-running `zcp init` made MCP disappear. | Re-add the `ZCP_API_KEY` env block to `.mcp.json` and restart the agent. |
+| Local app cannot reach `db`, `cache`, or storage hostnames. | Run `zcli vpn up <project-id>` again. |
+| Local app reads stale credentials. | Regenerate `.env`; it is a snapshot, not a live sync. |
+| `zcp` is not found after install. | Add `~/.local/bin` or the install target to `PATH`, then restart the shell/agent. |
+| `zcp` is not found after install. | Add `~/.local/bin` or the install target to `PATH`, then restart the shell/agent. |
+
+For local setup details, use [Run locally](/zcp/setup/local-agent-bridge).
+
+## Manual takeover
+
+If you take over from the agent, read evidence in this order:
+
+1. Service list and runtime target.
+2. Service-scoped events for the runtime in question.
+3. Build logs for build failures, runtime logs for start or request failures.
+4. Verify output for reachability and requested behavior.
+5. Git history only when delivery uses git-push or CI.
+
+Do not inspect every service first. Start with the runtime in scope and expand only when the evidence points to a dependency.
+
+## When to stop
+
+Stop the loop when:
+
+- the same failure repeats without new evidence,
+- the agent needs an external credential,
+- the target runtime or stage choice is ambiguous,
+- a destructive action would delete or replace a service,
+- production release authority is needed,
+- the request no longer fits the current project layout.
+
+A blocker is acceptable only when it names the runtime in scope, failure category, evidence read, fixes attempted, and the human decision or credential still needed.
+
+Before destructive recovery, read service-scoped events, logs, deploy/verify result, and git history when delivery uses git-push. Token scope and destructive confirmations are covered in [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+
+----------------------------------------
+
+# Zcp > Security > Production Policy
+
+
+Use the MCP setup in development or staging. Keep production in a separate Zerops project without a `zcp` service. Production deploys should come from CI, a release pipeline, or a deliberate human `zcli` push using production credentials.
+
+Zerops does not prevent you from adding `zcp` to production. The policy exists because ZCP MCP gives a coding agent operational access. In production, that is the wrong blast radius for normal app development.
+
+The production boundary does not make ZCP output disposable. The intended path is production-shaped dev or stage infrastructure, verified behavior, and then a controlled production release outside the agent loop.
+
+## Recommended project layout
+
+| Project                       | Contains                                                                                                | Who operates it                |
+| ----------------------------- | ------------------------------------------------------------------------------------------------------- | ------------------------------ |
+| Development / staging project | `zcp` service, agent workspace, dev runtime, optional stage runtime, non-production managed services    | Agent plus humans              |
+| Production project            | Production runtimes, production managed services, production env values, production backups and scaling | CI/release process plus humans |
+| Production project            | Production runtimes, production managed services, production env values, production backups and scaling | CI/release process plus humans |
+
+The two projects use different Zerops tokens. A development token cannot reach production. A production token should not be placed in the development `zcp` service or a local `.mcp.json` used by the agent.
+
+## Why production is a separate project
+
+- **The Zerops project is the security boundary.** ZCP binds to one project at startup. Keeping production separate prevents a development agent from touching it by accident.
+- **Secrets stay clean.** Production env values, database credentials, object-storage keys, and third-party secrets stay in the production project.
+- **Operational policies can differ.** Production often needs HA services, stronger backup retention, stricter scaling, alerts, and release approvals. Development can stay cheaper and more flexible.
+- **Audit trails stay readable.** Development experiments and agent retries do not mix with production deploy evidence.
+
+This separation matters even when the same source repository deploys to both projects.
+
+## What stage proves
+
+Stage is the production-like rehearsal inside development or staging. It is where the agent proves the change before the release leaves the ZCP loop.
+
+Use stage to match production where it matters:
+
+- same runtime family and version,
+- same managed service types,
+- same build and start command pattern,
+- same deploy route,
+- behavior checks against a real running service.
+
+Stage is not production. It should use non-production data and non-production secrets. A green stage means the change is ready for release, not that the agent should deploy to production itself.
+
+## The release
+
+After stage verifies, ZCP's job is done for that change. The production release happens outside the agent loop:
+
+- CI deploys a merged commit or release tag to the production project.
+- A release pipeline runs `zcli push` with a production-scoped `ZEROPS_TOKEN`.
+- A human runs `zcli push` against the production project with production credentials.
+
+The agent can prepare the handoff by pushing code, summarizing verification evidence, and naming the runtime and URL it verified. It should not bridge development to production.
+
+For the practical workflow, see [Promote to production](/zcp/workflows/promote-to-production).
+
+## Credential rules
+
+| Credential                          | Production policy                                                                                        |
+| ----------------------------------- | -------------------------------------------------------------------------------------------------------- |
+| Development `ZCP_API_KEY`           | Never grants production access. Keep it scoped to the development/staging project.                       |
+| Production `ZEROPS_TOKEN`           | Store only in the production CI/release secret store. Do not place it in the development `zcp` service.  |
+| Agent subscription or model API key | May be used by the agent, but it does not grant Zerops production access by itself.                      |
+| Git credentials                     | May push source changes, but production deploy authority should stay with the release process.           |
+| Git credentials                     | May push source changes, but production deploy authority should stay with the release process.           |
+
+If a production deploy fails, investigate in the production project with production logs, events, backups, and CI output. Do not attach the development agent directly to production as a shortcut.
+
+## Production separation rules
+
+| Rule                                                              | Why it matters                                                                        |
+| ----------------------------------------------------------------- | ------------------------------------------------------------------------------------- |
+| Keep the production project without a `zcp` service               | Production should not host an agent workspace with operational access.                |
+| Keep production tokens out of local `.mcp.json`                   | Local agents should operate development or staging projects, not production.          |
+| Keep production `ZEROPS_TOKEN` in the release secret store        | Development tooling should not deploy to production outside the release process.      |
+| Treat stage proof as release evidence, not production approval    | Stage is the rehearsal; production approval is a separate release decision.           |
+| Promote through CI, release tooling, or a deliberate human action | Production execution should use production credentials.                               |
+| Promote through CI, release tooling, or a deliberate human action | Production execution should use production credentials.                               |
+
+## Acceptable agent involvement
+
+The agent can still help before the production release:
+
+- make the code change in development,
+- deploy and verify dev/stage runtimes,
+- produce the URL, endpoint result, or UI proof it verified,
+- push or prepare the branch your team uses for review,
+- summarize release notes and known blockers for the human or CI handoff.
+
+ZCP's involvement stops at the handoff. Production execution belongs to the release process.
+
+## Related security
+
+- [Promote to production](/zcp/workflows/promote-to-production) - practical production release paths after ZCP proof.
+- [Trust model](/zcp/security/trust-model) - the boundary that makes this policy enforceable.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - production and development credentials stay separate.
+
+
+----------------------------------------
+
+# Zcp > Security > Tokens And Project Access
+
+
+ZCP uses a Zerops API token to operate exactly one project. The important rule is simple: `ZCP_API_KEY` is the Zerops credential for ZCP, not an agent login, not a git token, and not a general account token.
+
+Remote setup gets `ZCP_API_KEY` from Zerops. Local setup reads it from `.mcp.json`. In both setups, ZCP validates the token at startup and refuses tokens that resolve to no project or multiple projects.
+
+## Credential map
+
+| Name                         | What it authorizes                           | Where it belongs                                                            |
+| ---------------------------- | -------------------------------------------- | --------------------------------------------------------------------------- |
+| `ZCP_API_KEY`                | ZCP against one Zerops project               | Remote: `zcp` service env injected by Zerops. Local: `.mcp.json` env block. |
+| Agent login or model API key | The coding agent itself                      | The bundled agent in remote setup, or your local agent client.              |
+| `GIT_TOKEN`                  | Git push from remote setup to a git provider | Secret env var on the `zcp` service when remote git-push delivery needs it. |
+| `ZEROPS_TOKEN`               | `zcli` in GitHub Actions or external CI      | Separate Zerops delivery token stored in the CI/release secret store.       |
+| `ZEROPS_TOKEN`               | `zcli` in GitHub Actions or external CI      | Separate Zerops delivery token stored in the CI/release secret store.       |
+
+Keeping these names separate prevents most setup and delivery failures.
+
+## Recommended `ZCP_API_KEY` shape
+
+Use a Zerops API token with **Custom access per project**, exactly one selected project, and **Full access** for normal agent work.
+
+Read-only tokens can authenticate, but they fail as soon as the agent needs to deploy, write env vars, restart services, scale, or change public access. Account-wide or multi-project tokens are refused before the agent can operate.
+
+To generate the token:
+
+1. Open [Settings -> Access Tokens Management](https://app.zerops.io/settings/token-management).
+2. Create a token and name it for the project, for example `zcp-<project-slug>`.
+3. Choose **Custom access per project**.
+4. Add exactly one project.
+5. Set that project to **Full access** for normal ZCP MCP work.
+6. Create the token and copy the value. Zerops shows it only at creation time.
+
+The token's blast radius equals the project and its granted permissions. Other projects, organization settings, and billing stay out of reach. Zerops [Roles & Permissions](/features/rbac#integration-tokens) remain the platform authority.
+
+## Rejected token shapes
+
+ZCP validates token shape at startup.
+
+| Token shape                         | What happens                                | Fix                                                                  |
+| ----------------------------------- | ------------------------------------------- | -------------------------------------------------------------------- |
+| Account-wide or multi-project token | ZCP refuses to start.                       | Generate a token scoped to exactly one project.                      |
+| Token with no project access        | ZCP refuses to start.                       | Grant one project or create a new single-project token.              |
+| Expired or revoked token            | ZCP refuses to start or receives HTTP 401.  | Replace the token and restart the agent or ZCP process.              |
+| Read-only project token             | Startup may pass, but mutations fail later. | Use full access for normal agent work, or expect read-only behavior. |
+| Read-only project token             | Startup may pass, but mutations fail later. | Use full access for normal agent work, or expect read-only behavior. |
+
+Common messages:
+
+| Message                                                        | Meaning                                           |
+| -------------------------------------------------------------- | ------------------------------------------------- |
+| `Token accesses N projects; use project-scoped token`          | The token can see more than one project.          |
+| `Token has no project access`                                  | The token authenticates but reaches no project.   |
+| `No authentication found: set ZCP_API_KEY or log in with zcli` | The `zcp` process did not receive a usable token. |
+| `AUTH_TOKEN_EXPIRED` or HTTP 401                               | The token expired, was revoked, or is invalid.    |
+| `AUTH_TOKEN_EXPIRED` or HTTP 401                               | The token expired, was revoked, or is invalid.    |
+
+For ZCP MCP setup, provide `ZCP_API_KEY`. `zcli` login is a diagnostic fallback, not the normal agent setup.
+
+## Where the token lives - remote vs local {#where-the-token-lives--remote-vs-local}
+
+ZCP reads `ZCP_API_KEY` from its process environment at startup. It does not write the token somewhere else or exchange it for a derived credential.
+
+| Setup                                        | Where `ZCP_API_KEY` comes from                          | Who provisions it                                        |
+| -------------------------------------------- | ------------------------------------------------------- | -------------------------------------------------------- |
+| [Remote setup](/zcp/setup/hosted-workspace)  | The `zcp` service environment                           | Zerops injects it automatically when the service starts. |
+| [Local setup](/zcp/setup/local-agent-bridge) | The `env` block of `.mcp.json` in the app directory     | You add it after `zcp init`.                             |
+| [Local setup](/zcp/setup/local-agent-bridge) | The `env` block of `.mcp.json` in the app directory     | You add it after `zcp init`.                             |
+
+In remote setup, do not hand-edit `ZCP_API_KEY`. Replace or rotate it through the Zerops-managed surface so the service keeps the intended project boundary.
+
+In local setup, `zcp init` writes a token-less `.mcp.json`. Add the token manually:
+
+```json
+{
+  "mcpServers": {
+    "zerops": {
+      "command": "zcp",
+      "args": ["serve"],
+      "env": {
+        "ZCP_API_KEY": "<your-single-project-token>"
+      }
+    }
+  }
+}
+```
+
+Add `.mcp.json` to `.gitignore`. Each app directory should have its own file and token. Switching projects means switching directories, not editing one shared credential.
+
+## Agent credentials are separate
+
+The bundled agent in remote setup may ask you to sign in or provide a model API key. That is not `ZCP_API_KEY`.
+
+Zerops wires the agent to ZCP. It does not provide your model subscription, store your agent login, or rotate your agent provider credentials. Treat the agent account exactly as you would outside Zerops.
+
+## Git and CI credentials
+
+`GIT_TOKEN` matters only when remote setup pushes to a git remote. It authorizes git provider access from the `zcp` service. In local setup, your local git CLI uses your normal SSH key or credential helper, so ZCP does not need `GIT_TOKEN`.
+
+`ZEROPS_TOKEN` is a Zerops API token used by GitHub Actions or another CI system when that system runs `zcli` against Zerops. It is not a GitHub token. Use a separate delivery token so ZCP sessions and CI/release workflows can be named, rotated, and audited independently.
+
+For production delivery, `ZEROPS_TOKEN` should reach production only and live only in the production CI or release secret store.
+
+With GitHub CLI, the secret shape is:
+
+```bash
+gh secret set ZEROPS_TOKEN -b "$ZEROPS_DELIVERY_TOKEN"
+```
+
+Use the GitHub UI or your CI secret manager instead if your team does not allow local CLI secret writes.
+
+## Rotation
+
+Rotate in the Zerops dashboard, then update the surface that consumes the token.
+
+| Surface              | Rotation step                                                                                                                            |
+| -------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- |
+| Remote `ZCP_API_KEY` | Reconfigure or redeploy the remote workspace through the dashboard-managed flow, then restart the `zcp` service so the process gets the new value. |
+| Local `ZCP_API_KEY`  | Paste the new token into `.mcp.json`, then restart the local agent client.                                                               |
+| `ZEROPS_TOKEN` in CI | Replace the repository or CI secret. The next workflow run uses the new value.                                                           |
+| `GIT_TOKEN`          | Replace the git-provider credential stored for remote setup.                                                                             |
+| `GIT_TOKEN`          | Replace the git-provider credential stored for remote setup.                                                                             |
+
+Rotation is picked up on the next process start or CI run, not in the middle of a live agent session.
+
+## What ZCP enforces for destructive actions
+
+A valid token does not remove every guardrail. ZCP MCP adds explicit confirmation for operations where the loss is not safely reversible from inside the conversation.
+
+| Operation                                                 | Gate                                                                                                                                                   |
+| --------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ |
+| Service deletion                                          | Requires explicit approval in the same conversation, including the service name. Remote setup also blocks deleting the `zcp` service it is running in. |
+| Wholesale service replacement after failed deploy history | The first request refuses, surfaces what would be replaced, and requires the agent to read failure evidence before asking you to confirm.              |
+| Wholesale service replacement after failed deploy history | The first request refuses, surfaces what would be replaced, and requires the agent to read failure evidence before asking you to confirm.              |
+
+Deploys, env changes, lifecycle actions, restarts, scaling, and public-access changes do not get an additional ZCP-specific confirmation gate. They are normal operations for a full-access token and should be reviewed through service events, logs, verification output, and team policy.
+
+Approval from a previous chat does not carry forward. A new conversation needs a new approval.
+
+## Evidence before destructive recovery
+
+When a service has recent failure history, ZCP enforces one recovery rule: read the platform evidence before destroying or replacing the service.
+
+The agent should inspect service events, build logs, runtime logs, and failure summaries, then either fix the cause or show you the evidence before asking for destructive confirmation. The point is to preserve the failure context the next session needs.
+
+A service waiting for first code deploy is not the same thing as a failed service. The gate is about recorded failure history, not idle state.
+
+Threat model and boundaries: [Trust model](/zcp/security/trust-model).
+
+## Credential checks
+
+- **Account-wide full-access tokens are refused.** ZCP needs one project, not a broad account credential.
+- **`zcp init` regenerates `.mcp.json`.** Re-add `ZCP_API_KEY` after rerunning it.
