Tarsail

Tarsail is a Plystra project. It follows Plystra’s principles of restraint, legibility, explicit boundaries, and long-term maintenance.

It is built for shipping Docker Compose applications when the deployment server should not depend on live registry access.

It builds and saves images on a machine where Docker can reach the network, creates a release bundle, uploads it to a Linux server over SSH, loads the images there, and runs docker compose up -d against the bundled Compose file.

local Docker build
  -> release bundle
  -> SSH upload
  -> docker load on server
  -> docker compose up -d

Current status

Tarsail is in Phase 0. It is usable for a simple single-server deployment loop, but it should still be treated as early software.

Phase 0 focuses on one job: package a Docker Compose project locally and deploy it to one Linux server over SSH.

No registry required at deploy time

The target server receives image tar files in the release bundle and loads them with docker load.

Single-server Compose

Tarsail works with one Compose file, one target server, and explicit image tags.

Explicit secrets transfer

Environment files and secret files are uploaded only when configured. They are stored under shared/, outside release bundles.

Rollback by release

Previous bundled releases can be reactivated. Databases and Docker volumes are outside Tarsail’s rollback boundary.

Start here

• Read Overview to understand the deployment model.
• Install Tarsail with Install and upgrade.
• Follow Quick start for the shortest working path.
• Use Prepare a Compose project when adapting an existing Docker project.
• Read Configuration for every supported field.
• Read Security model before uploading environment files or secret files.

What Tarsail is not

Tarsail is not a PaaS, CI/CD system, registry, secrets manager, monitoring platform, Kubernetes layer, or Docker GUI.

It intentionally stays close to SSH, tar, Docker, and Docker Compose. That narrow scope keeps the deployment path legible and maintainable.