セルフホストは提供していません。代わりに提供するものをご紹介します。
Pro のセルフホストは現在対応しておらず、近い将来も対応する予定はありません。Pro は Cloudflare のエッジランタイム(Workers、D1、KV、R2)上に直接構築されており、このアーキテクチャは私たちが十分なサポートを提供できる Docker Compose での VPS インストールに簡単には移行できません。 それが正直な答えです。以下は、通常最初にセルフホストを検討するセキュリティ重視の購入者に提供するものです。
セルフホストを希望する理由と、私たちが提供する代替手段
データが自社インフラから外に出ない
代替手段: 設計からの最小データ主義 + リージョン別所在地。スキャンスキーマに保存するのは国(CF-IPCountry から)とデバイスクラスのみ, IP、ユーザーエージェント、日以下のタイムスタンプは一切なし。漏洩する行動データは存在しません。規制業界向けにはシングルリージョン D1 配置(EU 限定 / APAC 限定)も提供しています, /security/ を参照。
暗号化キーを自分で保持したい
代替手段: テナントごとの暗号化キー向け Agency ティアアドオン。現在すべてのテナントのデータは Cloudflare によって保存時に暗号化されています。オプションのアドオンにより、Agency のお客様はテナントごとの DEK をラップするためのキーを提供できます。Cloudflare 側でのインシデントが発生してもあなたのキーなしでは復号できない暗号文のみが得られます。(ロードマップ; ETA Q3 2026。)毎夜の D1 → R2 バックアップもready AES-256-GCM encrypted with a key you can rotate at any time, see backup key handling.
I need to audit every change
Substitute: shipped audit log + export. Every mutation (code create/edit/delete, team invite/role change, billing event) is recorded in audit_log with actor + timestamp + scope. The full log is exposed via GET /api/user/export as part of your data ZIP. Retention: 180 days rolling. Public-stats share-tokens have an independent revocation log.
I need data isolation per client
Substitute: Agency tier already isolates each team into its own scope (codes, scans, members, audit log). The Vault/Agency per-tenant D1 shard model (ADR-0010) splits each Agency-tier tenant onto a dedicated D1 database under the hood as soon as they cross a usage threshold, the API surface stays identical.
I need contractual data-handling commitments
Substitute: standard DPA + EU Standard Contractual Clauses available for all paying tiers. Sub-processor list is published at abundera.ai/legal/subprocessors/ with 30-day change notification. Custom Enterprise contracts (security questionnaire support, custom retention windows, contractual SLAs with financial credits) available, email enterprise@abundera.ai.
I need an SSO / SCIM integration
Available today. SAML 2.0 + OIDC single sign-on and SCIM 2.0 user provisioning shipped on the abundera.ai identity layer (Agency + Custom Enterprise tiers). SSO supports per-domain IdP routing, JIT user creation, and MFA enforcement. SCIM covers Users CRUD, Groups CRUD with group→role mapping, PATCH deactivation, and the Okta/Entra shape differences customers hit in production. RFC 7643/7644 compliance verified (20/20 on the PingIdentity-derived test suite). Okta OIN + Entra Gallery + JumpCloud partner-portal listings are in progress, in the meantime, connect as a custom SAML + SCIM app (endpoints + attribute mapping guides in our docs). Email enterprise@abundera.ai to get set up.
When self-host really is the right answer
Some buyers genuinely need self-host and we won't pretend otherwise:
- Air-gapped networks with no outbound internet.
- Specific regulators (some defense, some healthcare jurisdictions) that prohibit any third-party hosting regardless of contractual posture.
- Single-tenant infrastructure mandate from a procurement policy that doesn't accept logical isolation, only physical.
For those buyers, the right move today is the free static QR generator at qr.abundera.ai, it's a standalone HTML+JS bundle, runs entirely in the browser, makes zero outbound requests. Static codes can't be edited after print, but they also don't depend on us being online. That's the trade-off.
If your situation doesn't quite fit any of the above, email enterprise@abundera.ai, there's often a configuration of the substitute controls above that closes the gap.
Still think self-host is the only path?
Email enterprise@abundera.ai with the specific requirement that's blocking you. We answer everything; we'll tell you honestly if we can't meet it instead of pretending.
Email enterprise@abundera.ai