+- **`GIT_TOKEN` is not `ZCP_API_KEY`.** One authorizes git provider access; the other authorizes Zerops operations.
+- **`ZEROPS_TOKEN` in GitHub Actions is not a GitHub PAT.** It is a Zerops API token for `zcli`.
+- **A rotated token needs a restart.** The live ZCP process keeps the old environment value until it starts again.
+- **A successful confirmation is still destructive.** Backups, git history, and service events are your recovery evidence; ZCP does not auto-rollback a confirmed deletion or replacement.
+
+## Related pages
+
+- [Trust model](/zcp/security/trust-model) - the access boundary this page enforces.
+- [What remote workspace gives you](/zcp/setup/hosted-workspace) - automatic token injection.
+- [Run locally](/zcp/setup/local-agent-bridge) - local `.mcp.json` token setup.
+- [Production boundary](/zcp/security/production-policy) - why production gets separate credentials.
+- [GitHub integration](/references/github-integration) - CI secret usage with Zerops.
+
+
+----------------------------------------
+
+# Zcp > Security > Trust Model
+
+
+The trust model starts with one rule: one ZCP process operates one Zerops project. `ZCP_API_KEY` decides that boundary at startup, and ZCP refuses tokens that resolve to no project or multiple projects.
+
+That boundary is strong on the Zerops side. It does not make the agent harmless. A valid token can still deploy, change env vars, restart services, read logs, scale services, and change public access when Zerops permissions allow it. Treat it like an operations credential.
+
+## Boundary summary
+
+| Question                             | Answer                                                                                      |
+| ------------------------------------ | ------------------------------------------------------------------------------------------- |
+| What project can ZCP see?            | Exactly one project resolved from `ZCP_API_KEY` at startup.                                 |
+| What can ZCP change?                 | Whatever Zerops RBAC grants that token inside the project.                                  |
+| What is outside reach?               | Other projects, organization-wide settings, billing, and any operation Zerops RBAC rejects. |
+| What network can remote setup reach? | Private services from inside the `zcp` service.                                             |
+| What network can local setup reach?  | The Zerops API directly, plus private services only when your laptop VPN is up.             |
+| Who owns the agent login?            | You. The agent subscription or model API key is separate from `ZCP_API_KEY`.                |
+| Who owns the agent login?            | You. The agent subscription or model API key is separate from `ZCP_API_KEY`.                |
+
+Zerops [RBAC](/features/rbac) remains the authority. ZCP does not bypass platform permissions; it exposes project operations to the agent only through the token it was given.
+
+## Remote and local blast radius
+
+Remote setup and local setup share the same Zerops boundary, but not the same surroundings.
+
+| Area                       | Remote setup                                                                 | Local setup                                                     |
+| -------------------------- | ---------------------------------------------------------------------------- | --------------------------------------------------------------- |
+| Agent location             | Inside the `zcp@1` service when **Include Coding Agent** is enabled          | On your machine through your editor or CLI agent                |
+| Files visible to the agent | Workspace files and mounted runtime files                                    | Local files and anything your client permits                    |
+| Private service access     | Private network without laptop VPN                                           | `zcli vpn up <project-id>` from your machine                    |
+| Local machine exposure     | No direct access to your laptop                                              | Agent client runs as your local user                            |
+| Best safety posture        | Keep ZCP in a development/staging project and avoid mounting unrelated files | Restrict client permissions, shell access, and filesystem scope |
+| Best safety posture        | Keep ZCP in a development/staging project and avoid mounting unrelated files | Restrict client permissions, shell access, and filesystem scope |
+
+Remote setup is contained inside Zerops by design. Local setup is supervise-the-client by design. Either can be right, but local setup requires more attention to your agent client's local permissions.
+
+## Credential ownership
+
+There are three separate credential surfaces people often mix together:
+
+| Credential                          | Owner                        | Purpose                                                |
+| ----------------------------------- | ---------------------------- | ------------------------------------------------------ |
+| `ZCP_API_KEY`                       | Zerops token                 | Lets ZCP operate one Zerops project.                   |
+| Agent subscription or model API key | You / the agent provider     | Lets the coding agent run. Zerops does not provide it. |
+| Git or CI credentials               | You / your repository system | Lets finished work push to git or deploy through CI.   |
+| Git or CI credentials               | You / your repository system | Lets finished work push to git or deploy through CI.   |
+
+In both setups, the agent account is still authenticated through the agent's own login flow. For where each credential lives (remote injection vs `.mcp.json`), rotation, rejected token shapes, and `GIT_TOKEN` / `ZEROPS_TOKEN`, see [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## What the token lets the agent do
+
+The agent can perform normal operational work when the token has permission:
+
+- discover runtime and managed services,
+- create or adjust services when the task requires it,
+- read and write service env vars,
+- deploy app code to runtime services,
+- read build logs, runtime logs, and service events,
+- restart, reload, stop, start, or scale services,
+- enable or disable public access,
+- prepare delivery such as git push or CI handoff.
+
+This is why development and staging projects are the right place for ZCP. Production should be a separate project without a `zcp` service; see [Production boundary](/zcp/security/production-policy).
+
+## Remote setup specifics
+
+- **`zcp` service is not the app.** It is the workspace and control surface. Deploys target app runtimes, not the `zcp` service.
+- **The service has operational reach.** A terminal in the `zcp` service can use the same ZCP access as the agent. Review the dashboard's additional changes before deploying the service; they are what give the workspace its operating surface.
+- **Network reach is broader than file reach.** The workspace can reach private services, but it only sees runtime files that are mounted into it.
+- **Do not hand-edit `ZCP_API_KEY`.** Remote setup gets the value from Zerops. Manual replacement can break the intended one-project boundary.
+
+## Local setup specifics
+
+- **The agent inherits local reach.** ZCP MCP is limited to one project, but the local agent client can read files, run commands, and use credentials allowed by your client settings.
+- **Each local directory has its own config.** `.mcp.json` and `.zcp/state/` belong to one app directory. Launching from the wrong directory can connect the wrong token or no token.
+- **VPN is outside MCP authority.** Bringing up Zerops VPN needs your operating-system approval. The tools cannot grant that for the agent.
+- **`.env` files are snapshots.** They contain real project credentials and should stay out of git.
+
+## Human confirmation gates
+
+Most project operations do not get an extra ZCP-specific confirmation prompt. Deploys, env changes, restarts, scaling, and public-access changes are normal project operations and are audited through platform evidence.
+
+ZCP MCP adds hard gates where the loss is not safely reversible from the conversation: **service deletion** (explicit same-conversation approval by service name; remote setup also blocks deleting the `zcp` service it is running in) and **wholesale service replacement after failed deploy history** (refuse-then-acknowledge with failure evidence first). Approval from an old chat does not carry forward. The full enforcement rules are in [Tokens and credentials → What ZCP enforces for destructive actions](/zcp/security/tokens-and-project-access#what-zcp-enforces-for-destructive-actions).
+
+## Audit evidence
+
+Zerops records platform-side evidence. It does not record the agent's private reasoning, every shell edit, browser-helper action, or prompt history outside your agent client.
+
+When taking over from an agent, read evidence in this order:
+
+1. service-scoped events,
+2. build logs,
+3. runtime logs,
+4. deploy and verification output,
+5. git history when delivery uses git-push.
+
+| Surface        | What it proves                                                            | What it does not prove                       |
+| -------------- | ------------------------------------------------------------------------- | -------------------------------------------- |
+| Service events | Deploy lifecycle, failures, restarts, scaling, and public-access changes. | The exact source edit that caused the event. |
+| Build logs     | Dependency install, build commands, compile/package failures.             | Runtime request behavior after deploy.       |
+| Runtime logs   | Start crashes, port binding, request-time app errors.                     | Why the build failed.                        |
+| Verify output  | Whether reachability and requested behavior passed.                       | That unrelated app flows work.               |
+| Git history    | Source changes pushed during git-push delivery.                           | Uncommitted shell edits.                     |
+| Git history    | Source changes pushed during git-push delivery.                           | Uncommitted shell edits.                     |
+
+Filter by service hostname when possible. Project-level timelines can include unrelated services and older failures.
+
+## Related security
+
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, rotation, and confirmation gates.
+- [Remote or local setup](/zcp/setup/choose-workspace) - compare blast radius before setup.
+- [Production boundary](/zcp/security/production-policy) - keep production outside the agent loop.
+
+
+----------------------------------------
+
+# Zcp > Setup > Choose Workspace
+
+
+Use this page to decide where the agent workspace lives: inside Zerops, or on your machine beside the local app directory.
+
+Both setups connect the agent to one Zerops project and the same project-scoped operations. The tradeoff is where the agent works: filesystem ownership, private-service access, credential location, bundled tooling, and shell blast radius. The runtime layout is a separate app-work decision.
+
+## What you are choosing
+
+**Remote setup** always includes the `zcp@1` workspace service. If the chosen **runtime layout** has a development runtime, the agent works with that service too.
+
+**Local setup** does not need the workspace service or a separate development runtime. It runs beside your **local source tree** and deploys to the Zerops runtime you choose to link.
+
+Remote setup is the **safer default** for broader agent autonomy because the agent shell, private networking, and workspace files stay **inside Zerops** instead of on your machine. Use local setup when local files, data, desktop tools, git credentials, or a **local-only agent client** need to stay local.
+
+## Setup comparison
+
+|                         | Remote setup                                      | Local setup                                  |
+| ----------------------- | ------------------------------------------------- | -------------------------------------------- |
+| Workspace service       | Always has `zcp@1`.                               | Not required.                                |
+| Development runtime     | Only if the runtime layout includes one.          | Not required for local work.                 |
+| `zcp` process           | Runs in Zerops.                                   | Runs on your machine.                        |
+| Agent process           | Runs in the remote workspace.                     | Runs in your local editor or CLI.            |
+| Files the agent edits   | Workspace files and mounted runtime files.        | Files on your machine.                       |
+| Private service access  | Private Zerops network from the workspace.        | Zerops VPN from your machine.                |
+| Token storage           | Injected into the workspace service.              | `.mcp.json` in the local app directory.      |
+| Git credentials         | Configured inside the workspace service.          | Your local git credentials.                  |
+| Safety posture          | Broad agent shell permissions stay in Zerops.     | Agent shell permissions affect your machine. |
+| Safety posture          | Broad agent shell permissions stay in Zerops.     | Agent shell permissions affect your machine. |
+
+## Starting points
+
+Remote setup can start from:
+
+- **Recipe with AI Agent environment.** A guided path for a known stack. A recipe creates app services, managed services, and the `zcp@1` workspace together.
+- **New Zerops setup with remote setup enabled.** Start from blank services or a custom stack and add the `zcp@1` service during creation.
+- **Existing development or staging setup.** Add the `zcp` workspace next to services that already exist. Do not add ZCP to production; promote verified work through your release process instead.
+
+Local setup can start from:
+
+- **Empty local directory.** The agent creates the app structure from a product request and uses ZCP to select or create Zerops services.
+- **Existing app directory.** The app code, editor setup, local data, and git credentials already live on your machine.
+- **Recipe prepared for local setup.** The recipe creates the Zerops service baseline, while the agent and files stay local.
+
+## Runtime layout is separate
+
+Remote or local only answers where the agent and `zcp` process run. The project can still use:
+
+- one mutable dev runtime,
+- a dev + stage pair,
+- a single app runtime,
+- local files linked to a stage target.
+
+That choice belongs to app work: [Build and ship](/zcp/workflows/build-with-zcp#choose-the-runtime-layout).
+
+Stage is not production. Keep production in a separate Zerops project and promote work through your release process; see [Production boundary](/zcp/security/production-policy).
+
+## Switching later
+
+Remote and local setup are not permanent, but switching is a handoff between workspaces, not a sync operation. Before switching, make the handoff explicit:
+
+- Preserve the current source tree through git or another explicit copy path.
+- Choose one deploy source for the next task: the remote workspace, mounted runtime files, or the local app directory.
+- Do not edit mounted runtime files and a local repo in parallel unless you have a merge plan.
+- Regenerate local `.env` snapshots after Zerops env changes.
+- If the local deploy target changed, have the agent inspect the current local link before deploying.
+
+## Next steps
+
+- [What remote workspace gives you](/zcp/setup/hosted-workspace) - remote setup, Browser VS Code, bundled agent CLI, and workspace persistence.
+- [Run locally](/zcp/setup/local-agent-bridge) - local install, `zcp init`, `.mcp.json`, VPN, env snapshots, and deploy target linking.
+- [Trust model](/zcp/security/trust-model) - how the safety boundary changes between remote setup and local setup.
+
+
+----------------------------------------
+
+# Zcp > Setup > Hosted Workspace
+
+
+A remote workspace puts the agent, terminal, and optional browser IDE inside Zerops, next to private networking and ZCP access.
+
+The `zcp@1` service runs the same `zcp` binary used by local setup, but broad shell permissions and private service access stay in a clean Zerops service instead of on your laptop.
+
+Use remote setup when you want the default workspace, a safer boundary for broad agent permissions, or a preconfigured environment with Claude Code and Browser VS Code.
+
+App code still deploys to your app runtime services. The `zcp` service is the workspace and control surface; it is not the application runtime.
+
+Taking over is straightforward in this setup. You open the same workspace, terminal, files, and workflow status the agent used, then continue, inspect, or stop the work from there.
+
+## What it includes
+
+- **`zcp@1` workspace service.** Runs ZCP inside Zerops and gives the agent project-scoped operations.
+- **Platform-injected `ZCP_API_KEY`.** Zerops injects the token into the workspace; you normally do not set it by hand.
+- **Bundled Claude Code when enabled.** The **Include Coding Agent** option installs and preconfigures Claude Code. You authenticate with your own Claude subscription login or API key.
+- **Browser VS Code when enabled.** The **Cloud IDE** option gives you a browser editor, terminal, and a place to supervise or take over the agent session.
+- **Private networking.** The workspace can reach managed services by hostname without laptop VPN.
+- **Open workspace model.** You can add other agent CLIs, private MCP servers, helper processes, dotfiles, package installs, or a derived team image.
+
+For the local alternative, see [Run locally](/zcp/setup/local-agent-bridge). For the tradeoffs, see [Remote or local setup](/zcp/setup/choose-workspace).
+
+## Choose a starting point
+
+### First-time trial
+
+Use the [Quickstart](/zcp/quickstart) when you want the guided recipe route. It covers the recipe catalog, **AI Agent** environment, Claude Code authentication, Browser VS Code, first product prompt, and proof.
+
+After provisioning, continue with a product prompt in [Build and ship](/zcp/workflows/build-with-zcp).
+
+### Recipe with AI Agent environment
+
+Use this when you want a guided stack baseline for development or staging. A recipe with an **AI Agent** environment creates app services, managed services, and the `zcp@1` workspace together.
+
+Keep **Coding Agent** enabled when you want bundled Claude Code. Keep **Cloud IDE** enabled when you want Browser VS Code.
+
+### New Zerops setup with remote setup enabled
+
+Use this when you want blank services or a custom stack.
+
+1. Open [Add new project](https://app.zerops.io/dashboard/project-add).
+2. Enter the project name, region, and tags.
+3. Enable the `zcp@1` remote setup service.
+4. Keep **Include Coding Agent** enabled if you want bundled Claude Code.
+5. Keep **Cloud IDE** enabled if you want browser VS Code.
+6. Create the project.
+
+This gives you the `zcp@1` workspace. App runtimes and managed services may still be created later by normal ZCP app work.
+
+### Existing development or staging setup
+
+Use this when runtime or managed services already exist in development or staging. Do not add `zcp` to production; promote verified work through your release process.
+
+Add a `zcp` service from the dashboard the same way you add another Zerops service. The workspace appears next to the existing services and receives ZCP access from the platform.
+
+The agent should still read current state before changing anything. Existing services are context, not instructions for the next task.
+
+## Open the workspace
+
+For a returning remote workspace, open the existing `zcp` service:
+
+1. Open the project in the [Zerops dashboard](https://app.zerops.io/).
+2. Open the `zcp` service.
