← docs/  |  cat rinos.md

live · FastAPINext.js 14PostgreSQLCloudflare WorkersTypeScriptCaddyCloudflare R2

RinosCMS started from a real problem: Shopify Plus across multiple countries was expensive, and we didn’t own our data. We replaced it shop by shop with a custom multi-tenant platform. It now runs 17 shops across 16 countries for 7 tenants on a single Hetzner VPS — at a fraction of the previous cost.

Each tenant gets a fully isolated e-commerce storefront and admin panel. Storefronts run at the edge as Cloudflare Workers — a new country or brand is a single wrangler.toml entry away from deployment. After proving it internally, we opened it to external clients to test scalability limits.

I help manage infrastructure and DevOps for Rinos: the Hetzner VPS, reverse proxy config, deploy pipelines, and the wider server stack (MailCow, Nextcloud, Collabora).

Screenshots

Admin panel

Dashboard overview

Product management

Order view

Analytics

Settings

CMS editor

Storefront

Mobile view

Email client

Document editor

User management

Architecture

Cloudflare Workers (edge, per tenant)
  rinosbike-at · rinosbike-be · rinosbike-it · javibikes-es · ...
  Each Worker injects X-Shop-ID → proxies /api/* to backend


Hetzner VPS
  Caddy (reverse proxy, auto-TLS)
  CMS Backend — FastAPI :8000
  ERP Backend — Flask :5001
  PostgreSQL (111 tables, Row-Level Security)
  Cloudflare R2 (tenant-prefixed file storage)


GitHub webhook → deploy.sh → parallel Worker deployments

Tenant data is isolated at the database layer via PostgreSQL Row-Level Security — not at the application layer. Every query runs inside a session with current_tenant_id() set, so cross-tenant leaks are structurally impossible.

SEO automation

On top of the CMS, I’m building an SEO intelligence layer that connects Cloudflare, Google Search Console, Google Merchant Center, and Google Business Console. It surfaces crawl errors, indexing issues, and keyword opportunities across all platforms in one place — an ongoing project. We still use Claude to analyze and act on the data, rather than a fully automated pipeline.

Key features

  • Puck visual page builder — drag-and-drop editor with 23+ block types, iframe preview, multi-language switching
  • Auto-deploy pipelinegit push triggers a webhook, rebuilds the backend, and redeploys all active Workers in parallel
  • Multi-tenant provisioning — creating a tenant deploys their Worker, seeds permissions, and sets up their content tree in one flow
  • AI features — blog writer agent, product A+ content generator, admin chat assistant with read access across all modules
  • SEO — SSR with canonical URLs, hreflang, FAQPage schema, sitemap per tenant, Google Search Console integration, IndexNow
  • Email marketing — abandoned cart flows, transactional templates, per-shop per-language, open tracking, admin campaign panel
  • Analytics — revenue reporting (multi-currency, FX-normalized), cohort analysis, LTV, UTM attribution, cart abandonment funnel
  • Role-based access — superadmin, tenant admin, content-only editors; non-Rinos tenants see only their permitted modules