Magic Containers
Bun-powered Docker deployment on bunny.net bare-metal infrastructure
+
DockerfileFROM oven/bun:1-alpine AS build
WORKDIR /app
COPY package.json bun.lock* ./
RUN bun install --frozen-lockfile --ignore-scripts
COPY . .
RUN bun --bun run build
FROM oven/bun:1-alpine
WORKDIR /app
COPY --from=build /app/.output .output
ENV HOST=0.0.0.0 PORT=3000
EXPOSE 3000
CMD ["bun", "--bun", ".output/server/index.mjs"].env (Magic Containers)
# NuxtHub Database → Bunny Database
LIBSQL_URL=libsql://your-db.bunny.net
LIBSQL_AUTH_TOKEN=your-token
# NuxtHub Blob → Bunny Storage S3
S3_ACCESS_KEY_ID=<storage-zone-name>
S3_SECRET_ACCESS_KEY=<storage-zone-password>
S3_BUCKET=<storage-zone-name>
S3_ENDPOINT=https://[region].storage.bunnycdn.com
S3_REGION=[region]Ultra-fast
NVMe Storage
Full VM
Isolation
40+
Regions
AI Auto
Scaling
API Examples
Shield · DNS · Edge Scripting
Real API snippets for bunny.net security, DNS management, and edge computing — ready to integrate
shield/waf — config
# Shield WAF — API config
curl -X GET \
https://api.bunny.net/shield \
/waf/engine-config \
-H "AccessKey: $BUNNY_API_KEY"
# Custom WAF rule
curl -X PATCH \
https://api.bunny.net/shield \
/waf/custom-rule/{ruleId} \
-H "AccessKey: $BUNNY_API_KEY" \
-d '{
"ruleName": "Block SQL Injection",
"actionType": 1,
"triggerMatchingType": 0
}'WAFDDoSBot Detection
dns — records
# Create DNS record
curl -X POST \
https://api.bunny.net \
/dnszone/{zoneId}/records \
-H "AccessKey: $BUNNY_API_KEY" \
-d '{
"Type": 0,
"Name": "app",
"Value": "container.b-cdn.net",
"Ttl": 300
}'
# Enable DNSSEC
curl -X POST \
https://api.bunny.net \
/dnszone/{zoneId}/dnssec \
-H "AccessKey: $BUNNY_API_KEY"GeoDNSDNSSECScriptable
edge-script.ts
// Bunny Edge Script (TypeScript)
// Runs on 100+ PoPs worldwide
export default {
async fetch(
request: Request
): Promise<Response> {
const country = request
.headers.get("X-Bunny-Country")
// Geo-based routing
if (country === "TH")
return Response.redirect(
"https://th.example.com"
)
return fetch(request)
}
}DenoTypeScript100+ PoPs