+3. Use **Browser VS Code** when **Cloud IDE** is enabled.
+4. Complete the Claude Code login or API-token flow if prompted.
+
+After authentication, Claude Code is connected to ZCP and ready to work from the Browser VS Code terminal. If the workspace was already authorized, use the same route to resume, supervise, or take over work.
+
+First load can take a minute while the image, Cloud IDE, and bundled agent finish starting. If the page opens before the service is ready, wait until the service is running and reload.
+
+## Use your own editor or tools
+
+Browser VS Code is the quickest entry point, not the only one.
+
+Editors that support remote development can connect to the workspace or runtime services over SSH, depending on how your team wants to work. Common options include VS Code Remote SSH, JetBrains Gateway, Cursor, Zed, and plain SSH.
+
+This keeps the agent and private network inside Zerops while letting you use a desktop editor UI. Broader editor patterns live in [Local & Remote Development](/features/local-remote-development#native-ide-over-ssh).
+
+You can also install another agent CLI or additional MCP servers inside the `zcp` service. The bundled Claude Code flow is a convenience, not a closed product boundary.
+
+## Advanced customization guardrails
+
+Tools installed inside the `zcp` service may see workspace environment variables, private networking, and any runtime files mounted into the workspace. Use trusted and pinned tools. Keep model credentials, git delivery tokens, external API keys, and production credentials out of the workspace unless the current task explicitly needs them.
+
+## What belongs where
+
+| Concern              | Where it belongs                                                                                                            |
+| -------------------- | --------------------------------------------------------------------------------------------------------------------------- |
+| Agent workspace      | The `zcp@1` service: agent CLI, browser VS Code, shell tools, MCP servers, helper processes, dotfiles.                      |
+| App code deploys     | Your app runtime services; not the `zcp` workspace service.                                                                 |
+| `ZCP_API_KEY`        | Injected by Zerops into the `zcp` workspace.                                                                                |
+| Agent account        | Your Claude subscription login or model API credential. Zerops wires the agent to ZCP, but the agent account remains yours. |
+| Git credentials      | Configured inside the workspace when the agent should commit or push from remote setup.                                     |
+| Production release   | A separate production project and release process.                                                                          |
+| Production release   | A separate production project and release process.                                                                          |
+
+## Runtime file access
+
+Remote setup can mount runtime service filesystems into the `zcp` workspace after the first setup pass. Each mounted runtime appears as its own folder. Editing a mounted file changes the file inside that runtime service, with no upload step from your laptop.
+
+Filesystem reach is narrower than network reach. The workspace can reach services over the private network, but it only sees runtime files mounted into it.
+
+## Make customization persistent
+
+The `zcp@1` service is a normal Zerops service. One-off shell installs disappear when the service is rebuilt unless you make them part of the service setup.
+
+Use these patterns:
+
+- **Small additions:** put package installs, dotfiles, or bootstrap scripts into service init commands.
+- **Team-standard workspace:** build a derived image based on `zcp@1` with required tools already present.
+- **Helper processes:** run private helpers next to the agent and editor workspace when your team needs internal integrations.
+
+Keep app runtime build steps with the runtime services. The remote workspace carries the agent, tools, and ZCP access; runtime services own app builds and deploys.
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) - normal app work after setup.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - how `ZCP_API_KEY`, git credentials, and CI secrets differ.
+
+
+----------------------------------------
+
+# Zcp > Setup > Local Agent Bridge
+
+
+Local setup installs the `zcp` binary on your machine and runs it from the app directory where your agent works.
+
+Use it when the agent should work next to local files, local data, your desktop editor, terminal tools, and git credentials. The MCP server limits Zerops operations to one project, but the agent client runs as your local user, so local approvals and filesystem allowlists matter.
+
+[Remote setup](/zcp/setup/hosted-workspace) is the safer default when the agent does not need local files or tools. Use local setup when local control is the point.
+
+:::warning Public preview
+Local setup has more moving parts than remote setup and may change faster. The binary install path, `.mcp.json` shape, and files written by `zcp init` are still settling between releases.
+:::
+
+## Choose a local starting point
+
+Pick the folder that should own app work:
+
+- **Empty local directory.** Start with no app code yet. The agent can create the app structure and use the MCP tools to select or create Zerops services.
+- **Existing app directory.** Use this when app code, local data, editor setup, test fixtures, and git credentials already live on your machine.
+- **Recipe prepared for local setup.** Use a recipe to create the Zerops service baseline, then run the agent locally from the directory that should own source changes.
+
+After that choice, the mechanics are the same: install `zcp`, run `zcp init`, add `ZCP_API_KEY`, start VPN when private service access is needed, and link a runtime when the agent should deploy.
+
+## What local setup gives the agent
+
+- **Local files as source.** The agent edits the directory on your machine, and deploys use that working directory.
+- **Your editor and terminal.** Framework CLIs, test runners, local data, and local feedback stay under your normal tools.
+- **Your git credentials.** Pushes use your local git CLI, SSH agent, or credential helper.
+- **Zerops operations.** The MCP tools let the agent discover services, generate env snapshots, deploy to linked runtimes, read logs, and verify.
+- **Private service access through VPN.** Your local app and shell reach private service hostnames through `zcli vpn up`.
+
+Security note: local setup cannot protect your laptop from the agent client. Configure approvals as you would for any local coding agent.
+
+## Prerequisites
+
+- A Zerops project. Create one from the [Zerops dashboard](https://app.zerops.io/dashboard/project-add), from a [recipe](https://app.zerops.io/recipes), or use an existing development/staging setup.
+- [zCLI](/references/cli) installed and authenticated on your machine.
+- A compatible local agent client installed and logged in.
+- A **single-project Zerops token**. Multi-project tokens are refused at startup.
+- A local directory where the agent should run.
+
+You do not need MCP just to develop locally against Zerops services as a human. `zcli vpn up` plus your editor is enough. Add MCP when a local coding agent should also understand and operate Zerops.
+
+## 1. Get `ZCP_API_KEY`
+
+The MCP server needs a Zerops API token that reaches exactly one project. For normal agent work, use a full-access token; read-only tokens can authenticate but fail on deploys, env changes, lifecycle actions, and other mutations. Token generation, rejected shapes, and rotation are covered in [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## 2. Install `zcp`
+
+```bash
+curl -sSfL https://raw.githubusercontent.com/zeropsio/zcp/main/install.sh | sh
+```
+
+The installer downloads the latest release for your platform into `~/.local/bin`, or `/usr/local/bin` when run as root. Verify the install:
+
+```bash
+zcp version
+```
+
+If your shell cannot find `zcp`, add the install directory to `PATH` and reload the shell.
+
+## 3. Run `zcp init`
+
+From the local directory the agent should operate:
+
+```bash
+zcp init
+```
+
+`zcp init` writes local MCP config and agent instructions:
+
+- `.mcp.json` - MCP server config for this directory.
+- `CLAUDE.md` - agent instructions for Zerops work.
+- `.claude/settings.local.json` - Claude Code per-project settings when that client is used.
+- `~/.config/zerops/aliases` plus a shell-rc sourcing line - helper aliases for launching the agent here.
+- `.zcp/state/` - workflow state created when MCP first writes local state.
+
+Re-running `zcp init` may refresh generated config. `CLAUDE.md` preserves edits outside managed markers, but `.mcp.json` is regenerated from the token-less template. If you rerun it, re-check the `ZCP_API_KEY` block before launching the agent.
+
+## 4. Add `ZCP_API_KEY`
+
+`zcp init` writes a token-less `.mcp.json`. Add the project token under the `env` block:
+
+```json
+{
+  "mcpServers": {
+    "zerops": {
+      "command": "zcp",
+      "args": ["serve"],
+      "env": {
+        "ZCP_API_KEY": "<your-single-project-token>"
+      }
+    }
+  }
+}
+```
+
+Add `.mcp.json` to `.gitignore`. It contains a live Zerops credential and should not leave the machine. Each app directory should have its own `.mcp.json` and token.
+
+The server name `zerops` is intentional. Do not rename it unless your agent client requires a different name and you understand the prompt/instruction changes.
+
+## 5. Launch the agent from the app directory
+
+Start the agent from the directory that contains `.mcp.json`. The client should list `zerops` as an available MCP server.
+
+Sanity check:
+
+```text
+List the Zerops services through MCP.
+```
+
+A working connection answers with the runtime and managed services. If not, check the launch directory, token scope, and whether the client loaded `.mcp.json`.
+
+## 6. Bring up VPN when private services are needed
+
+The MCP server can talk to the Zerops API without VPN. Your local app, shell, tests, database clients, and framework commands need VPN to reach private hostnames such as `db` or `cache`.
+
+```bash
+zcli vpn up <project-id>
+```
+
+VPN setup needs admin or root approval on macOS and Linux. The tools can tell the agent which command is needed, but they cannot approve or start it for you. After the tunnel is up, service hostnames resolve from your machine; rerun the command when local service connections fail.
+
+## 7. Generate local env when needed
+
+When the local app needs service credentials, ask the agent for the app work and let the tools generate the env bridge. For a standalone check:
+
+```text
+Generate a .env file for my local app from Zerops env references.
+```
+
+Env generation needs `zerops.yaml` in the working directory, the runtime or setup the local app should use, a matching `setup:` entry, and non-empty `run.envVariables` under that setup.
+
+The tools read `run.envVariables`, resolve Zerops references such as `${db_user}`, `${db_password}`, and `${db_hostname}`, and write the resulting values into `.env`. Cross-service references resolve recursively, so a `DATABASE_URL` can land as a complete local connection string.
+
+If those inputs are missing, the agent should fix `zerops.yaml` or ask for the target runtime/setup. It should not invent env values from service names or dashboard memory.
+
+The file is a snapshot, not a live sync. Regenerate it after changing env variables in Zerops. VPN is still required for your local app to use private service hostnames from that `.env`.
+
+Keep `.env` out of git. It contains real connection values.
+
+## 8. Link a deploy target
+
+Local setup needs a Zerops runtime when the agent should deploy from your working directory. A stage runtime is the usual target because it lets local work prove itself before the production release.
+
+If there is exactly one runtime, the agent can use it automatically. If multiple runtimes exist, it should ask which one to link:
+
+```text
+Link this local directory to appstage for deploys.
+```
+
+Without a linked runtime, the tools can still inspect services and generate env snapshots, but local deploys need a target first.
+
+## What stays outside
+
+MCP does not replace your local feedback loop. Vite, Valet, Docker Compose, your IDE runner, framework CLIs, local fixtures, and test data stay under your normal tooling.
+
+Local setup does not mount Zerops runtime filesystems on your laptop. Remote setup can mount runtime files into the workspace; local setup works from files on your machine. To inspect runtime files from your machine, use [SSH](/references/networking/ssh) directly.
+
+The MCP server does not own your git credentials. In local setup, your local git CLI, SSH agent, or credential helper handles pushes.
+
+## Local setup checks
+
+- **Launch directory matters.** Start the agent from the folder that contains `.mcp.json`.
+- **`zcp init` can remove the token from `.mcp.json`.** Re-add `ZCP_API_KEY` after rerunning init.
+- **VPN is separate from MCP auth.** MCP may work while your app still cannot reach `db`.
+- **`.env` generation depends on `run.envVariables`.** If generation fails, check that the working directory has `zerops.yaml`, the selected `setup:` exists, and env entries live under `run.envVariables`.
+- **`.env` is a credential snapshot.** Regenerate after env changes and keep it out of git.
+
+## Next steps
+
+- [Build and ship](/zcp/workflows/build-with-zcp) - normal app work after setup.
+- [Tokens and credentials](/zcp/security/tokens-and-project-access) - token scope, storage, rotation, and destructive confirmations.
+
+
+----------------------------------------
+
+# Zcp > Workflows > Build With Zcp
+
+
+Use Build and ship for the decisions that shape normal app work. ZCP MCP gives the agent Zerops project state, platform guidance, project-scoped operations, deploy evidence, and recovery rules. You still decide what should be built, where it should run, how strict the acceptance criteria are, and what happens after proof.
+
+```text
+Build a task board.
+Tasks should stay saved after refresh.
+```
+
+A prompt can be that short when the outcome is enough. Add detail when it changes behavior, architecture, stack, runtime layout, acceptance criteria, credentials, delivery, packaging, or the production release.
+
+The expected output is a verified running change, not only generated files. The agent should prove the request against a real runtime, real managed services when used, and the logs, events, and checks that explain what happened.
+
+## The decisions
+
+<div className="zcp-lifecycle-diagram">
+  <div className="zcp-lifecycle-prompt">
+    <span>Product prompt</span>
+    <code>Build a task board...</code>
+  </div>
+  <div className="zcp-lifecycle-down" aria-hidden="true" />
+  <div className="zcp-lifecycle-flow">
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--infra">
+      <h3>1. Runtime layout</h3>
+      <p>Choose where app work should land.</p>
+      <ul>
+        <li>Use existing services</li>
+        <li>Create missing services</li>
+        <li>Pick dev, stage, or linked target</li>
+      </ul>
+    </section>
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--dev">
+      <h3>2. Development</h3>
+      <p>The agent gets current state, Zerops knowledge, deploy evidence, and your product instructions.</p>
+    </section>
+    <section className="zcp-lifecycle-stage zcp-lifecycle-stage--delivery">
+      <h3>3. After proof</h3>
+      <p>Decide what happens to verified work.</p>
+      <ul>
+        <li>Direct deploy, git, or CI</li>
+        <li>Optional package bundle</li>
+        <li>Production release</li>
+      </ul>
+    </section>
+  </div>
+</div>
+
+You do not run these steps by hand. They are the parts where your intent changes what the agent should do. If you do not specify a choice, the agent should infer from current project state and ask only when the decision changes cost, credentials, runtime layout, delivery, production risk, or destructive behavior.
+
+## 1. Choose the runtime layout {#choose-the-runtime-layout}
+
+When the app runtime and dependencies are unclear, the workflow prepares the layout before feature work starts. It reads current state, uses existing services when they fit, creates missing runtimes or managed services when needed, and stops when the agent knows where app code belongs.
+
+The main user-facing choice is runtime layout. Let the agent infer it from the project, or name it in the prompt when it matters.
+
+| Runtime layout            | Use when                                                                                  | What to tell the agent                                  |
+| ------------------------- | ----------------------------------------------------------------------------------------- | ------------------------------------------------------- |
+| **Dev**                   | You want one mutable runtime for fast iteration, experiments, or early app work.          | `Build a small Node.js API on dev.`                     |
+| **Dev + stage**           | You want a development runtime plus a separate runtime for review or release rehearsal.  | `Build a Node.js API with PostgreSQL on dev+stage.`     |
+| **Stage / linked target** | You work from local files or a single target runtime and want the workflow to use that target. | `Use appstage as the deploy target for this local app.` |
+| **Stage / linked target** | You work from local files or a single target runtime and want the workflow to use that target. | `Use appstage as the deploy target for this local app.` |
+
+The layout is about app runtimes, not where the `zcp` binary runs. Remote setup can use any of these layouts from the `zcp@1` workspace. Local setup usually works from local files into a linked stage or app runtime.
+
+Managed services such as PostgreSQL, Valkey, queues, search, storage, or mail are dependencies. The agent gets their state and wiring patterns, but app code deploys to runtime services.
+
+## 2. Development {#develop-with-live-project-context}
+
+Development is still a normal coding conversation with the agent. You describe the product behavior, stack constraints, acceptance criteria, and anything the agent must not guess.
+
+MCP adds the Zerops side of that conversation: current project state, platform knowledge, project-scoped operations, deploy/log evidence, verification checks, recovery rules, and saved work state. Because of that, you usually do not paste service inventory, env wiring, deploy logs, or a "deploy and verify" checklist into the prompt.
+
+The useful things to name are:
+
+- the behavior you want and how it should be verified,
+- stack, framework, managed-service, or runtime target preferences,
+- whether the agent should inspect or continue existing work first,
+- approval boundaries for cost, credentials, data, production, or destructive actions.
+
+Expect the agent to ask when one of those choices is missing. Otherwise, it should use project context while it works and finish with proof or a blocker.
