MERIDIAN · PODMAN NATIVE

Deploy containers anywhere.

A native CLI that ships your containers to any Linux box — Podman Quadlets for supervision, kamal-proxy for zero-downtime cutovers, and no registry required.

$curl -fsSL meridian-deploy.dev/install.sh | sh

Read the Quickstart →Star on GitHub

~/my-app — meridian deploy

$ meridian deployDeploying my-app to 1 web host[prod-01] Streaming image my-app:abcd1234[prod-01] Transferred 12.4 MB in 3.1s[prod-01] Uploading service Quadlet[prod-01] Reloading user systemd[prod-01] Starting service my-app-green.service[prod-01] Checking health for my-app-green[prod-01] Switching proxy traffic to my-app-green[prod-01] Stopping service my-app-blue.service[prod-01] Recording active color green[prod-01] Deploy completedDeploy completed

The flow

Three commands from repo to running.

No Kubernetes. No Docker Swarm. No CI/CD rebuild loop. Meridian is an imperative CLI that does what you tell it, when you tell it.

I · Initialize

Detect & configure

Meridian scans your project, picks up Marten, Rails, Elixir, Node or Go, and writes a working deploy.yml you can read and edit.

$ meridian init

II · Deploy

Ship, run, supervise

Send the image you've already built to each host — registry pull, SSH stream, or rsync'd OCI layout. systemd takes over through a Quadlet unit. No Docker daemon on the target.

$ meridian deploy

III · Cut over

Zero-downtime release

kamal-proxy routes traffic from the old container to the new one only after health checks pass. Rollback is a single command.

$ meridian rollback

The position

Kubernetes is a platform. Meridian is a tool.

Most deploy stacks ask you to adopt a worldview. Declarative reconciliation loops, control planes, custom resource definitions — a full philosophy for managing fleets you do not have.

Meridian is smaller on purpose. It does one job: take a container from your laptop and run it on a Linux server you rent, own, or colocate. When you push again, it cuts over cleanly. When something breaks, you read a systemd log.

No orchestrator. No registry tax. No daemon. A tool, not a platform.

· Why Podman

Rootless-first is the right default in 2026. Quadlets let systemd supervise containers natively — the same system that already supervises your SSH daemon and cron jobs.

· Why registries are optional

Use one if you have one. When you'd rather skip it, Meridian ships the image straight over SSH — piped with zstd, or rsync'd as an OCI layout so later deploys send only what changed.

· Why framework-aware

meridian init recognizes Marten, Rails, Elixir, Go, and Node — sets the right *_ENV default, reuses your health route where it can find one, and writes a deploy.yml you can edit on the first try.

· Why Crystal

One compiled executable. No Ruby, no Python, no Node runtime on the server. Official Linux release builds can ship as a single file; local Crystal builds may still link shared libraries.

Feature set

Everything the job needs. Nothing it doesn't.

Meridian ships a small, sharp feature surface aimed at the 80% deploy path — the remaining 20% is where you'd want Kubernetes anyway.

Podman Quadlets

Your containers run under systemd. Restart policies, journald logs, and dependency ordering you already understand.

Blue / Green via kamal-proxy

Zero-downtime cutovers with health checks. If the new container fails, traffic stays on the old one. No drama.

Skip the registry

Keep pulling from a registry, or flip transfer.mode to stream or incremental and Meridian ships images over your existing SSH connection — no Docker Hub bill, no ECR setup, no CI upload step.

Framework Auto-Detection

meridian init recognizes Marten, Rails, Elixir, Node, and Go and writes a working config you can actually read.

Podman Secrets, not .env files

meridian secret set manages encrypted secrets on every host. Names listed under env.secret reach the container through the Quadlet's Secret= directive — nothing plaintext on disk, nothing baked into the image.

Remote deploy hooks

Eight phases from before_transfer to after_deploy run arbitrary commands on each host. Migrations, cache warms, smoke tests — declare them in deploy.yml and Meridian fires them in order.

Honest comparison

Where Meridian actually fits.

If you're happy with Kamal or Dokku, you should probably stay there — both are mature. Meridian makes different trade-offs. Here's what you're buying into:

	Meridian	Kamal 2	Dokku
Runtime	Podman + systemd	Docker daemon	Docker daemon
Supervision	Quadlets (systemd)	Docker restart	Docker restart
Image transfer	Direct over SSH	Registry required	Local build on host
Zero-downtime	kamal-proxy	kamal-proxy	nginx / Traefik
Rootless by default	Yes	No	No
Install	Native executable	Ruby gem	Bash bootstrap + apt
Config	YAML	YAML	Imperative CLI

License

MIT

Runtime

Podman + systemd

Written in

Crystal

Questions

The honest answers.

Does this replace Kamal?

No — and it's not trying to. Kamal is mature, Docker-centric, and Ruby-ecosystem-friendly. Meridian is for teams that want Podman + systemd semantics, a native executable, and registry-free transfers. If your team already runs Kamal happily, there's no reason to switch.

Is it really a single-file binary?

For the official Linux release builds, yes: Crystal supports static linking, and Meridian builds cleanly as a static Alpine/musl binary. But that depends on how you build it. A default local build on macOS is still one executable file, but it links against shared libraries such as OpenSSL, libyaml, PCRE2, and Boehm GC.

Why Podman over Docker?

Three reasons:

Rootless-first is the correct default in 2026.
Quadlets integrate containers into systemd as first-class units, including restart policies, dependency ordering, and journald logging.
There is no long-running daemon to babysit or restart.

How does SSH image transfer work?

Two registry-free paths. transfer.mode: stream pipes podman save | zstd over SSH to podman load on the host — simple, no extra infrastructure. transfer.mode: incremental syncs an OCI layout via rsync, so repeat deploys typically send only the bytes that changed. If you already have SSH to the server, you have everything Meridian needs.

Is it production-ready?

Meridian is in early development and currently used on a handful of production workloads, but the API may still change. It ships with test coverage on every increment. If you need SOC2 and an on-call vendor, use Render or Fly.io. If you can read systemd logs, you'll be fine.

Can I bring my own proxy?

kamal-proxy is the default because blue/green is the whole point. But Meridian writes standard Quadlet units, so if you want Caddy or Traefik in front of them, nothing is stopping you.

What about databases, Redis, background jobs?

Accessory services are first-class — define them in deploy.yml and they deploy alongside your app. Meridian treats them as Quadlet units too, which means systemd handles their lifecycle consistently with everything else.

Set your bearings. Deploy.

Meridian is open source and MIT-licensed. Try it on a staging box this weekend — the install is a single command.

Read the Quickstart →Star on GitHub