Build
What's included
Every Hatchik sandbox ships with the same substrate code. The differences between tiers are about where it runs (your own subdomain vs your own domain) and what's switched on (test mode vs live payments, no mailboxes vs real mailboxes). Here's the honest list.
What ships with a Sandbox — the quantified list
The same enumeration you see in your "your sandbox is ready" email and the Services tab on your account. Three views, one source of truth (service_inventory.py), same words, same numbers.
| Capability | What ships | Quantification |
|---|---|---|
| Subdomain | <your-slug>.hatchik.com with wildcard TLS | 1 subdomain. Custom domain is Launch tier only. |
| Postgres database | Supabase-managed Postgres 15, isolated per sandbox | 512 MB RAM cap. Disk shares the host budget — ~1 GB practical before we'd ask you to upgrade. |
| Authentication | Supabase Auth — magic-link + email/password | Up to 3 test users on Sandbox. Google OAuth: not configured (you can add when ready). |
| File storage | Supabase Storage (S3-compatible) | 128 MB working RAM; bucket size shares the tenant disk budget. |
| Realtime | Supabase Realtime row-change subscriptions | Included; same Supabase auth flow. |
| API backend | FastAPI under apps/api/ | You add the routes; redeploys on push. |
| Web frontend | React + Vite under apps/web/ | Hot-reloaded; redeploys on push. |
| Transactional email | Resend SMTP from noreply@hatchik.com (shared, test mode) | ~100 emails/day soft cap on Sandbox (Resend free tier 3K/mo across all sandboxes). Bring your own RESEND_API_KEY for production sends — no cap, your sender domain. |
| Payments | Stripe SDK wired in test mode | Live Stripe is customer self-serve: swap the keys in .env. |
| Mobile builds | Unsigned iOS IPA + Android APK via GitHub Actions | Up to 3 builds per hour per tenant. GitHub free tier: 500 macOS min/mo, 2000 Linux min/mo. Binaries are unsigned — signing + store submission require your own developer accounts. |
| GitHub repo | Private repo under hatchik-sandboxes/<slug> | 1 per active sandbox. |
| Push-to-deploy | Redeploy webhook fires on every git push | ~30 seconds end-to-end. Rate-limited to 6 redeploys per 5 minutes. |
BACKLOG.md | ~20 starter tasks tailored to your idea | Seeded once at provision; read+write by any AI tool. |
AI_CONTEXT.md | Substrate map + deploy token + first-prompt template | Seeded once at provision; safe to commit (no service-role secrets). |
Not yet wired on Sandbox tier (you can add at any time)
| Capability | Where it lives |
|---|---|
| Custom domain | Launch tier (year-one registration in the £89) |
| Mailboxes (hello@, support@…) | Launch tier — up to 5 real mailboxes on your domain (Infomaniak Mail), SPF/DKIM/DMARC wired. |
| Live payments | Self-serve: connect your own Stripe (or Paddle MoR on Launch); swap the test keys in .env. |
| Per-tenant Resend key | Self-serve: paste your own RESEND_API_KEY into .env for production volume + sender on your domain. |
| Google OAuth | Self-serve: register a Google OAuth app, paste client_id / client_secret, flip GOOGLE_OAUTH_ENABLED in .env. |
| On-demand backups | On-demand pg_dump from Supabase Studio, plus Hetzner Cloud VPS snapshots on Launch / Growth. Extended retention on Growth. |
| App Store / Play Store submission | You submit your app yourself — needs your Apple Developer (~£99/yr) and Google Play Console (~£25 once) accounts. Hatchik builds the .ipa / .apk; the legal identity for the submission is yours. |
Where the numbers come from. RAM caps are mem_limit values in substrate-template/docker-compose.yml. Rate limits are HATCHIK_*_RATE_LIMIT_* constants in the signup service. The 100/day email cap and ~1 GB disk are policy defaults we publish so you know where the boundaries are — soft caps enforced socially today.
In the substrate (every tier)
Email sign-in (magic link)
One-time-link auth for your end users. No passwords to store, no reset flows to build, no third-party SSO to wire. Backed by Supabase Auth. Customers can sign in on any device — link comes by email and works once.
Postgres database
A full Postgres 15 database, isolated per sandbox in its own Docker network. Row-level security enabled by default. Schema migrations live in supabase/migrations/ — drop a new .sql file there and it runs on the next deploy. Studio UI at yoursubdomain.hatchik.com/studio for browsing tables, running SQL, managing users.
File storage
S3-compatible object storage via Supabase Storage. Upload files from the front end with the anon key, or from the back end with the service-role key. Permissions are role-based with the same row-level-security model as the database. Stored on the same server as the database, in the same region.
Transactional mail
An SMTP relay is pre-wired so your app can send password resets, receipts, notifications, anything. On the Sandbox tier mail goes out from a shared no-reply@hatchik.com sender — fine for development but visibly Hatchik branded. On Launch we set up SPF/DKIM/DMARC on your domain and mail goes from your domain instead.
Payments (test mode by default)
Stripe SDK wired up on both the front end and back end, in test mode by default. You can call Checkout, run subscription flows, and see test charges in your Stripe dashboard. To go live on Sandbox, swap your live STRIPE_SECRET_KEY / STRIPE_PUBLISHABLE_KEY into .env — self-serve, no upgrade required. Paddle as Merchant of Record is a Launch-tier addition (handles global VAT / GST / sales tax for you).