+
+## 3. Choose delivery after proof {#choose-delivery-after-proof}
+
+Delivery preference is how app work closes after there is a verified result. Include it in the original prompt or set it later.
+
+The first functional deploy is still direct so the agent can prove the app runs. Delivery preference decides what happens after that proof and how later sessions should finish similar work.
+
+| Delivery preference    | What it means                                                                                      | What to tell the agent                                                      |
+| ---------------------- | -------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------- |
+| **Keep direct deploy** | The agent keeps deploying directly to the target runtime for fast dev/stage iteration.             | `Keep direct deploy for now.`                                               |
+| **Push to git**        | The agent commits and pushes working changes to the configured repository.                         | `When the app works, push changes to git@github.com:my-org/task-board.git.` |
+| **CI / handoff**       | A repository integration, GitHub Actions workflow, release process, or human owns the next deploy. | `Set up GitHub Actions delivery for future deploys after the app works.`    |
+| **CI / handoff**       | A repository integration, GitHub Actions workflow, release process, or human owns the next deploy. | `Set up GitHub Actions delivery for future deploys after the app works.`    |
+
+The workflow records the delivery choice so later work can follow it. Git credentials, CI secrets, and production credentials are separate from `ZCP_API_KEY`; see [Tokens and credentials](/zcp/security/tokens-and-project-access).
+
+## 4. Package a verified runtime {#package-a-verified-runtime}
+
+After a runtime is verified, you can ask the agent to prepare it as a re-importable Zerops project bundle. Use this when the app should become a reusable starter, customer handoff, demo project, or clean staging project.
+
+The prompt can be one sentence:
+
+```text
+Package appstage as a buildFromGit import bundle, commit it, and push it to git so I can import it into a fresh Zerops project.
+```
+
+The export workflow prepares `zerops-project-import.yaml` and `zerops.yaml` in the same git repo as the app. The import file contains one runtime with `buildFromGit:` pointing back to that repo, plus managed services needed for Zerops env references to resolve when the bundle is imported into a fresh project.
+
+The agent may still ask which runtime to package, which half of a dev+stage pair to use, how to classify project env vars, or how to configure git push. Once pushed, the target project can import the bundle from the dashboard or with `zcli project project-import zerops-project-import.yaml`.
+
+Packaging is not the next deploy of the same app. For the next app change, keep using the normal build/deploy/verify loop. Use packaging when the output you want is a git-backed import bundle; see [Package a running service](/zcp/workflows/package-running-service).
+
+## 5. Prepare the production release {#prepare-production-release}
+
+The production release is where authority changes. The agent prepares verified work and release evidence; production execution belongs to Zerops project settings, CI, release tooling, or a deliberate human action with production credentials.
+
+The useful split is:
+
+| Job | How often | What happens |
+| --- | --- | --- |
+| **Production infrastructure** | Once per production project | Export the verified project as YAML in the GUI, edit it for production, then import it as a new project. |
+| **Production deploy trigger** | Once per production runtime | Connect the production runtime to git, usually with a tag trigger. |
+| **Production release** | Every release | Verify in dev/stage, push source to git, then trigger production through your tag or release process. |
+| **Production release** | Every release | Verify in dev/stage, push source to git, then trigger production through your tag or release process. |
+
+Production should be a separate Zerops project without a `zcp` service. Production credentials are not `ZCP_API_KEY`; keep them in CI or release tooling. For the full release guide, see [Promote to production](/zcp/workflows/promote-to-production).
+
+## What the final answer should contain
+
+For a completed app task, the agent should report:
+
+- the runtime service it changed,
+- the deploy or verification target,
+- the URL, endpoint, UI state, job result, or stored data that proves the requested behavior,
+- managed services, env vars, or delivery settings it touched,
+- the delivery preference, packaging output, or production release state that now applies.
+
+If the task is incomplete, the final answer should name the blocker, the evidence read, what was tried, and the decision or credential needed from you.
+
+
+----------------------------------------
+
+# Zcp > Workflows > Package Running Service
+
+
+Use packaging when a verified runtime should become a re-importable Zerops bundle. It is a handoff or reuse task after the app already works, not the normal way to deploy the next change.
+
+You can ask for it directly:
+
+```text
+Package appstage as a buildFromGit import bundle.
+Commit it and push it to git.
+```
+
+The result is a single git repo that contains the app source, [`zerops.yaml`](/zerops-yaml/specification), and a project [import file](/references/import) named `zerops-project-import.yaml`. The import file uses `buildFromGit:` so a fresh Zerops project can rebuild the app from the repo instead of carrying source code inside YAML.
+
+Packaging starts from a deployed Zerops runtime. If important source changes exist only on your laptop, deploy or push them first so the runtime and git repo match what you want to package.
+
+## When to package
+
+Package a runtime when you need:
+
+- a running runtime and its managed dependencies reproduced in another Zerops project,
+- a reusable starter, demo, handoff, customer project, or clean staging baseline,
+- a repo commit that carries the Zerops import shape next to the app source,
+- the destination project to build from git.
+
+Do not use packaging for:
+
+- the next app deploy; use the normal build, deploy, and verify loop,
+- the production release; production needs its own infrastructure, credentials, domains, and release trigger,
+- moving managed-service data; backups and restores are separate.
+
+For production setup, follow [Promote to production](/zcp/workflows/promote-to-production). Packaging can help create a reusable app bundle, but it does not decide production infrastructure or release policy.
+
+## What the agent prepares
+
+The agent packages **one** runtime. If the project has dev and stage runtimes, it asks which one to use because they can have different env values, start commands, or `setup:` blocks.
+
+Managed services come along as dependencies when the runtime's `zerops.yaml` needs their env references. You do not pick databases, caches, queues, or search services one by one.
+
+The workflow then prepares:
+
+- `zerops-project-import.yaml` - the project and service shape for the destination project,
+- `zerops.yaml` - the runtime build and run configuration,
+- a git commit and push when git delivery is configured or explicitly requested.
+
+If the runtime has no usable `zerops.yaml` or git remote, the agent has to fix that first. A bundle is only useful when the destination project can pull source and build it from git.
+
+## Env vars need review
+
+Project env vars are the main place where the agent may ask you to decide. Each value gets one bucket:
+
+| Bucket | Use for | Bundle result |
+| --- | --- | --- |
+| `infrastructure` | Values derived from managed services, such as database or cache references. | Omitted from project envs; the new managed service provides fresh values. |
+| `auto-secret` | App-owned signing or encryption keys that can be regenerated. | Fresh generated secret on import. |
+| `external-secret` | Third-party credentials such as Stripe, OpenAI, Mailgun, or GitHub. | `REPLACE_ME` placeholder. |
+| `plain-config` | Literal non-secret config such as log level, feature flags, or public app settings. | Copied as-is. |
+| `plain-config` | Literal non-secret config such as log level, feature flags, or public app settings. | Copied as-is. |
+
+Do not treat this as a key-name guessing game. The agent should inspect source code and ask when classification changes behavior. For example, regenerating a Laravel `APP_KEY`, Django `SECRET_KEY`, or session secret can break existing encrypted state. If state continuity matters, carry the existing value instead of generating a new one.
+
+## What is not included
+
+| Not included | What to do instead |
+| --- | --- |
+| Managed-service data | Restore from [Backup](/features/backup) or another migration path. |
+| Real third-party secrets | Fill placeholders in the destination project before deploying. |
+| Production domains, scaling, backups, and release triggers | Configure them in the destination project. |
+| A repeatable production release process | Use your CI or release workflow; see [Promote to production](/zcp/workflows/promote-to-production). |
+| A repeatable production release process | Use your CI or release workflow; see [Promote to production](/zcp/workflows/promote-to-production). |
+
+## Use the bundle
+
+After the bundle is pushed, import `zerops-project-import.yaml` in the destination project through the dashboard or with `zcli project project-import zerops-project-import.yaml`.
+
+Before opening the new project to users:
+
+- fill `REPLACE_ME` values,
+- restore or seed data when needed,
+- review service scaling and public access,
+- run a normal deploy and verification pass in the destination project.
+
+
+----------------------------------------
+
+# Zcp > Workflows > Promote To Production
+
+
+Use this after the agent has proved work in development or stage. The production release is the point where authority changes: the agent can prepare proof, source changes, and setup notes, but production execution belongs to Zerops project settings, CI, release tooling, or a deliberate human action with production credentials.
+
+Production should be a separate Zerops project without a `zcp` service. That keeps the development agent out of the production blast radius while still letting verified work reach production.
+
+## The simple production path
+
+There are three different jobs. Two are setup work; one is the repeatable release operation.
+
+| Job | How often | Simplest path |
+| --- | --- | --- |
+| **Create production infrastructure** | Once per production project | Export the verified Zerops project as YAML in the GUI, edit it for production, then import it as a new project. |
+| **Connect the production deploy trigger** | Once per production runtime | In the production project, connect the git repository in the Zerops GUI and trigger builds from release tags. |
+| **Release an app change** | Every release | Verify in dev/stage, push source to git, then create the release tag or use your team's release process. |
+| **Release an app change** | Every release | Verify in dev/stage, push source to git, then create the release tag or use your team's release process. |
+
+This page uses the GUI path because it is the clearest path available today. More customized teams can replace the GUI trigger with GitHub Actions or another CI system later.
+
+## 1. Create production infrastructure
+
+Do this once when you need a production project for a verified app.
+
+1. Open the development or staging project that contains the verified runtime.
+2. Use **Export project as yaml**.
+3. Edit the exported YAML for production.
+4. Import the edited YAML as a new Zerops project.
+
+Before import, review the YAML as production infrastructure, not as a blind copy of the development project:
+
+- remove the `zcp` service,
+- remove dev-only runtimes and tools such as Mailpit or Adminer,
+- keep the runtime and managed services that production actually needs,
+- choose production `mode` values before creation, especially `HA` for databases that need it,
+- set production `minContainers`, autoscaling, and core package,
+- replace development secrets with production secrets or placeholders,
+- plan managed-service data restore or migrations,
+- configure production domains, DNS, public access, SMTP, object storage, backups, queues, search, and cache as needed.
+
+Before opening production traffic, get familiar with the deeper Zerops production surface: service modes, scaling, deploy pipeline, health checks, backups, public access, and domains. If the app should use a real domain, follow [Public Access Configuration](/references/networking/public-access).
+
+Project export/import creates the production infrastructure. Do not rely on it as the code delivery mechanism. The app source should be in git, and the first production code deploy should come through the production deploy trigger.
+
+## 2. Connect the production deploy trigger
+
+Do this once for each production runtime that should build from git.
+
+The simplest path is the Zerops GitHub or GitLab integration in the production project:
+
+1. Open the production runtime service.
+2. Connect the git repository.
+3. Choose **New tag** as the production trigger.
+4. Add a tag filter if your team uses one, for example `v*`.
+5. Keep production env vars and secrets in the production Zerops project.
+
+For stage, a branch trigger can be convenient. For production, a tag trigger is easier to reason about: a normal source push can update stage, while a deliberate release tag updates production.
+
+If your team needs approvals, custom tests, generated artifacts, or stricter audit, use GitHub Actions or another CI system instead. In that setup, store a production-scoped `ZEROPS_TOKEN` in the CI secret store and run the production deploy from CI.
+
+## 3. Release an app change
+
+This is the repeatable operation after production infrastructure and the deploy trigger exist. The exact release command is yours: define it in your repository instructions, agent skill, CI guide, or team release checklist.
+
+For example, if production deploys from release tags, the user instruction can be as direct as:
+
+```text
+Create the release tag for production and push it to git.
+```
+
+Use the wording that matches your CI/CD. The release step can be a manual CLI action, a `git push`, a tag push, a pull request, a protected branch merge, or a CI job. That part is your team preference and production setup, not a rule from these docs.
+
+The important rule is that the agent should name what it pushed and whether that push triggers stage, production, both, or neither. If production release requires a tag, the final answer should say the tag name or the exact tag command.
+
+## What not to carry into production
+
+Do not copy these from the development project into production:
+
+- the `zcp` service,
+- development `ZCP_API_KEY`,
+- local `.mcp.json`,
+- development secrets,
+- test data unless it is intentionally migrated,
+- dev-only utilities such as Mailpit or Adminer,
+- `.zerops.app` preview routing as the final public entry point.
+
+Use production-specific domains, secrets, backup policy, scaling, and release credentials.
+
+## What the agent should hand you
+
+A useful release handoff from the agent contains:
+
+- runtime and project where the change was verified,
+- URL, endpoint, UI state, job result, or stored data that proves the requested behavior,
+- commit, branch, PR, or suggested release tag,
+- whether the git push triggers stage, production, both, or neither,
+- services to keep, remove, or change before importing production infrastructure,
+- env vars, managed services, migrations, or delivery settings touched,
+- external secrets still needed,
+- managed-service data that must be restored or migrated,
+- production blockers that need a human decision.
+
+If the answer only says that files were changed, the release handoff is incomplete. Ask for the verification evidence and the exact release artifact.
+
+Production hardening belongs in your team's production checklist. This page only defines the handoff from verified dev or stage work into production authority.
+
+## Related production references
+
+- [Production boundary](/zcp/security/production-policy) — Why production stays outside the agent loop.
+- [Import & Export YAML Configuration](/references/import) — Project export and import reference.
+- [Public Access Configuration](/references/networking/public-access) — Custom domains, DNS, SSL, and production public access.
+
+
 ----------------------------------------
 
 # Zerops Yaml > Base List
 
-This is a list of all currently supported versions of technologies that can be used for build.base and run.base sections in `zerops.yaml`.
+
+This is a list of all currently supported versions of technologies that can be used for <code>[build.base](/zerops-yaml/specification#base-required)</code> and <code>[run.base](/zerops-yaml/specification#base)</code> sections in `zerops.yaml`.
+
 :::note
 Versions listed on the same line are aliases of the same underlying version.
