{"id":50100589,"url":"https://github.com/axieyangb/aegis","last_synced_at":"2026-05-23T07:12:38.960Z","repository":{"id":358815985,"uuid":"1243192330","full_name":"axieyangb/aegis","owner":"axieyangb","description":"Self-hosted Envoy gateway with AI threat analysis, TLS automation, and real-time security dashboard","archived":false,"fork":false,"pushed_at":"2026-05-19T07:37:58.000Z","size":37211,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-05-19T08:51:55.550Z","etag":null,"topics":["ai","docker","envoy","gateway","homelab","security","self-hosted","tls"],"latest_commit_sha":null,"homepage":"https://hub.docker.com/r/axieyangb/aegis","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/axieyangb.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-05-19T06:08:28.000Z","updated_at":"2026-05-19T07:38:02.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/axieyangb/aegis","commit_stats":null,"previous_names":["axieyangb/aegis"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/axieyangb/aegis","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axieyangb%2Faegis","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axieyangb%2Faegis/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axieyangb%2Faegis/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axieyangb%2Faegis/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/axieyangb","download_url":"https://codeload.github.com/axieyangb/aegis/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/axieyangb%2Faegis/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33386196,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-23T04:15:53.637Z","status":"ssl_error","status_checked_at":"2026-05-23T04:15:53.242Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ai","docker","envoy","gateway","homelab","security","self-hosted","tls"],"created_at":"2026-05-23T07:12:38.373Z","updated_at":"2026-05-23T07:12:38.949Z","avatar_url":"https://github.com/axieyangb.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/logo.svg\" alt=\"Aegis\" width=\"80\" /\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eAegis\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong\u003eSelf-hosted Envoy gateway · AI threat analysis · TLS automation · Real-time dashboard\u003c/strong\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://hub.docker.com/r/axieyangb/aegis\"\u003e\u003cimg src=\"https://img.shields.io/docker/pulls/axieyangb/aegis\" alt=\"Docker Pulls\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://hub.docker.com/r/axieyangb/aegis/tags\"\u003e\u003cimg src=\"https://img.shields.io/docker/v/axieyangb/aegis?sort=semver\" alt=\"Version\"\u003e\u003c/a\u003e\n  \u003ca href=\"LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/license-proprietary-red\" alt=\"License\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  Aegis sits between the internet and your services — one container that controls Envoy Proxy in real time, blocks threats automatically, manages TLS certificates, and lets you chat with your gateway through an AI assistant.\n\u003c/p\u003e\n\n---\n\n![Live dashboard](docs/demos/01-dashboard.gif)\n\n---\n\n## Quick start\n\n```bash\nmkdir aegis \u0026\u0026 cd aegis\n\ncurl -O https://raw.githubusercontent.com/axieyangb/aegis/main/docker-compose.yml\nmkdir envoy\ncurl -o envoy/envoy.yaml https://raw.githubusercontent.com/axieyangb/aegis/main/envoy/envoy.yaml\n\ndocker compose up -d\n```\n\nOpen **`http://localhost:8765`** — default login: `admin` / `changeme`.\n\n\u003e Edit `docker-compose.yml` and set `ADMIN_PASSWORD` before exposing to the network.\n\nOn first boot Aegis seeds a working gateway baseline — HTTP (port 10080) and HTTPS (port 10443) listeners ready to accept filter chains.\n\n---\n\n## Features\n\n\u003ctable\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\" width=\"50%\"\u003e\n\n**🦉 Owl AI Assistant**\n\n![Owl Chat](docs/screenshots/02-owl-chat.png)\n\nChat with your gateway in plain English. Owl analyses traffic, surfaces threats, and can configure your gateway end-to-end — clusters, certs, filter chains — from a single prompt.\n\n\u003c/td\u003e\n\u003ctd align=\"center\" width=\"50%\"\u003e\n\n**🛡 Envoy Gateway Control**\n\n![Gateway](docs/screenshots/04-gateway.png)\n\nVisual editor for listeners, filter chains, and clusters. Changes are validated and pushed live to Envoy via xDS — no restarts, no YAML files.