This shell stays outside the project: the preview loads in the iframe so a stuck script does not have to lock this UI.
Only paths under /projects/… are allowed. New projects: rsync the folder, then enter
/projects/your-slug/preview.html (or any static entry). No new nginx for each project.