 :::
+
 ## Runtime services
-  
-      Service Type
-      Supported OS
-      Versions
-    
-    Build / Runtime
-  
-     Bun
-     `ubuntu` / `alpine`
-     
-     Deno
-     `ubuntu`
-     
-     .NET
-     `ubuntu` / `alpine`
-     
-     Elixir
-     `ubuntu` / `alpine`
-     
-     Gleam
-     `ubuntu`
-     
-     Go
-     `ubuntu` / `alpine`
-     
-     Java
-     `ubuntu` / `alpine`
-     
-      Node.js
-      `ubuntu` / `alpine`
-      
-      Python
-      `ubuntu` / `alpine`
-      
-      Rust
-      `ubuntu` / `alpine`
-      
-        &nbsp;
-        &nbsp;
-        Build
-        Runtime
-      
-      PHP + Apache
-      `ubuntu` / `alpine`
-      
-      PHP + nginx
-      `ubuntu` / `alpine`
-      
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th rowspan="2" className="">Service Type</th>
+      <th rowspan="2" className="">Supported OS</th>
+      <th colspan="2" className="w-full">Versions</th>
+    </tr>
+  <tr>
+    <th colspan="2" className="w-full">Build / Runtime</th>
+  </tr>
+</thead>
+  <tbody>
+    <tr>
+     <td className="w-fit">Bun</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `bun@1.3.9`, `bun@1.3`, `bun@latest`
+- `bun@1.2.2`, `bun@1.2`
+- `bun@nightly`
+- `bun@canary`
+- `bun@1.1.34`, `bun@1.1(Ubuntu only)`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Deno</td>
+     <td className="w-fit">`ubuntu`</td>
+     <td colspan="2" className="w-fit">
+- `deno@2.0.0`, `deno@2`, `deno@latest`
+- `deno@1.45.5`, `deno@1`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">.NET</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `dotnet@10`, `dotnet@latest`
+- `dotnet@9`
+- `dotnet@8`
+- `dotnet@7`
+- `dotnet@6`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Elixir</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `elixir@1.16`, `elixir@1`, `elixir@latest`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Gleam</td>
+     <td className="w-fit">`ubuntu`</td>
+     <td colspan="2" className="w-fit">
+- `gleam@1.5`, `gleam@1`, `gleam@latest`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Go</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `go@1.22`, `go@1`, `golang@1`, `go@latest`, `golang@latest`
+</td>
+    </tr>
+    <tr>
+     <td className="w-fit">Java</td>
+     <td className="w-fit">`ubuntu` / `alpine`</td>
+     <td colspan="2" className="w-fit">
+- `java@21`, `java@latest`
+- `java@17`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Node.js</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td colspan="2" className="w-fit">
+- `nodejs@24`, `nodejs@latest`
+- `nodejs@22`
+- `nodejs@20`
+- `nodejs@18`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Python</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td colspan="2" className="w-fit">
+- `python@3.14 (Ubuntu only)`, `python@latest`
+- `python@3.12`
+- `python@3.11`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Rust</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td colspan="2" className="w-fit">
+- `rust@1`, `rust@latest`, `rust@stable`
+- `rust@1.86`
+- `rust@1.80`
+- `rust@1.78`
+- `rust@nightly`
+</td>
+    </tr>
+      <tr>
+        <th className="w-fit">&nbsp;</th>
+        <th className="w-fit">&nbsp;</th>
+        <th className="w-full">Build</th>
+        <th className="w-full">Runtime</th>
+      </tr>
+    <tr>
+      <td className="w-fit">PHP + Apache</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td className="w-fit">
+- `php@8.5`, `php@latest`
+- `php@8.4`
+- `php@8.3`
+- `php@8.1`
+</td>
+      <td className="w-fit">
+- `php-apache@8.5`, `php-apache@latest`
+- `php-apache@8.4`
+- `php-apache@8.3`
+- `php-apache@8.1`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">PHP + nginx</td>
+      <td className="w-fit">`ubuntu` / `alpine`</td>
+      <td className="w-fit">
+- `php@8.5`, `php@latest`
+- `php@8.4`
+- `php@8.3`
+- `php@8.1`
+</td>
+      <td className="w-fit">
+- `php-nginx@8.5`, `php-nginx@latest`
+- `php-nginx@8.4`
+- `php-nginx@8.3`
+- `php-nginx@8.1`
+</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Static services
-  
-      Service Type
-      Supported OS
-      Versions
-    
-    Build
-    Runtime
-  
-      nginx
-      `ubuntu`/`alpine`
-      -
-      
-      static
-      `ubuntu`/`alpine`
-      -
-      
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th rowspan="2" className="">Service Type</th>
+      <th rowspan="2" className="">Supported OS</th>
+      <th colspan="2" className="w-full">Versions</th>
+    </tr>
+  <tr>
+    <th className="w-full">Build</th>
+    <th className="w-full">Runtime</th>
+  </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">nginx</td>
+      <td className="w-fit">`ubuntu`/`alpine`</td>
+      <td className="w-fit">-</td>
+      <td className="w-fit">
+- `nginx@1.22`, `nginx@latest`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">static</td>
+      <td className="w-fit">`ubuntu`/`alpine`</td>
+      <td className="w-fit">-</td>
+      <td className="w-fit">
+- `static`, `static@1.0`, `static@latest`
+</td>
+    </tr>
+  </tbody>
+</table>
+
 ## Containers and virtual machines
-  
-      Service Type
-      Supported OS
-      Versions
-    
-    Build
-    Runtime
-  
-      Alpine
-      `alpine`
-      
-      Ubuntu
-      `ubuntu`
-      
-      Docker
-      `ubuntu`
-      -
-      
+
+<table className="w-full my-1.5 whitespace-nowrap">
+  <thead>
+    <tr>
+      <th rowspan="2" className="">Service Type</th>
+      <th rowspan="2" className="">Supported OS</th>
+      <th colspan="2" className="w-full">Versions</th>
+    </tr>
+  <tr>
+    <th className="w-full">Build</th>
+    <th className="w-full">Runtime</th>
+  </tr>
+  </thead>
+  <tbody>
+    <tr>
+      <td className="w-fit">Docker</td>
+      <td className="w-fit">`alpine`</td>
+      <td className="w-fit">-</td>
+      <td className="w-fit">
+- `docker@26.1`, `docker@latest`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Alpine</td>
+      <td className="w-fit">`alpine`</td>
+      <td colspan="2" className="w-fit">
+- `alpine@3.23`, `alpine@latest`
+- `alpine@3.22`
+- `alpine@3.21`
+- `alpine@3.20`
+- `alpine@3.19`
+- `alpine@3.18`
+- `alpine@3.17`
+</td>
+    </tr>
+    <tr>
+      <td className="w-fit">Ubuntu</td>
+      <td className="w-fit">`ubuntu`</td>
+      <td colspan="2" className="w-fit">
+- `ubuntu@24.04`
+- `ubuntu@22.04`, `ubuntu@latest`
+</td>
+    </tr>
+  </tbody>
+</table>
 
 ----------------------------------------
 
 # Zerops Yaml > Cron
 
+
 Cron jobs are scheduled commands that execute automatically inside a service's containers based on defined timing rules.
+
 In Zerops, these jobs are configured in the `run` section of `zerops.yaml` file under the `crontab` key.
+
 ## Parameters
+
 ### command
 *string, REQUIRED*
+
 The shell command to execute at the scheduled time. This can be any valid command.
+
 ### timing
 *string, REQUIRED*
+
 The schedule for when the task should run, specified in standard cron format using five space-separated fields:
   - Minute (0–59)
   - Hour (0–23)
   - Day of the month (1–31)
   - Month (1–12)
   - Day of the week (0–7; both 0 and 7 represent Sunday)
+
 #### Examples
   - `"0 5 * * *"` – Runs daily at 5:00 AM.
   - `"*/10 * * * *"` – Runs every 10 minutes.
+
 ### allContainers
 *boolean, REQUIRED*
+
 **Options:**
 - `true` – Command runs on all containers.
 - `false` – Command runs on only one container.
+
 ### workingDir
 *string, REQUIRED*
+
 Specifies the directory where the command will be executed. If not set, it defaults to `/var/www`.
+
 ## Example Configurations
 Here’s a basic example of how to set up a cron job in your service's `zerops.yaml`:
+
 ```yaml
-run: 
+run:
   crontab:
     - command: "date >> /var/log/cron.log"
       timing: "0 * * * *"
 ```
 This configuration logs the current date to `/var/log/cron.log` every hour.
+
 ### Running on Multiple Containers
 By default, cron jobs run on a single container, even if multiple containers exist for the service. To execute a command across all containers, you can use the `allContainers` parameter:
+
 ```yaml
-run: 
+run:
   crontab:
     - command: "rm -rf /tmp/*"
       timing: "0 0 * * *"
       allContainers: true
 ```
 This example removes temporary files from all containers every day at midnight.
+
 ### Custom Working Directory
 You can also specify a custom working directory for your commands using the `workingDir` parameter:
+
 ```yaml
-run: 
+run:
   crontab:
     - command: "php artisan schedule:run"
       timing: "* * * * *"
       workingDir: /var/www/html
 ```
 In this case, the command runs every minute in the `/var/www/html` directory.
+
 ### Multiple Cronjobs
 It is possible to define multiple cron jobs as a YAML object list under the `crontab` key.
+
 ```yaml
 run:
   crontab:
@@ -22674,10 +34519,12 @@ run:
       ...
 ```
 
+
 ----------------------------------------
 
 # Zerops Yaml > Specification
 
+
 export const languages = [
     { name: "Node.js", link: "/nodejs/how-to/build-pipeline" },
     { name: "PHP", link: "/php/how-to/build-pipeline" },
@@ -22692,13 +34539,18 @@ export const languages = [
     { name: "Gleam", link: "/gleam/how-to/build-pipeline" },
     { name: "Nginx", link: "/nginx/how-to/build-pipeline" }
 ]
+
 The `zerops.yaml` file is crucial for defining how Zerops should [build and deploy](/features/pipeline) your application.
 Add the `zerops.yaml` file to the **root of your repository** and customize it to suit your application's needs.
+
 :::note Parameter Availability
 Not all parameters are available for every service type. Most parameters work across different runtime services, but some are specific to certain service types (e.g., documentRoot for webserver services, routing for Static services). This documentation covers zerops.yaml configuration for runtime services.
 :::
+
 ---
+
 ## Basic Structure
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
@@ -22709,7 +34561,9 @@ zerops:
     # required
     run: ...
 ```
+
 Multiple services can be defined in a single `zerops.yaml` (useful for monorepos):
+
 ```yaml
 zerops:
   - setup: app
@@ -22719,6 +34573,7 @@ zerops:
     deploy: ...
     # required
     run: ...
+
   - setup: api
     # optional
     build: ...
@@ -22727,15 +34582,23 @@ zerops:
     # required
     run: ...
 ```
+
 Each service configuration requires a `run` section. Optional `build` and `deploy` sections can be added to further customize your process.
+
 ## Service Configuration
-### setup 
+
+### setup *[Required]*
+
 Contains the hostname of your service (must exist in Zerops).
+
 ```yaml
 setup: app
 ```
-### extends 
+
+### extends *[Optional]*
+
 The `extends` key allows you to inherit configuration from another service defined in the same `zerops.yaml` file. This is useful for creating environment-specific configurations while maintaining a common base.
+
 ```yaml
 zerops:
   - setup: base
@@ -22745,33 +34608,43 @@ zerops:
       deployFiles: ./dist
     run:
       start: npm start
+
   - setup: prod
     extends: base
     run:
       envVariables:
         NODE_ENV: production
+
   - setup: dev
     extends: base
     run:
       envVariables:
         NODE_ENV: development
 ```
+
 When using `extends`:
 - The `extends` value must refer to another service's `setup` value in the same file
 - The child service inherits all configuration from the base service
 - Configuration is merged at the section level (`build`, `run`, `deploy`)
 - You can override specific sections by redefining them
+
 :::tip
 Create a base service with common configuration and extend it for environment-specific services to keep your `zerops.yaml` file DRY (Don't Repeat Yourself).
 :::
-## Build Configuration 
-### base 
+
+## Build Configuration *[Optional]*
+
+### base *[Required]*
+
 Sets the base technology for the build environment. [See available options](/zerops-yaml/base-list).
+
 ```yaml
 build:
   base: nodejs@latest
 ```
+
 You can specify multiple technologies:
+
 ```yaml
 build:
   base:
@@ -22779,48 +34652,67 @@ build:
   prepareCommands:
     - zsc add python@3.9
 ```
-### os 
+
+### os *[Optional]*
+
 Sets the operating system for the build environment. Options:
+
 - `alpine` (default)
 - `ubuntu` (default for ubuntu service)
+
 Current versions:
+
 - {data.alpine.default}
 - {data.ubuntu.default}
+
 ```yaml
 build:
   os: ubuntu
 ```
-### prepareCommands 
+
+### prepareCommands *[Optional]*
+
 Customizes the build environment by installing additional dependencies or tools.
+
 ```yaml
 build:
   prepareCommands:
     - sudo apt-get update
     - sudo apt-get install -y some-package
 ```
+
 :::note
 `build.prepareCommands` run in the `/home/zerops` directory.
 :::
-### buildCommands 
+
+### buildCommands *[Optional]*
+
 Defines the commands to build your application.
+
 ```yaml
 build:
   buildCommands:
     - npm install
     - npm run build
 ```
+
 :::note
 `build.buildCommands` run in the `/build/source` directory.
 :::
+
 #### Running commands in a single shell instance:
+
 ```yaml
 buildCommands:
   - |
     npm install
     npm run build
 ```
-### deployFiles 
+
+### deployFiles *[Required]*
+
 Specifies which files or folders to deploy after a successful build.
+
 ```yaml
 build:
   deployFiles:
@@ -22828,27 +34720,40 @@ build:
     - package.json
     - node_modules
 ```
+
 The files/folders will be placed into `/var/www` folder in runtime, e.g. `./src/assets/fonts` would result in `/var/www/src/assets/fonts`.
+
 #### Using wildcards:
+
 Zerops supports the `~` character as a wildcard for one or more folders in the path.
+
 Deploys all `file.txt` files that are located in any path that begins with `/path/` and ends with `/to/`.
+
 ```yaml
 deployFiles: ./path/~/to/file.txt
 ```
+
 By default, `./src/assets/fonts` deploys to `/var/www/src/assets/fonts`, keeping the full path. Adding `~`, like `./src/assets/~fonts`, shortens it to `/var/www/fonts`
+
 #### .deployignore
-Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as `.gitignore`.
+
+Add a `.deployignore` file to the root of your project to specify which files and folders Zerops should ignore during deploy. The syntax follows the same pattern format as [`.gitignore`](https://git-scm.com/docs/gitignore#_pattern_format).
+
 To ignore a specific file or directory path, start the pattern with a forward slash (`/`). Without the leading slash, the pattern will match files with that name in any directory.
+
 :::tip
 For consistency, it's recommended to configure both your `.gitignore` and `.deployignore` files with the same patterns.
 :::
+
 Examples:
+
 ```yaml title="zerops.yaml"
 zerops:
   - setup: app
     build:
       deployFiles: ./
 ```
+
 ```text title=".deployignore"
 /src/file.txt
 ```
@@ -22860,20 +34765,30 @@ This example above ignores `file.txt` in ANY directory named `src`, such as:
 - `/src/file.txt`
 - `/folder2/folder3/src/file.txt`
 - `/src/src/file.txt`
+
 :::note
-`.deployignore` file also works with `zcli service deploy` command.
+`.deployignore` file also works with [`zcli service deploy`](/references/zcli/commands#deploy) command.
 :::
-### cache 
+
+### cache *[Optional]*
+
 Defines which files or folders to cache for subsequent builds.
+
 ```yaml
 build:
   cache: node_modules
 ```
+
 For more information, see our detailed [guide on build cache](/features/build-cache), complete with extensive examples.
-### addToRunPrepare 
+
+### addToRunPrepare *[Optional]*
+
 Defines files or folders to be copied from the build container to the prepare runtime container.
-### envVariables 
+
+### envVariables *[Optional]*
+
 Sets environment variables for the build environment.
+
 ```yaml
 build:
   envVariables:
@@ -22882,22 +34797,33 @@ build:
     DB_USER: db
     DB_PASS: ${db_password}
 ```
+
 :::info
 The `yamlPreprocessor` option in your project & service import YAML allows you to generate random secret values, passwords, and public/private key pairs. For more information, see the [yamlPreprocessor](/references/import-yaml/pre-processor) page.
 :::
-## Deploy Configuration 
-### temporaryShutdown 
+
+## Deploy Configuration *[Optional]*
+
+### temporaryShutdown *[Optional]*
+
 Controls the container replacement order during deployment.
+
 ```yaml
 deploy:
   temporaryShutdown: true
 ```
+
 - Type: `boolean`
 - Default: `false`
+
 **When `false` (default):** New containers are started before old containers are removed, ensuring zero-downtime deployment.
+
 **When `true`:** Old containers are removed before new containers are started, causing temporary downtime but using fewer resources during deployment.
-### readinessCheck 
+
+### readinessCheck *[Optional]*
+
 Defines a readiness check for your application. Requires either `httpGet` object or `exec` object.
+
 ```yaml
 deploy:
   readinessCheck:
@@ -22907,32 +34833,48 @@ deploy:
       path: /status
       host: my-host.zerops
       scheme: https
+
     # Common parameters
     failureTimeout: 60
     retryPeriod: 10
 ```
+
 Readiness checks work similarly to [health checks](#healthcheck-) but are specifically for deployment. They verify if a new deployment is ready to receive traffic.
+
 Available parameters:
+
 #### httpGet and exec
 The `httpGet` and `exec` options work the same way as in [health checks](#healthcheck-). See that section for detailed parameter descriptions.
-#### Common parameters 
+
+#### Common parameters *[Optional]*
 The following parameters can be used with either `httpGet` or `exec` readiness checks:
+
 - **failureTimeout** - Time in seconds until container is marked as failed.
 - **retryPeriod** - Time interval in seconds between readiness check attempts (equivalent to `execPeriod` in health checks).
+
 :::tip
 Unlike health checks which run continuously, readiness checks only run during deployments to determine when your application is ready to accept traffic.
