Content infrastructure, defined in TypeScript.
A config-driven, type-safe content framework. Model your collections once and get a typed client, a REST API, and an admin UI — deployed to the edge.
import { defineContent, collection, fields } from "@voila/content";
export default defineContent({
collections: {
posts: collection({
fields: {
title: fields.text({ required: true }),
slug: fields.slug({ from: "title" }),
body: fields.richText(),
status: fields.select(["draft", "published"]),
},
}),
},
});Built on the modern edge
No proprietary backend. content.voila.dev runs on open, edge-native infrastructure you already trust.
Cloudflare Workers
Your entire app runs as a single Worker, deployed to Cloudflare's global edge.
Cloudflare D1
SQLite at the edge — your content database, replicated close to your users.
Cloudflare R2
Zero-egress object storage for media, uploads, and generated assets.
TanStack Start
Type-safe routing and data loading power the config-driven admin UI.
Better Auth
Sessions, magic links, and RBAC — secure auth wired in by default.
Resend
Transactional email for magic-link auth and content notifications.
Everything you need to model content
One config drives the database, API, client, and admin. Add capabilities by flipping a flag.
Type-safe schema
Define collections and fields in TypeScript. Your content shape is inferred everywhere — no codegen step.
Typed client, zero codegen
A fully typed data client derived from your config. Autocomplete every collection, field, and query.
Built-in admin UI
A config-driven admin to author content, with forms, tables, and validation generated from your schema.
Edge-native
Runs on Cloudflare Workers with D1 and R2. Low-latency reads from anywhere, no servers to manage.
Drafts, revisions & i18n
Versioned content, draft/publish workflows, and per-locale fields are first-class, not bolted on.
Auth & RBAC included
Magic-link auth, sessions, CSRF, and per-field access control wired in by default.
A framework, not a vendor
Own your data and your runtime. Config-driven, fully typed, and yours to deploy.
Config-driven, no eject
Your content.config.tsis the source of truth. The database schema, REST routes, typed client, and admin screens are all derived from it.
Edge-native by default
Cloudflare Workers, D1, and R2 — one worker, one database, one domain per site.
Typed end to end
From schema to client, types flow without a build step. Refactor with confidence.
Batteries included, swappable
Auth, RBAC, media storage, and search ship in the box — each behind a seam you can replace. Sensible defaults, no lock-in.
Teams ship faster with less glue
“We replaced a headless CMS and three glue services with one config file. The typed client alone paid for the migration.”
“Shipping content to the edge used to be a project. With content.voila.dev it's a deploy. Drafts and revisions just work.”
“The admin UI is generated from our schema, so it never drifts. Our editors got a polished tool for free.”
Free and open source, forever
No plans, no seats, no lock-in. content.voila.dev is MIT licensed — self-host it on your own edge, fork it, and make it yours.
MIT licensed · self-hosted on Cloudflare Workers
- All collections & fields
- Typed client & REST API
- Built-in admin UI
- Auth, RBAC & CSRF
- Media, search & i18n
- Drafts & revisions
Frequently asked questions
Is content.voila.dev a CMS or a framework?
A framework. You define content in TypeScript and own the runtime, database, and admin. There's no hosted black box — everything is derived from your config and runs in your infrastructure.
Where does my content live?
In your own database. The default runtime targets Cloudflare D1 with R2 for media, but the storage and database layers are seams you can swap.
Do I need a codegen step?
No. Types are inferred directly from your config, so the typed client and admin stay in sync without a generate command.
Can I customize the admin UI?
Yes. The admin is config-driven with an extension API for custom screens and fields, while sensible defaults are generated from your schema.
What about auth and permissions?
Magic-link auth, sessions, CSRF protection, and per-field role-based access control are built in and enabled by default.
Ship content infrastructure this afternoon
Scaffold a fully typed, edge-ready content backend with a single command.