Mobile shell
A Capacitor app shell that wraps the same code as your web app. Same scaffold ships on every tier from Sandbox onward. Cloud builds run on GitHub Actions — trigger one from /account and download the resulting .ipa / .apk when the run finishes (usually 8–15 minutes); up to 3 builds per hour per tenant. You submit your app to the App Store and Google Play yourself, on any tier — see below.
Admin tooling
The Supabase Studio UI is included for table browsing, SQL, and user management. Your owner email is preset as the first row in the auth users table, so you can sign into it via the magic link sent at provision time.
AI provider integrations
The codebase reads AI provider keys from .env — drop your Anthropic, OpenAI, Google, xAI (Grok), Mistral, or OpenRouter key in and the app's runtime AI calls work. By default you bring your own key (you pay the provider directly). Hatchik also offers an optional passthrough with unified billing — included token allowance is a one-off £0.50 of Claude Haiku on Sandbox (enough to wire up your first AI-powered feature and see it run), then £3/month on Launch, £10/month on Growth. It's never required.
Using the Sandbox £0.50 allowance. Open your repo, find .env.example, look for the HATCHIK_AI_PROXY_ENABLED flag and the matching docs in AI_CONTEXT.md. Flip it to true in your .env and the substrate routes runtime AI calls through Hatchik with the allowance applied. When it's used up, you either swap in your own provider key (instructions in AI_CONTEXT.md) or upgrade to a tier with a monthly allowance. The £0.50 doesn't refill — it's a one-time taster, deliberately enough for one feature, not a free subscription.
Sandbox vs Launch — what's different
The Sandbox tier is free forever, lives at yoursubdomain.hatchik.com, and is intended for prototyping and getting your first ten users. The Launch tier (£89 one-off then £14/month) shifts the same product onto your own domain and turns on the production-grade bits.
| Feature | Sandbox | Launch |
|---|---|---|
| URL | yoursubdomain.hatchik.com | Your own domain |
| Custom domain | Not available | Included* (year 1 in the £89) |
| Mailboxes | No mailboxes | 5 real mailboxes on your domain |
| Transactional mail sender | Shared no-reply@hatchik.com | From your domain, SPF/DKIM/DMARC set up |
| Payments | Stripe test mode | Stripe (or Paddle) live |
| Mobile shells (iOS + Android) | Included — up to 3 builds per hour | Included — same |
| Mobile App Store submission | Not by Hatchik (any tier) | Not by Hatchik (any tier) |
| Backups | On-demand pg_dump from Studio | On-demand pg_dump + Hetzner VPS snapshots |
| Idle-archive | After 7 days idle | Never auto-archived |
| Hatchik-branded footer | "Built with Hatchik" | None |
| Region choice | Shared (Hetzner FSN1) | 5 regions across 3 continents |
* About the included domain. Year 1 of registration is free for the popular TLDs (.com .co .net .org .uk .co.uk .app .dev .tech .online) — anything that reliably costs ≤ £14/yr. Premium TLDs we'll still register on request, with the customer paying the balance above £14/yr at Launch checkout. Current passthrough list and ballpark rates: .ai (~£90, you cover ~£76), .io (~£30, ~£16), .tv (~£30, ~£16), .gg (~£70, ~£56), .so (~£25, ~£11), .me (~£15, ~£1), .xyz (~£20, ~£6). Prices verified at checkout against the registrar's live rate. Year-2 renewals are at-cost on Launch; free on Growth.
What's never included (any tier)
App Store / Google Play submission
We build the iOS and Android app shells from your code, ready to submit. We don't submit them on your behalf, on any tier. Submission requires your legal identity on Apple's and Google's developer programs (~£99/year for Apple Developer Program, ~£25 one-time for Google Play Console), your compliance with each store's review guidelines, and your response to review feedback.
Happy to advise on common rejection reasons. Won't press submit.
Bring-your-own-domain on Sandbox
The free Sandbox tier always lives at yoursubdomain.hatchik.com. If you want your own domain, upgrade to Launch. We don't offer custom domains on the free tier — keeps the wildcard certificate management simple and protects the brand a bit.
Building your product
We give you the foundation: hosting, auth, database, mail, payments, the lot. The actual features that make your app worth using — the meal-prep flow, the customer dashboard, the booking calendar — those you build, ideally with your AI tool. Hatchik is not a no-code app generator. If you want one of those, look at Lovable or Bolt; they're good at prototypes but typically lack the substrate underneath.
Hand-holding through technical decisions
Email support for blockers is included and we respond within one working day on the Launch tier (best-effort on Sandbox). What we don't do is sit alongside you while you architect your app — that's what your AI tool is for. Bigger questions ("should this be a separate table?") your AI handles better than we can in a one-off email.
The substrate boundary (where can I edit?)
Your AI_CONTEXT.md covers this in detail. Short version:
- Edit freely:
apps/web/src/product/,apps/api/src/product/,supabase/migrations/ - Don't edit:
docker-compose.yml,Caddyfile,supabase/volumes/,supabase/config/,apps/*/src/lib/supabase.ts,apps/api/src/lib/auth.ts
Editing the "don't edit" files won't break locally (you don't run the stack locally), but the next push will silently break your sandbox because the substrate plumbing got out of sync with what Hatchik expects. Trust your AI tool to honour the boundary if it's read AI_CONTEXT.md.
Next
- FAQ — honest answers, including "what if I outgrow Hatchik".
- Account management — upgrading from Sandbox to Launch.