 :::
-## Runtime Configuration 
-### base 
+
+## Runtime Configuration *[Required]*
+
+### base *[Optional]*
+
 Sets the base technology for the runtime environment. If not specified, the current version is maintained.
+
 ```yaml
 run:
   base: nodejs@latest
 ```
-### os 
+
+### os *[Optional]*
+
 Sets the operating system for the runtime environment. Options and versions are the same as for the build environment.
-### ports 
+
+### ports *[Optional]*
+
 Specifies the internal ports on which your application will listen.
+
 ```yaml
 run:
   ports:
@@ -22942,42 +34884,60 @@ run:
     - port: 8081
       ...
 ```
+
 Available parameters:
-#### port 
+
+#### port *[Required]*
 Defines the port number on which your application listens. Must be between *10* and *65435*, as ports outside this range are reserved for internal Zerops systems.
-#### protocol 
+
+#### protocol *[Optional]*
 Specifies the network protocol to use:
 - Allowed values: `TCP` *(default)* or `UDP`
-#### httpSupport 
+
+#### httpSupport *[Optional]*
 Indicates whether the port is running a web server:
 - Default value: `false`
 - Set to `true` if a web server is running on the port
 - Only available with TCP protocol
 - Used by Zerops for [public access](/features/access) configuration
-### prepareCommands 
+
+### prepareCommands *[Optional]*
+
 Customizes the runtime environment by installing additional dependencies or tools.
+
 :::note
 `run.prepareCommands` run in the `/home/zerops` directory.
 :::
-### initCommands 
+
+### initCommands *[Optional]*
+
 Defines commands to run each time a new runtime container starts or restarts.
+
 ```yaml
 run:
   initCommands:
     - rm -rf ./cache
 ```
+
 :::note
 `run.initCommands` run in the `/var/www` directory.
 :::
-### start 
+
+### start *[Required for some runtimes]*
+
 Defines the start command for your application.
+
 ```yaml
 run:
   start: npm start
 ```
-### startCommands 
+
+### startCommands *[Optional]*
+
 Defines start commands.
+
 Unlike `start`, you can define multiple commands that starts their own processes.
+
 ```yaml
 run:
   startCommands:
@@ -22991,13 +34951,21 @@ run:
       initCommands:
         - litestream restore -if-replica-exists -if-db-not-exists -config=litestream.yaml $DB_NAME
 ```
+
 See [start-commands-example](https://github.com/zeropsio/start-commands-example)
-### documentRoot 
+
+### documentRoot *[Optional]*
+
 Customizes the root folder for publicly accessible web server content (available only for webserver runtimes).
-### siteConfigPath 
+
+### siteConfigPath *[Optional]*
+
 Sets the custom webserver configuration (available only for webserver runtimes).
-### envVariables 
+
+### envVariables *[Optional]*
+
 Defines environment variables for the runtime environment.
+
 ```yaml
     run:
       base: nodejs@20
@@ -23007,8 +34975,11 @@ Defines environment variables for the runtime environment.
         DB_USER: db
         DB_PASS: ${db_password}
 ```
-### envReplace 
+
+### envReplace *[Optional]*
+
 Automatically replaces environment variable placeholders in your static files with their actual values during deployment.
+
 ```yaml
 run:
   envReplace:
@@ -23018,23 +34989,30 @@ run:
       - config/jwt/private.pem
       - ./config/
 ```
+
 Available parameters:
-#### delimiter 
+
+#### delimiter *[Required]*
 Characters that wrap your variable names in placeholders (e.g., `%%` means placeholders look like `%%VARIABLE%%`).
 - Type: `string` or `array of strings`
 - Supports multiple delimiters simultaneously
-#### target 
+
+#### target *[Required]*
 Files or directories to process for variable replacement.
 - Type: `string` or `array of strings`
 - Can be specific files or directories
+
 :::warning
 Directory targets only process files directly in the specified directory, not subdirectories for performance reasons. To process files in subdirectories, specify each subdirectory explicitly in the target array. For example, ./config/ processes only files in the config directory itself, not files in ./config/jwt/ or other subdirectories.
 :::
+
 **How it works:**
 1. Define placeholders in your files using the specified delimiters
 2. Set environment variables with matching names
 3. During deployment, Zerops finds and replaces placeholders with actual values
+
 **Example usage:**
+
 ```yaml
 run:
   envReplace:
@@ -23044,20 +35022,26 @@ run:
       - ./templates/
       - ./              # Only processes files in root, not subdirectories
 ```
+
 File content before replacement:
 ```
 # config/jwt/public.pem
 %%JWT_PUBLIC_KEY_CONTENT%%
 ```
+
 Environment variable:
 ```
 JWT_PUBLIC_KEY_CONTENT=-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA...
 -----END PUBLIC KEY-----
 ```
+
 The placeholder gets replaced with the actual JWT public key during deployment.
-### routing 
+
+### routing *[Optional]*
+
 Configures URL routing, redirects, and HTTP headers (only for Static services).
+
 ```yaml
 run:
   routing:
@@ -23072,31 +35056,38 @@ run:
         values:
           X-Frame-Options: "'DENY'"
 ```
+
 Available parameters:
-#### root 
+
+#### root *[Optional]*
 Sets a custom root directory for the service.
 - Type: `string`
-#### cors 
+
+#### cors *[Optional]*
 Enables CORS headers for cross-origin requests.
 - Type: `string`
 - Sets `Access-Control-Allow-Origin`, `Access-Control-Allow-Methods`, `Access-Control-Allow-Headers`, and `Access-Control-Expose-Headers`
 - Special case: `"*"` is automatically converted to `'*'`
-#### redirects 
+
+#### redirects *[Optional]*
 Defines URL redirects and rewrites.
 - Type: `array of objects`
 - Each redirect object supports:
-  - **from**  - Source path to match ([supports wildcards](/static/overview#wildcard-matching) with `*`)
-  - **to**  - Destination path
-  - **status**  - HTTP status code (required for absolute URLs)
-  - **preservePath**  - Preserve path after wildcard match
-  - **preserveQuery**  - Preserve query parameters
-#### headers 
+  - **from** *[Required]* - Source path to match ([supports wildcards](/static/overview#wildcard-matching) with `*`)
+  - **to** *[Required]* - Destination path
+  - **status** *[Optional]* - HTTP status code (required for absolute URLs)
+  - **preservePath** *[Optional]* - Preserve path after wildcard match
+  - **preserveQuery** *[Optional]* - Preserve query parameters
+
+#### headers *[Optional]*
 Sets custom HTTP headers for specific paths.
 - Type: `array of objects`
 - Each header object supports:
-  - **for**  - Path pattern to match
-  - **values**  - Object with header name/value pairs
+  - **for** *[Required]* - Path pattern to match
+  - **values** *[Required]* - Object with header name/value pairs
+
 **Example usage:**
+
 ```yaml
 run:
   routing:
@@ -23117,8 +35108,11 @@ run:
           X-Frame-Options: "'DENY'"
           Content-Security-Policy: '"default-src ''self''"'
 ```
-### healthCheck 
+
+### healthCheck *[Optional]*
+
 Defines a health check for your application.
+
 ```yaml
 run:
   healthCheck:
@@ -23133,33 +35127,44 @@ run:
       command: |
         curl -s http://localhost:8080/status > /tmp/status
         grep -q "OK" /tmp/status
+
     # Common parameters
     failureTimeout: 60
     disconnectTimeout: 30
     recoveryTimeout: 30
     execPeriod: 10
 ```
+
 Available parameters:
-#### httpGet 
+
+#### httpGet *[Optional]*
 Configures the health check to request a local URL using a HTTP GET method.
-- **port**  - Defines the port of the HTTP GET request.
-- **path**  - Defines the URL path of the HTTP GET request.
-- **host**  - The health check is triggered from inside of your runtime container so it uses the localhost (127.0.0.1). If you need to add a host to the request header, specify it in the host attribute.
-- **scheme**  - The health check is triggered from inside of your runtime container so no https is required. If your application requires a https request, set scheme: `https`.
-#### exec 
+
+- **port** *[Required]* - Defines the port of the HTTP GET request.
+- **path** *[Required]* - Defines the URL path of the HTTP GET request.
+- **host** *[Optional]* - The health check is triggered from inside of your runtime container so it uses the localhost (127.0.0.1). If you need to add a host to the request header, specify it in the host attribute.
+- **scheme** *[Optional]* - The health check is triggered from inside of your runtime container so no https is required. If your application requires a https request, set scheme: `https`.
+
+#### exec *[Optional]*
 Configures the health check to run a local command.
-- **command**  - Defines a local command to be run. The command has access to the same environment variables. A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example above.
-#### Common parameters 
+
+- **command** *[Required]* - Defines a local command to be run. The command has access to the same environment variables. A single string is required. If you need to run multiple commands create a shell script or, use a multiline format as in the example above.
+
+#### Common parameters *[Optional]*
 The following parameters can be used with either `httpGet` or `exec` health checks:
 - **failureTimeout** - Time in seconds until container fails after consecutive health check failures (reset by success).
 - **disconnectTimeout** - Time in seconds until container is disconnected and becomes publicly unavailable.
 - **recoveryTimeout** - Time in seconds until container is connected and becomes publicly available.
 - **execPeriod** - Time interval in seconds between health check attempts.
+
 :::tip
 Health checks continuously monitor your running application, while readiness checks verify if a new deployment is ready to receive traffic. For readiness checks, see the [readinessCheck section](#readinesscheck-).
 :::
-### crontab 
+
+### crontab *[Optional]*
+
 Defines scheduled commands to run as cron jobs within a service.
+
 ```yaml
 run:
   crontab:
@@ -23167,10 +35172,13 @@ run:
       timing: "0 * * * *"
       allContainers: false
 ```
+
 Setup cron jobs. See [examples](/zerops-yaml/cron).
+
 :::note
 For more detailed information on specific configurations, refer to the runtime-specific guides linked at the beginning of this document.
 :::
+
 *Need help? Join our [Discord community](https://discord.gg/zeropsio).*
 
 ----------------------------------------
diff --git a/apps/docs/static/llms.txt b/apps/docs/static/llms.txt
index 92ef39a3b..c1d8591b5 100644
--- a/apps/docs/static/llms.txt
+++ b/apps/docs/static/llms.txt
@@ -90,10 +90,12 @@
 - [Features > Backup](https://docs.zerops.io/features/backup.md)
 - [Features > Build Cache](https://docs.zerops.io/features/build-cache.md)
 - [Features > Cdn](https://docs.zerops.io/features/cdn.md)
+- [Features > Coding Agents](https://docs.zerops.io/features/coding-agents.md)
 - [Features > Container Vs Vm](https://docs.zerops.io/features/container-vs-vm.md)
 - [Features > Debug Mode](https://docs.zerops.io/features/debug-mode.md)
 - [Features > Env Variables](https://docs.zerops.io/features/env-variables.md)
 - [Features > Infrastructure](https://docs.zerops.io/features/infrastructure.md)
+- [Features > Local Remote Development](https://docs.zerops.io/features/local-remote-development.md)
 - [Features > Pipeline](https://docs.zerops.io/features/pipeline.md)
 - [Features > Rbac](https://docs.zerops.io/features/rbac.md)
 - [Features > Scaling](https://docs.zerops.io/features/scaling.md)
@@ -138,7 +140,6 @@
 - [Guides > Deployment Lifecycle](https://docs.zerops.io/guides/deployment-lifecycle.md)
 - [Guides > Environment Variables](https://docs.zerops.io/guides/environment-variables.md)
 - [Guides > Firewall](https://docs.zerops.io/guides/firewall.md)
-- [Guides > Local Development](https://docs.zerops.io/guides/local-development.md)
 - [Guides > Logging](https://docs.zerops.io/guides/logging.md)
 - [Guides > Metrics](https://docs.zerops.io/guides/metrics.md)
 - [Guides > Networking](https://docs.zerops.io/guides/networking.md)
@@ -148,6 +149,7 @@
 - [Guides > Public Access](https://docs.zerops.io/guides/public-access.md)
 - [Guides > Scaling](https://docs.zerops.io/guides/scaling.md)
 - [Guides > Smtp](https://docs.zerops.io/guides/smtp.md)
+- [Guides > Verify Web Agent Protocol](https://docs.zerops.io/guides/verify-web-agent-protocol.md)
 - [Guides > Vpn](https://docs.zerops.io/guides/vpn.md)
 - [Guides > Zerops Yaml Advanced](https://docs.zerops.io/guides/zerops-yaml-advanced.md)
 - [Help > Contacts](https://docs.zerops.io/help/contacts.md)
@@ -321,6 +323,23 @@
 - [Ubuntu > How To > Upgrade](https://docs.zerops.io/ubuntu/how-to/upgrade.md)
 - [Ubuntu > Overview](https://docs.zerops.io/ubuntu/overview.md)
 - [Valkey > Overview](https://docs.zerops.io/valkey/overview.md)
+- [Zcp > Concept > How It Works](https://docs.zerops.io/zcp/concept/how-it-works.md)
+- [Zcp > Glossary](https://docs.zerops.io/zcp/glossary.md)
+- [Zcp > Overview](https://docs.zerops.io/zcp/overview.md)
+- [Zcp > Quickstart](https://docs.zerops.io/zcp/quickstart.md)
+- [Zcp > Reference > Agent Workflow](https://docs.zerops.io/zcp/reference/agent-workflow.md)
+- [Zcp > Reference > Index](https://docs.zerops.io/zcp/reference/index.md)
+- [Zcp > Reference > Mcp Operations](https://docs.zerops.io/zcp/reference/mcp-operations.md)
+- [Zcp > Reference > Troubleshooting](https://docs.zerops.io/zcp/reference/troubleshooting.md)
+- [Zcp > Security > Production Policy](https://docs.zerops.io/zcp/security/production-policy.md)
+- [Zcp > Security > Tokens And Project Access](https://docs.zerops.io/zcp/security/tokens-and-project-access.md)
+- [Zcp > Security > Trust Model](https://docs.zerops.io/zcp/security/trust-model.md)
+- [Zcp > Setup > Choose Workspace](https://docs.zerops.io/zcp/setup/choose-workspace.md)
+- [Zcp > Setup > Hosted Workspace](https://docs.zerops.io/zcp/setup/hosted-workspace.md)
+- [Zcp > Setup > Local Agent Bridge](https://docs.zerops.io/zcp/setup/local-agent-bridge.md)
+- [Zcp > Workflows > Build With Zcp](https://docs.zerops.io/zcp/workflows/build-with-zcp.md)
+- [Zcp > Workflows > Package Running Service](https://docs.zerops.io/zcp/workflows/package-running-service.md)
+- [Zcp > Workflows > Promote To Production](https://docs.zerops.io/zcp/workflows/promote-to-production.md)
 - [Zerops Yaml > Base List](https://docs.zerops.io/zerops-yaml/base-list.md)
 - [Zerops Yaml > Cron](https://docs.zerops.io/zerops-yaml/cron.md)
 - [Zerops Yaml > Specification](https://docs.zerops.io/zerops-yaml/specification.md)
\ No newline at end of file
diff --git a/packages/docs-ui/src/components/Note/Layout/index.tsx b/packages/docs-ui/src/components/Note/Layout/index.tsx
index c087f237a..e4b1417c5 100644
--- a/packages/docs-ui/src/components/Note/Layout/index.tsx
+++ b/packages/docs-ui/src/components/Note/Layout/index.tsx
@@ -18,6 +18,7 @@ export const NoteLayout = ({
     type === 'error' ||
     type === 'check';
   const isWarningStyle = type === 'warning';
+  const isTipStyle = type === 'tip';
 
   return (
     <div
@@ -26,6 +27,7 @@ export const NoteLayout = ({
         isDefaultStyle &&
           'bg-medusa-tag-neutral-bg border-medusa-tag-neutral-border',
         isWarningStyle && 'bg-medusa-tag-red-bg border-medusa-tag-red-border',
+        isTipStyle && 'bg-medusa-tag-blue-bg border-medusa-tag-blue-border',
         '[&_a]:no-underline [&_a]:text-medusa-fg-interactive hover:[&_a]:text-medusa-fg-interactive-hover ',
         'mb-docs_2 alert'
       )}
@@ -36,6 +38,7 @@ export const NoteLayout = ({
           className={clsx(
             isDefaultStyle && 'text-medusa-tag-neutral-text',
             isWarningStyle && 'text-medusa-tag-red-text',
+            isTipStyle && 'text-medusa-tag-blue-text',
             'text-medium flex-1 [&>*:last-child]:mb-0',
             '[&>p>code]:px-docs_0.5 [&>p>code]:text-code-label'
           )}
@@ -45,7 +48,8 @@ export const NoteLayout = ({
               className={clsx(
                 'text-compact-medium-plus block mb-docs_0.125',
                 isDefaultStyle && 'text-medusa-fg-base',
-                isWarningStyle && 'text-medusa-tag-red-text'
+                isWarningStyle && 'text-medusa-tag-red-text',
+                isTipStyle && 'text-medusa-tag-blue-text'
               )}
             >
               {title}
diff --git a/packages/docs-ui/src/components/Note/Types/tip.tsx b/packages/docs-ui/src/components/Note/Types/tip.tsx
new file mode 100644
index 000000000..42d341a51
--- /dev/null
+++ b/packages/docs-ui/src/components/Note/Types/tip.tsx
@@ -0,0 +1,23 @@
+import React from 'react';
+import { NoteProps } from '..';
+import { NoteLayout } from '../Layout';
+import { InformationCircleSolid } from '@medusajs/icons';
+import clsx from 'clsx';
+
+export const TipNote = ({ title = 'Tip', icon, ...props }: NoteProps) => {
+  return (
+    <NoteLayout
+      title={title}
+      icon={
+        icon || (
+          <InformationCircleSolid
+            className={clsx(
+              'inline-block mr-docs_0.125 text-medusa-tag-blue-icon'
+            )}
+          />
+        )
+      }
+      {...props}
+    />
+  );
+};
diff --git a/packages/docs-ui/src/components/Note/index.tsx b/packages/docs-ui/src/components/Note/index.tsx
index 347ebaa48..a032ec0c2 100644
--- a/packages/docs-ui/src/components/Note/index.tsx
+++ b/packages/docs-ui/src/components/Note/index.tsx
@@ -4,9 +4,10 @@ import { DefaultNote } from './Types/default';
 import { SuccessNote } from './Types/sucess';
 import { ErrorNote } from './Types/error';
 import { CheckNote } from './Types/checks';
+import { TipNote } from './Types/tip';
 
 export type NoteProps = {
-  type?: 'default' | 'warning' | 'success' | 'error' | 'check';
+  type?: 'default' | 'warning' | 'success' | 'error' | 'check' | 'tip';
   title?: string;
   children?: React.ReactNode;
   icon?: React.ReactNode;
@@ -22,6 +23,8 @@ export const Note = ({ type = 'default', ...props }: NoteProps) => {
       return <ErrorNote type={type} {...props} />;
     case 'check':
       return <CheckNote type={type} {...props} />;
+    case 'tip':
+      return <TipNote type={type} {...props} />;
     default:
       return <DefaultNote type={type} {...props} />;
   }
diff --git a/zcp-audit.md b/zcp-audit.md
new file mode 100644
index 000000000..dba319d4a
--- /dev/null
+++ b/zcp-audit.md
@@ -0,0 +1,195 @@
+# ZCP MCP reference audit (v2)
+
+Audit of `apps/docs/content/zcp/` (Zerops Control Plane MCP reference) for **consolidation**, **hierarchy / texture**, and **vocabulary fit to Zerops voice**. Entry point is `apps/docs/content/features/coding-agents.mdx`. Tone reference is the Zerops 3.0 article (https://zerops.io/articles/might-as-well-call-it-zerops-3-0-huge-updates-and-what-s-next).