\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\" width=\"50%\"\u003e\n\n**🔍 IP Intelligence**\n\n![IP Intelligence](docs/screenshots/03-ip-intelligence.png)\n\nEvery IP auto-profiled: geolocation, ASN, VPN/Tor detection, AbuseIPDB score, and full request history. AI patrol sweeps run in the background and auto-block threats.\n\n\u003c/td\u003e\n\u003ctd align=\"center\" width=\"50%\"\u003e\n\n**🔒 TLS Automation**\n\n![Certs](docs/screenshots/05-certs.png)\n\nACME auto-renewal (Let's Encrypt, ZeroSSL), HTTP-01 \u0026 DNS-01 challenges, and a built-in Local CA for internal services — all pushed directly to Envoy SDS.\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003ctr\u003e\n\u003ctd align=\"center\" width=\"50%\"\u003e\n\n**🔔 AI Patrol \u0026 Alerts**\n\n![Patrol](docs/screenshots/06-patrol.png)\n\nScheduled AI sweeps classify traffic around the clock. Blocks and anomalies are pushed to Telegram, Discord, Slack, or webhook.\n\n\u003c/td\u003e\n\u003ctd align=\"center\" width=\"50%\"\u003e\n\n**📱 Mobile-ready**\n\n![Mobile](docs/screenshots/07-mobile.png)\n\nFull dashboard and Owl chat from any device. Ask Owl what happened in the last two hours — it triages threats, blocks IPs, and confirms — all from your phone.\n\n\u003c/td\u003e\n\u003c/tr\u003e\n\u003c/table\u003e\n\n---\n\n## Architecture\n\n```\nInternet ──▶ Envoy Proxy ──▶ Your services\n                  │\n          gRPC xDS (port 18000)\n                  │\n             ┌────▼─────┐\n             │  Aegis   │  port 8765\n             │          │\n             │ xDS CP   │  controls Envoy live\n             │ Analytics│  reads Envoy ALS logs\n             │ AI Engine│  classifies IPs\n             │ Cert Mgr │  ACME + Local CA → Envoy SDS\n             │ Dashboard│  web UI + REST API\n             └──────────┘\n```\n\n`linux/amd64` and `linux/arm64` — runs on x86 servers, Raspberry Pi, Synology NAS, and Apple Silicon.\n\n---\n\n## Configuration\n\n| Variable | Default | Description |\n|---|---|---|\n| `PORT` | `8765` | Dashboard + API port |\n| `XDS_PORT` | `18000` | Envoy gRPC xDS port |\n| `DATA_DIR` | `/data` | Persistent data directory |\n| `ADMIN_USERNAME` | `admin` | Admin username |\n| `ADMIN_PASSWORD` | `aegis` | Admin password — **change this** |\n| `AUTH_ENABLED` | `true` | Require login |\n| `BLOCK_ENABLED` | `true` | Enable auto IP blocking |\n| `NODE_ID` | `home` | Envoy node ID (must match envoy.yaml) |\n\nData is persisted at `/data/aegis.db` (SQLite). Mount a volume to keep data across container updates.\n\n---\n\n## Docs \u0026 Tutorials\n\n- [Getting started](docs/getting-started.md)\n- [Envoy configuration](docs/envoy-config.md)\n- [AI setup — Owl chat + threat analysis](docs/ai-setup.md)\n- [Notifications — Telegram, Discord, webhooks](docs/notifications.md)\n\n### Tutorial series: Exposing a service with Aegis\n\n| # | Tutorial | Description |\n|---|---|---|\n| 01 | [Local HTTPS with a whoami service](docs/tutorials/01-whoami-local-https.md) | Configure the gateway manually through the UI |\n| 02 | [Configure the Gateway with Owl AI](docs/tutorials/02-whoami-ai-setup.md) | Same setup — let Owl AI do the configuration from a single prompt |\n| 03 | [Understanding the Dashboard](docs/tutorials/03-understanding-the-dashboard.md) | Read live traffic data and analyse request patterns with Owl |\n| 04 | [AI-Driven Protection](docs/tutorials/04-ai-driven-protection.md) | Use Owl to disable a service under attack and bring it back |\n\n---\n\n## License\n\nDistributed as a compiled binary. Source code is proprietary. See [LICENSE](LICENSE).\n\nCommunity tier is **free forever**. Pro unlocks unlimited notification channels, longer log retention, and unlimited AI patrol sweeps.\n\n---\n\n## About\n\nBuilt by **Jerry Xie** — formerly network security at Palo Alto Networks, now Senior Software Engineer specialising in identity, distributed cloud, Kubernetes, and AI. Aegis started as a home lab project and grew into a product.\n\n**Issues \u0026 feature requests:** [GitHub Issues](https://github.com/axieyangb/aegis/issues)  \n**Enterprise / custom integrations:** [yyangxie@gmail.com](mailto:yyangxie@gmail.com)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faxieyangb%2Faegis","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faxieyangb%2Faegis","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faxieyangb%2Faegis/lists"}