QuickStage.dev Hosting Docs

Backend API + environment variables + domain setup.

Open Hosting UI Home

Hosted sites: https://<project>.quick-stage.app/

Frontend config

In /assets/config.js:

window.QUICKSTAGE_HOSTING_BACKEND_BASE = "https://quickstage-dev.onrender.com";

Auth requirement

The hosting backend requires a Bearer token and validates it using your OAuth “me” endpoint (OAUTH_ME_URL).

Authorization: Bearer YOUR_ACCESS_TOKEN

If your token system isn’t ready yet, you can temporarily disable requireAuth in the backend — but don’t ship that.

API endpoints

Base: https://quickstage-dev.onrender.com

Create project

POST /api/projects
Content-Type: application/json
Authorization: Bearer ...

{ "name": "My Site", "desiredSlug": "my-site" }

Upload ZIP

POST /api/projects/:slug/upload
Authorization: Bearer ...
Content-Type: multipart/form-data

(zip file field name = "zip")

Verify domain DNS

GET /api/domains/verify?domain=example.com&slug=my-site
Authorization: Bearer ...

Custom domain setup

Create a project slug (example: my-site).
Add a CNAME in your DNS provider to my-site.quick-stage.app.
Wait for DNS to propagate.
Use the Verify form in the Hosting UI.

Full SaaS custom hostnames + automatic TLS is a separate “next level” feature; this is the simple CNAME path.

Backend environment variables (Render)

# Required
PORT=10000
CF_ACCOUNT_ID=...
R2_ACCESS_KEY_ID=...
R2_SECRET_ACCESS_KEY=...
R2_BUCKET_NAME=quickstagedev
R2_ENDPOINT=https://<accountid>.r2.cloudflarestorage.com
BASE_DOMAIN=quick-stage.app

# Auth
OAUTH_ME_URL=https://send.quick-stage.app/me

# Optional
ALLOWED_ORIGINS=https://quickstage.dev,https://YOUR-PAGES-URL.pages.dev
LOG_LEVEL=info

Where to find the secrets

CF_ACCOUNT_ID: Cloudflare dashboard → account details / sidebar.
R2_ACCESS_KEY_ID / R2_SECRET_ACCESS_KEY: R2 → API tokens → create S3 credentials.
R2_ENDPOINT: R2 bucket settings → “S3 API” endpoint.

If any of these were shared publicly, rotate them right away.