+
+Date: 2026-05-13. Revised after independent review by Codex and a fresh-eyes Opus reader. Their corrections are folded into the findings below.
+
+---
+
+## 1. Tree as it stands today
+
+```
+Zerops Control Plane MCP                                    ← sidebar group headline
+│
+├─ Overview                       95 ln   landing from /features/coding-agents
+├─ Quickstart                    126 ln   AI Agent recipe → Claude Code → proof
+├─ How it works                  190 ln   the loop, conceptual + mermaid
+│
+├─ Remote or local setup/                                   ← category page = choose-workspace
+│  ├─ choose-workspace            73 ln   decision matrix (parent)
+│  ├─ hosted-workspace           121 ln   what remote gives you
+│  └─ local-agent-bridge         175 ln   8-step local install
+│
+├─ Build and ship/                                          ← category page = build-with-zcp
+│  ├─ build-with-zcp             138 ln   parent + §1-§5 (§4/§5 are legitimate summaries, see §6)
+│  ├─ package-running-service     81 ln   handoff/reuse bundle
+│  └─ promote-to-production      131 ln   dev → prod handoff
+│
+├─ Security/                                                ← category page = trust-model
+│  ├─ trust-model                119 ln   boundary + blast radius (5 tables)
+│  ├─ tokens-and-project-access  162 ln   ZCP_API_KEY canonical (6 tables)
+│  └─ production-policy           93 ln   prod-stays-separate (3 tables)
+│
+└─ Reference/                                               ← category page = reference/index
+   ├─ index                       13 ln   thin 4-row directory — smell, see §6
+   ├─ agent-workflow             217 ln   bootstrap+develop deep-dive (longest page, 9 tables)
+   ├─ mcp-operations             103 ln   tool names (5 tables)
+   ├─ troubleshooting             94 ln   recovery playbook (3 tables)
+   └─ glossary                   134 ln   definitions (also fed to mcp-operations as "Reference")
+```
+
+**Orphan stubs (not in sidebar, 9–10 lines each, redirect via prose):**
+- `apps/docs/content/zcp/workflows/create-or-adopt-services.mdx`
+- `apps/docs/content/zcp/workflows/delivery-handoff.mdx`
+- `apps/docs/content/zcp/workflows/build-and-verify-app.mdx`
+
+These should become Docusaurus client redirects in `docusaurus.config.ts` or be deleted. Currently soft "moved" prose — the worst of both (still indexed, no real redirect).
+
+## 2. How info actually flows from /features/coding-agents
+
+The features page hands the reader four entry-cards: **Quickstart / Overview / Remote-or-local / Build-and-ship**. It also drops inline links to `/zcp/reference/agent-workflow`, `/zcp/reference/mcp-operations`, `/zcp/security/production-policy`.
+
+Reader archetypes that hit the section:
+
+| Reader | What they want | Where they land first | Where they get stuck |
+|---|---|---|---|
+| **Team lead** (adoption decision) | 90-second read: blast radius, cost, production stance | Overview | Overview re-pitches the feature instead of giving an adoption-grade summary |
+| **First-time evaluator** | Try it fast, confirm the concept | Quickstart → Overview | Overview's first 30 seconds rehash the features-page intro almost verbatim |
+| **Operator** (returning mid-project) | Make a decision, then execute | Build and ship | Three near-identical comparison tables across choose-workspace / trust-model / mcp-operations |
+| **Recoverer** (something broke) | Get unstuck fast | Troubleshooting → Glossary | Glossary defines workflow-only terms; prose elsewhere doesn't link into it |
+| **Security reviewer** | Threat model, boundaries | Trust model | Trust model and production-policy share a boundary statement but at different abstraction levels |
+| **Custom MCP integrator** | Tool names, no workflow | MCP tools → Glossary | Glossary doubles as workflow term reference; integrator filters noise |
+
+The features page promises **"Bootstrap + Develop"** as the two phases. Overview doesn't pick that thread up — it's parked deep in `reference/agent-workflow`, which the evaluator won't reach naturally. That's the single biggest narrative break, and it's compounded by the features-page inline link (`See Workflows in depth for both`) routing readers *directly* into the most jargon-heavy reference page in the section.
+
+## 3. Content repetition — pattern, not policy
+
+The right pattern is **short local reminder at decision points + link to canonical home**, not collapse-and-redirect. Refrains are load-bearing in docs because readers land mid-section.
+
+Six concepts get retold three to six times. Most need only minor trims. Where I overstated in v1 is called out below.
+
+| Concept | Pages that touch it | Canonical home | Action |
+|---|---|---|---|
+| **"Proof or blocker" + URL/endpoint/UI/job/data list** | overview, quickstart, how-it-works, build-with-zcp, promote-to-production, agent-workflow, troubleshooting, glossary | **how-it-works** | Keep one-line refrains where they appear. Cut only the *full 5-bullet list* outside how-it-works; replace with link + 1-line echo |
+| **Production-stays-separate policy** | overview, trust-model, tokens, production-policy, build-with-zcp §5, promote-to-production | **production-policy** | Keep a one-paragraph caveat in trust-model (it's the security parent) and a one-line callout in overview. Strip the duplicate prose from the other 3 |
+| **Remote vs local comparison** | choose-workspace, how-it-works, trust-model, mcp-operations | **choose-workspace** | NOT pure duplication — each table compares different axes (decision factors / loop invariance / blast radius / tool behavior). Trim where overlap is real; keep where the axis is unique. v1 overstated this one |
+| **Confirmation gates (service deletion + destructive import override)** | agent-workflow, mcp-operations, trust-model, tokens, glossary | **tokens-and-project-access** (`#what-zcp-enforces-for-destructive-actions`) | Remove duplicate table from agent-workflow, mcp-operations, trust-model — replace with link. Glossary keeps the term definition |
+| **Runtime layouts (5 values)** | glossary, agent-workflow, choose-workspace (4), how-it-works (bullets), build-with-zcp (3 user-facing) | **glossary** = labels; **build-with-zcp** = user-facing 3 | Drop the duplicate 5-row table from agent-workflow |
+| **Failure categories (7 values)** | glossary, agent-workflow, troubleshooting | **troubleshooting** (has "read first + avoid" columns) | agent-workflow links to it; glossary keeps the term definition |
+| **Live-state inventory bullets** | overview, how-it-works, agent-workflow | **how-it-works** | Overview becomes a teaser, not a re-list |
+| **ZCP_API_KEY full explanation** | tokens (canonical), production-policy, trust-model, hosted-workspace, local-agent-bridge, choose-workspace, build-with-zcp, troubleshooting | **tokens-and-project-access** | Most pages *already* describe their local concern and link out. Only **production-policy §credential-rules** and **trust-model §credential-ownership** truly re-explain the key. Trim those two; leave the rest alone |
+
+**Build-with-zcp §4 / §5 are NOT duplication.** They're parent-page summaries (overview-to-detail architecture). [build-with-zcp.mdx:98,112](apps/docs/content/zcp/workflows/build-with-zcp.mdx#L98) link to the detail pages; [package-running-service.mdx:50,63](apps/docs/content/zcp/workflows/package-running-service.mdx#L50) carry env classification and exclusions the summary doesn't have. v1 called this two-place truth; it isn't. Keep the summaries as 3-sentence anchored deep-links — parent pages that only link out feel hollow.
+
+**Before sweep 2: quantify repetition vs unique content per page.** If `trust-model.mdx` is 60% unique threat-model content and 40% restated policy, cutting the 40% is safe. Inverse, the page collapses. Worth measuring before swinging the axe.
+
+## 4. Off-brand vocabulary vs Zerops 3.0 voice
+
+The Zerops 3.0 article voice uses: *deploy, managed services, environment parity, productized DevOps knowledge, topology, transparent by default, sensible defaults, hand off production-ready code*. It avoids: *seamless, intuitive, best practices, orchestration, promotion (noun)*.
+
+| Off-brand term | Where it appears | Why it grates | Direction |
+|---|---|---|---|
+| **"Production promotion"** (noun) | glossary, build-with-zcp §5, package-running-service, quickstart card, promote-to-production prose | Article says "hand off production-ready code." Verb page (`promote-to-production`) is fine. The noun is invented jargon | **"Production release"** as the noun. "Handoff" is already overloaded (delivery handoff, human handoff, external handoff); adding "production handoff" makes a 4th meaning. Verb pages already say "release process" |
+| **"Operating loop"** | overview, how-it-works description | Features page already uses **"the short work loop"** and **"develop loop"** — both more concrete | **"work loop"** or **"develop loop"** consistently |
+| **"Workflow-guided"** (adjective) | overview, reference/index, agent-workflow, mcp-operations | Jargon-y compound. Article doesn't need a name for "agents that follow our instructions" | Drop the adjective. Where context needs it: *"a run that follows the generated workflow"* or just *"a guided run"* |
+| **"Bounded operations"** | overview, glossary, hosted-workspace | Abstract. **"Project-scoped operations"** is also used and is more concrete | Standardise on **"project-scoped operations"** |
+| **"Opinionated"** | how-it-works ("workflow is opinionated about...") | Industry meme word the article voice avoids. Single occurrence | Replace with *"the workflow handles..."* / *"the workflow decides..."* |
+| **"Concerns" / "Done criteria" / "Done gate"** | how-it-works | Agile-speak | *"things the workflow handles"*, *"what counts as done"*, *"the proof gate"* |
+| **"Setup" overload** | Everywhere | Six meanings: Remote setup, Local setup, AI Agent setup (recipe env), Service setup (workflow phase), `setup:` block (zerops.yaml), Bootstrap setup | "Remote workspace" / "Local workspace" already exist in places — push that distinction harder. Leave "setup" for the workflow phase and the YAML key |
+| **"Blast radius"** | trust-model, choose-workspace, tokens, production-policy, features page | Used consistently. Aligns with article tone | **Keep** |
+
+**v1 got "Bootstrap" wrong — dropped.** The features page brands `Bootstrap + Develop` as a labelled pair at [coding-agents.mdx:66,120](apps/docs/content/features/coding-agents.mdx#L66). Renaming to "Service setup" breaks the symmetric pair (mismatched grammar and abstraction level). The real problem is one apologetic sentence at [agent-workflow.mdx:15](apps/docs/content/zcp/reference/agent-workflow.mdx#L15): *"Bootstrap is not a marketing or onboarding step. It is the workflow's name for..."* — that line is what reveals the term as defensive. **Delete the apology, keep the label.**
+
+**Vocabulary lives in both ZCP and features.** "Bootstrap" appears in [coding-agents.mdx:66,120](apps/docs/content/features/coding-agents.mdx#L66); any vocabulary pass has to touch the features page too, not just `/zcp/`.
+
+## 5. Hierarchy / uniformity — abstraction collision, not just texture
+
+**Every page has the same skeleton:** 1-paragraph intro → "What you're choosing / what it does" H2 → 2–6 tables → "Related" / "Next steps." Result reads flat regardless of whether you're on a security threat model or a CLI install guide.
+
+**Table counts per page (actual, recounted after Codex pushback):**
+
+| Page | Tables | Diagnosis |
+|---|---|---|
+| reference/agent-workflow | **9** | Worst offender. Trim to 2–3; turn duplicated tables (runtime layouts, failure categories, confirmation gates) into prose with anchors to canonical homes |
+| security/tokens-and-project-access | **6** | Credential map + rejected tokens + rotation justify tables; rest can be prose |
+| reference/mcp-operations | **5** | A tool reference IS table-shaped — keep, but vary widths/styles |
+| security/trust-model | **5** | Blast-radius table earns its place; rest are repeating credentials/rules |
+| concept/how-it-works | **4** + 1 mermaid | The mermaid earns its keep; tables compete with it |
+| workflows/build-with-zcp | **3** | OK |
+| reference/troubleshooting | **3** | OK — playbook genuinely needs tables |
+
+**Texture moves missing across the board:**
+- Almost no `:::tip` / `:::caution` callouts (only overview has one)
+- ASCII visual / diagrams used ONLY in how-it-works + agent-workflow (mermaid)
+- No definition lists outside glossary
+- Highlighted-span class `.ascii-graph__highlight` built for features page isn't reused
+- No inline code-snippet examples on most security/reference pages
+- **Glossary terms aren't linked from prose.** Across the section, `appdev`, `appstage`, `local-stage`, `delivery mode`, `runtime layout` appear without anchor links to glossary entries. That's the real fix for "glossary doing two jobs": let prose carry meaning, let glossary be the index
+
+**Same-shape problem:** [concept/how-it-works.mdx](apps/docs/content/zcp/concept/how-it-works.mdx) (190 lines) and [reference/agent-workflow.mdx](apps/docs/content/zcp/reference/agent-workflow.mdx) (217 lines) tell the same story at adjacent abstraction levels — same two-phase split, same mermaid logic, same vocabulary. The deeper issue isn't visual sameness; it's **level-of-abstraction collision**. Concept page should teach the *idea*; reference should catalog *exact labels*. They blur. Merging is the right instinct, but commit to a hard line-budget — a merged 350-line page that no archetype reads end-to-end is worse than the split.
