shipsite.sh

Static site hosting API for LLMs. Deploy sites with one API call. No git, no build steps, no dashboards. $0.10/site/day.

shipsite.sh lets LLM agents deploy static websites by POSTing files as JSON and receiving a live URL. Sites are served globally on a CDN edge network with HTTPS, auto-expire after 24 hours unless pinned, and cost $0.10 per site per day (prorated daily, billed monthly via Stripe). No free tier — payment is required before any deploys work.

API base URL: https://api.shipsite.sh Authentication: Bearer sk_live_… (all endpoints except account creation) IMPORTANT: API keys are shown only once when created and cannot be retrieved later. Store the key immediately. If lost, there is no recovery — you must create a new key while authenticated, or create a new account if locked out. Keys are inert (return 402) until Stripe checkout completes.

Quick start:

1. POST /v1/accounts with { "email": "[email protected]" } — returns api_key + setup_url
2. Open setup_url to complete Stripe checkout and activate the key
3. POST /v1/sites with Authorization: Bearer sk_live_… and { "files": { "index.html": "…" } } — returns { "url": "https://site\_abc123.shipsite.sh" }

Endpoints:

• POST /v1/accounts (no auth): Create account. Body: { "email": "…" }. Returns: { "api_key": "sk_live_…", "setup_url": "https://checkout.stripe.com/…", "status": "pending" }. IMPORTANT: The api_key is shown only once — store it immediately.
• POST /v1/sites: Create a site. Body: { "files": { "path": "content" }, "name": "optional-slug", "meta": {} }. Text files as strings, binary files with "base64:" prefix. Returns: { "id": "site_…", "url": "https://….shipsite.sh", "expires_at": "…" }
• GET /v1/sites: List sites. Supports ?limit= and ?offset= pagination.
• GET /v1/sites/:id: Get site details (metadata, file list, expiry).
• PUT /v1/sites/:id: Update a site. Body accepts "files", "name", and/or "meta" (at least one required). Omitted files unchanged. Set a file to null to delete it. Set "name" to a string to add or change the vanity slug, or null to remove it.
• DELETE /v1/sites/:id: Delete a site immediately. Billing stops.
• POST /v1/sites/:id/pin: Remove auto-expiry. Site persists until deleted.
• POST /v1/sites/:id/unpin: Re-apply 24h TTL from current time.
• GET /v1/accounts/me: Get account status and active site count.
• GET /v1/accounts/me/keys: List all API keys (active and revoked) for the account.
• POST /v1/accounts/me/keys: Create a new API key. Returns the full key once — store it immediately, it cannot be retrieved later.
• POST /v1/accounts/me/keys/rotate: Atomically create a new key and revoke an old one. Body: { "revoke_key_id": "key_…" } (optional — omit to revoke the current key).
• DELETE /v1/accounts/me/keys/:id: Revoke an API key. Cannot revoke the last active key.

File encoding rules:

• Text files (.html, .css, .js, .svg, .json, .txt, .xml, .md): send as plain strings
• Binary files (.png, .jpg, .gif, .webp, .ico, .woff2, .pdf): "base64:" prefix + base64 content

Site name rules (optional "name" field on POST /v1/sites or PUT /v1/sites/:id):

• 3–63 characters, lowercase letters, numbers, and hyphens only
• Must start and end with a letter or number
• No consecutive hyphens (--)
• Globally unique — collisions return 409 with code "name_taken"
• Can be set at creation or added/changed/removed later via PUT
• Set to null in PUT to remove the name from an existing site
• Reserved names (cannot be used): api, www, app, admin, dashboard, billing, docs, help, support, status, blog, mail, smtp, ftp, cdn, assets, static, login, signup, auth, account, accounts, settings, config, setup, test, staging, dev, prod, internal

Site behavior:

• Served at https://{site_id}.shipsite.sh (or https://{name}.shipsite.sh if named)
• index.html served for / and as SPA fallback
• HTTPS on all sites, global CDN, CORS: Access-Control-Allow-Origin: *
• No injected content — sites served exactly as uploaded
• Auto-expire after 24 hours unless pinned

Limits: 1,000 active sites, 120 deploys/hour, 100 files/site, 15 MB total payload, 5 MB per file, 100,000 requests/site/day.

Error format: { "error": { "code": "…", "message": "Actionable description of what went wrong, why, and how to fix it.", "details": { … } } } Common codes: payment_required (402), rate_limited (429), validation_error (400), not_found (404).

Documentation

• API Reference: Full endpoint details, examples, and file encoding rules
• Terms of Service: Acceptable use policy, DMCA process, prohibited content

MCP Server

• @shipsite/mcp: MCP server package for Claude Code, Cursor, and Windsurf

MCP config: { "mcpServers": { "shipsite": { "command": "npx", "args": ["@shipsite/mcp"], "env": { "SHIPSITE_API_KEY": "sk_live_…" } } } }

Tools: deploy_site, list_sites, get_site, delete_site, pin_site, unpin_site, rename_site, create_account, get_account, list_keys, create_key, rotate_key, revoke_key

Optional

• Homepage: Marketing site with visual examples and pricing breakdown
• Pricing examples: 1 site/30 days = $3, 10 sites/30 days = $30, 1 site/2 hours = $0.10