+
+## 6. Structural problems
+
+1. **Three orphan stubs** still live in the content tree — they should be deleted or converted to real Docusaurus redirects. Zero-risk fix; ship before anything else.
+
+2. **`reference/index.mdx` is 13 lines.** Either richer (mini-toc with use-cases, when-to-reach-for-each, common combinations) or absent (collapse into sidebar group with no landing page). A 13-line landing for a category is a smell.
+
+3. **Reference subsection is over-stocked at the wrong abstraction.** [agent-workflow.mdx](apps/docs/content/zcp/reference/agent-workflow.mdx) (217 lines) is the longest page in the section but it's filed under Reference, where users won't look. Worse: the features page's inline link (`See Workflows in depth`) drops evaluators directly into it — broken information scent.
+
+4. **Glossary is doing two jobs**: legitimate term dictionary + canonical home for confirmation gates / failure categories / runtime layouts. Non-term entries should live on the operational pages; glossary should be a thin dictionary. Fix in tandem with linking glossary terms from prose (§5).
+
+5. **"Start here" cards repeat across three pages** with overlapping items. [overview.mdx](apps/docs/content/zcp/overview.mdx) "Start here" tables, [quickstart.mdx](apps/docs/content/zcp/quickstart.mdx) "Next steps" DocCardList, [coding-agents.mdx](apps/docs/content/features/coding-agents.mdx) "Where to start" cards — three nav surfaces showing 60% overlapping links. Navigation duplication, not content duplication, but the reader hits it three times in 5 minutes.
+
+6. **Overview's first 30 seconds are weak.** Lines 8–12 of [overview.mdx](apps/docs/content/zcp/overview.mdx#L8) restate the features-page intro almost verbatim ("Zerops provides... ZCP MCP is the project-scoped tool layer..."). Overview should *start* with the public-preview caveat + a 3-bullet "what's in this section" map, not re-pitch the feature.
+
+7. **Factual narrowing on the features page.** [coding-agents.mdx:87](apps/docs/content/features/coding-agents.mdx#L87) says the agent "opens a PR" before production. [promote-to-production.mdx:64](apps/docs/content/zcp/workflows/promote-to-production.mdx#L64) lists five equally valid paths (tag push, protected branch merge, manual CLI, PR, CI job). Features page narrows a real choice — readers form an expectation the workflow page contradicts.
+
+8. **Anchor reliability not verified.** Audit recommends linking to canonical anchors (e.g. `tokens-and-project-access#what-zcp-enforces-for-destructive-actions`). That anchor exists; not all proposed targets do. Verify before edits cite them.
+
+## 7. Proposed sweeps — revised order
+
+Original v1 ordering (vocabulary → consolidation → hierarchy) was wrong for rework cost. Vocab touches every page; if you do it first and then merge `how-it-works` ↔ `agent-workflow` later, you redo the vocab work inside the merge.
+
+Better order: **set the surface, then operate on it.**
+
+### Sweep 1 — Structural deletions (30 min, zero content risk)
+- Delete or redirect the 3 orphan stubs (Docusaurus client redirects in `docusaurus.config.ts`)
+- Decide whether `reference/index.mdx` becomes richer or disappears
+- Fix the factual narrowing in [coding-agents.mdx:87](apps/docs/content/features/coding-agents.mdx#L87) — "opens a PR" → reflect the real range of paths
+- Verify all anchor targets that downstream sweeps will cite
+
+### Sweep 2 — Hierarchy decisions (sets the surface)
+- Decide: merge `how-it-works` ↔ `agent-workflow` (target ≤200 lines combined), or sharpen the abstraction split between them?
+- Decide: keep `build-with-zcp` §4/§5 as 3-sentence anchored summaries, or remove?
+- Trim navigation duplication across overview / quickstart / coding-agents "Start here" cards — pick one canonical entry-card set per audience
+- Rewrite overview's first 30 seconds: drop the re-pitch, lead with "what's in this section"
+
+### Sweep 3 — Consolidation (on the now-smaller surface)
+- Apply the local-reminder-plus-link pattern from §3:
+  - Trim full proof/blocker list to one place, keep refrains
+  - Strip duplicate confirmation-gates table from 3 pages
+  - Strip duplicate failure-categories and runtime-layouts tables from agent-workflow
+  - Cut the ZCP_API_KEY re-explanation from `production-policy` and `trust-model` only
+  - Trim where remote/local tables overlap; keep the axes that are genuinely different
+- Link glossary terms from prose across the section
+
+### Sweep 4 — Vocabulary (find-and-replace over stable surface)
+- "Production promotion" (noun) → "production release"
+- "Operating loop" → "work loop" / "develop loop"
+- "Workflow-guided" → drop or rephrase
+- "Bounded operations" → "project-scoped operations"
+- "Opinionated", "concerns", "done gate" → concrete replacements
+- Delete the apologetic Bootstrap line at [agent-workflow.mdx:15](apps/docs/content/zcp/reference/agent-workflow.mdx#L15); keep the label
+- Push "Remote workspace" / "Local workspace" disambiguation where setup-overload bites
+- Touch the features page for vocab too (Bootstrap stays, but "Operating loop" / "workflow-guided" / etc may need fixing there)
+
+**Run as one editorial pass with four subgoals, not four separate review cycles.** Three or four cycles invite drift between them.
+
+## 8. Risks worth flagging before any edits
+
+- **Killing "Bootstrap" was wrong** (already cut from the plan above). External surfaces — recipe READMEs, blog posts, community threads — may reference Bootstrap as the phase name. Grep the codebase for external mentions before any aggressive vocab change.
+- **Collapsing production-policy prose** risks the security reviewer's read path. They land on `trust-model.mdx` first (security sidebar parent at [sidebars.js:667](apps/docs/sidebars.js#L667)). Stripping the production caveat from there leaves the threat model without its most important boundary statement. Keep a one-paragraph reminder.
+- **Removing `build-with-zcp` §4/§5 summaries** breaks the page as a standalone read for the operator archetype who wants the whole pipeline in one place. Keep as anchored 3-sentence summaries.
+- **Merging how-it-works + agent-workflow** risks a 350-line monster. ≤200-line target or don't merge.
+- **"Production release" as the replacement noun** is cleaner than "handoff" but verify it doesn't collide with anything else in the docs before global replace.
+- **Quantify before sweep 3.** Measure repetition vs unique content per page. Pages where 60%+ is unique can survive a 40% trim; the inverse can't.
diff --git a/zerops-llm-script.ts b/zerops-llm-script.ts
index 4eb9254c0..2c872438c 100644
--- a/zerops-llm-script.ts
+++ b/zerops-llm-script.ts
@@ -1,13 +1,28 @@
 import * as fs from 'node:fs'
 import * as path from 'node:path'
 import * as globModule from 'glob'
+// Shared MDX -> markdown converters (also used by the per-page markdown-source
+// plugin). Single source of truth so the LLM bundle and the per-page .md route
+// produce consistent output.
+import * as C from './apps/docs/src/plugins/markdown-source/converters'
 
 const frontmatterRegex = /^\n*---(\n.+)*?\n---\n/
-const mdxComponentRegex = /<[^>]+>/g
-const imageRegex = /!\[.*?\]\(.*?\)/g
-const importRegex = /^import\s+.*?from\s+['"].*?['"];?/gm
+const frontmatterBlockRegex = /^\s*---\n([\s\S]*?)\n---\n/
 
 const contentDir = path.resolve('apps/docs/content')
+const dataJsonPath = path.resolve('apps/docs/static/data.json')
+
+// Lazy data.json loader for UnorderedCodeList resolution.
+let dataJsonCache: Record<string, unknown> | null = null
+function getDataJson(): Record<string, unknown> {
+  if (dataJsonCache) return dataJsonCache
+  try {
+    dataJsonCache = JSON.parse(fs.readFileSync(dataJsonPath, 'utf-8'))
+  } catch {
+    dataJsonCache = {}
+  }
+  return dataJsonCache ?? {}
+}
 
 const sliceExt = (file: string) => {
   return file.split('.').slice(0, -1).join('.')
@@ -31,56 +46,97 @@ function capitalizeDelimiter(str: string): string {
 }
 
 function cleanMarkdownContent(content: string): string {
+  // 1. Strip frontmatter
   let cleaned = content.replace(frontmatterRegex, '')
-  
-  // Remove JSX-style comments
-  cleaned = cleaned.replace(/{\/\*[\s\S]*?\*\/}/g, '')
-  
-  // Remove <br/> tags
+
+  // 2. Drop JSX comments, normalize <br>, drop import lines, drop images.
+  cleaned = cleaned.replace(/\{\/\*[\s\S]*?\*\/\}/g, '')
   cleaned = cleaned.replace(/<br\s*\/?>/g, '\n')
-  
-  cleaned = cleaned.replace(/<FAQItem\s+question="([^"]+)"\s*>([\s\S]*?)<\/FAQItem>/g, (match, question, answer) => {
-    return `Question: ${question}\nAnswer: ${answer}\n`
-  })
-  cleaned = cleaned.replace(/<FAQ>([\s\S]*?)<\/FAQ>/g, (match, content) => {
-    return content
-  })
-  
+  cleaned = cleaned.replace(/^import\s+.*?from\s+['"].*?['"];?\s*$/gm, '')
+  cleaned = cleaned.replace(/<Image\s+[^>]*\/?>/g, '')
+  cleaned = cleaned.replace(/<img\s+[^>]*\/?>/g, '')
+  cleaned = cleaned.replace(/!\[[^\]]*\]\([^)]+\)/g, '')
+  cleaned = cleaned.replace(/<figure[^>]*>([\s\S]*?)<\/figure>/g, '')
+  cleaned = cleaned.replace(/<Head>[\s\S]*?<\/Head>/g, '')
+
+  // 3. Convert HTML <a> tags to markdown links (mirrors the plugin's step 12).
+  cleaned = cleaned.replace(
+    /<a\s+[^>]*href=["']([^"']+)["'][^>]*>([\s\S]*?)<\/a>/g,
+    (_m, href, text) => {
+      const inner = String(text)
+        .replace(/<code>(.*?)<\/code>/g, '`$1`')
+        .replace(/<strong>(.*?)<\/strong>/g, '**$1**')
+        .replace(/<em>(.*?)<\/em>/g, '*$1*')
+        .replace(/<b>(.*?)<\/b>/g, '**$1**')
+        .replace(/<[^>]+>/g, '')
+        .trim()
+      return `[${inner}](${href})`
+    }
+  )
+
+  // 4. Shared converter chain (same module the per-page .md route uses).
+  cleaned = C.convertFAQToMarkdown(cleaned)
+  cleaned = C.convertTabsToMarkdown(cleaned)
+  cleaned = C.convertNoteToMarkdown(cleaned)
+  cleaned = C.convertAsciiGraphToMarkdown(cleaned)
+  cleaned = C.convertDocCardListToMarkdown(cleaned)
+  cleaned = C.convertCustomCardToMarkdown(cleaned)
+  cleaned = C.convertDropdownToMarkdown(cleaned)
+  cleaned = C.convertSectionLandscapeToMarkdown(cleaned)
+  cleaned = C.convertExpandableTableToMarkdown(cleaned)
+  cleaned = C.convertUnorderedCodeListStandalone(cleaned, getDataJson, null)
+  cleaned = C.convertCodingAgentsTopologyToMarkdown(cleaned)
+  cleaned = C.convertIntroAgentVisualToMarkdown(cleaned)
+  cleaned = C.convertDeployButtonToMarkdown(cleaned)
+  cleaned = C.convertVideoToMarkdown(cleaned)
+  cleaned = C.convertBadgeToMarkdown(cleaned)
+  cleaned = C.convertButtonToMarkdown(cleaned)
+  cleaned = C.convertLinkToMarkdown(cleaned)
+  cleaned = C.dropSilentComponents(cleaned)
+  cleaned = C.convertDetailsToMarkdown(cleaned)
+
+  // 5. Final catch-all: strip any remaining unknown uppercase JSX components
+  // while preserving markdown tables (the LLM corpus reads tables as data).
   const sections = cleaned.split(/(\|.*\|\n\|.*\|\n(\|.*\|\n)*)/)
-  let processedContent = ''
-  
-  for (let i = 0; i < sections.length; i++) {
-    const section = sections[i]
+  let processed = ''
+  for (const section of sections) {
     if (!section) continue
-    
     if (section.trim().startsWith('|')) {
-      processedContent += section
+      processed += section
     } else {
-      let processedSection = section
-      processedSection = processedSection.replace(mdxComponentRegex, '')
-      processedSection = processedSection.replace(imageRegex, '')
-      processedSection = processedSection.replace(importRegex, '')
-      processedContent += processedSection
+      processed += section.replace(
+        /<[A-Z][a-zA-Z]*[\s\S]*?(?:\/>|<\/[A-Z][a-zA-Z]*>)/g,
+        ''
+      )
     }
   }
-  
-  const lines = processedContent.split('\n')
-  const processedLines: string[] = []
-  let lastLineWasEmpty = false
-  
+
+  // 6. Collapse trailing whitespace + consecutive blank lines.
+  const lines = processed.split('\n').map((line) => line.replace(/[ \t]+$/g, ''))
+  const out: string[] = []
+  let lastEmpty = false
   for (const line of lines) {
-    if (!line) continue
-    const trimmedLine = line.trim()
-    
-    if (trimmedLine === '' && lastLineWasEmpty) {
-      continue
-    }
-    
-    processedLines.push(line)
-    lastLineWasEmpty = trimmedLine === ''
+    const trimmed = line.trim()
+    if (trimmed === '' && lastEmpty) continue
+    out.push(line)
+    lastEmpty = trimmed === ''
   }
-  
-  return processedLines.join('\n')
+
+  return out.join('\n')
+}
+
+function hasFrontmatterFlag(content: string, flag: string): boolean {
+  const frontmatter = content.match(frontmatterBlockRegex)?.[1] ?? ''
+  const flagRegex = new RegExp(`^${flag}:\\s*true\\s*$`, 'm')
+  return flagRegex.test(frontmatter)
+}
+
+function shouldIncludeInLLMDocs(file: string): boolean {
+  const fileContent = fs.readFileSync(path.resolve(contentDir, file), 'utf-8')
+  return (
+    !hasFrontmatterFlag(fileContent, 'draft') &&
+    !hasFrontmatterFlag(fileContent, 'unlisted')
+  )
 }
 
 async function generateContent(
@@ -120,7 +176,9 @@ async function generateLLMDocs() {
   
   const outputListFile = path.resolve(publicDir, 'llms.txt')
 
-  const optionalFiles = globModule.sync('**/*.mdx', { cwd: contentDir })
+  const optionalFiles = globModule
+    .sync('**/*.mdx', { cwd: contentDir })
+    .filter(shouldIncludeInLLMDocs)
 
   const optionals: string[] = []
 
@@ -151,7 +209,9 @@ async function generateLLMDocs() {
   console.log(`< Output '${outputListFile}' `)
 
   const outputFullFile = path.resolve(publicDir, 'llms-full.txt')
-  const files = globModule.sync('**/*.mdx', { cwd: contentDir })
+  const files = globModule
+    .sync('**/*.mdx', { cwd: contentDir })
+    .filter(shouldIncludeInLLMDocs)
 
   const fullContent = await generateContent(
     files,