{"id":51484040,"url":"https://github.com/daboss2003/mooring","last_synced_at":"2026-07-07T04:30:40.963Z","repository":{"id":365097142,"uuid":"1268762615","full_name":"daboss2003/mooring","owner":"daboss2003","description":"Mooring — a lightweight, security-first self-hosted PaaS / control plane for Docker. Deploy multi-service apps from one typed YAML: automatic HTTPS, monitoring, alerts, backups, Git deploys, self-healing — no Swarm or Kubernetes.","archived":false,"fork":false,"pushed_at":"2026-06-30T15:33:13.000Z","size":14304,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-06-30T16:26:55.426Z","etag":null,"topics":["caprover-alternative","control-plane","coolify-alternative","deployment","devops","docker","docker-compose","dokploy-alternative","golang","heroku-alternative","paas","self-hosted","self-hosted-paas"],"latest_commit_sha":null,"homepage":"https://daboss2003.github.io/mooring/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/daboss2003.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"docs/security.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-06-13T22:57:22.000Z","updated_at":"2026-06-30T15:33:36.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/daboss2003/mooring","commit_stats":null,"previous_names":["daboss2003/helmsman"],"tags_count":57,"template":false,"template_full_name":null,"purl":"pkg:github/daboss2003/mooring","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daboss2003%2Fmooring","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daboss2003%2Fmooring/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daboss2003%2Fmooring/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daboss2003%2Fmooring/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/daboss2003","download_url":"https://codeload.github.com/daboss2003/mooring/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daboss2003%2Fmooring/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35215221,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-07T02:00:07.222Z","response_time":90,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["caprover-alternative","control-plane","coolify-alternative","deployment","devops","docker","docker-compose","dokploy-alternative","golang","heroku-alternative","paas","self-hosted","self-hosted-paas"],"created_at":"2026-07-07T04:30:39.321Z","updated_at":"2026-07-07T04:30:40.955Z","avatar_url":"https://github.com/daboss2003.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"docs/assets/logo.svg\" width=\"96\" height=\"96\" alt=\"Mooring\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eMooring\u003c/h1\u003e\n\n**Run your apps on your own server — automatic HTTPS, live monitoring, and one clean dashboard — without the DevOps grind.**\n\nMooring is a single small binary you install on a Linux server that has Docker. It owns the public edge (Caddy + automatic HTTPS), watches your apps' health, and gives you a dashboard and CLI to deploy and manage everything — so a plain server becomes a place you can ship to in minutes. Each app is defined by a `mooring.yaml` in its Git repo: you describe the services, domains, and config there, connect the repo, and Mooring runs it — generating and owning the Compose file and Dockerfile for you. You never hand-write either, hand-edit a proxy config, or run `certbot`.\n\nThink of it as your own small Heroku or Netlify, running on a server you own. It's **secure by default**, and built around one rule: *hosting Mooring should never be the thing that gets your server hacked.*\n\n**What it is:** Mooring is a lightweight, **self-hosted PaaS / application control plane for Docker** — a self-hosted alternative to Heroku/Railway and to CapRover, Coolify, and Dokploy, **without Docker Swarm or Kubernetes**. You describe a multi-service app in one typed `mooring.yaml`; Mooring generates and owns the Compose file and Dockerfile, provisions HTTPS at the edge, and deploys, monitors, scales, and self-heals it.\n\nMost tools either put a UI on top of Docker (Portainer) or layer a PaaS on Swarm/Kubernetes (CapRover, Coolify). Mooring is a **control plane**, not another Docker dashboard:\n\n```\ntyped YAML  →  Mooring control plane  →  Docker Engine\n```\n\nThe Compose and Dockerfile underneath are generated implementation details you never hand-edit.\n\n## Why Mooring\n\n| | Mooring | CapRover | Coolify | Dokploy |\n|---|:--:|:--:|:--:|:--:|\n| No Docker Swarm required | ✅ | ❌ | ✅ | ✅ |\n| No Kubernetes | ✅ | ✅ | ✅ | ✅ |\n| Multi-service apps from one file | ✅ | ⚠️ limited | ✅ | ✅ |\n| Generates \u0026 **owns** Compose + Dockerfile | ✅ | ❌ | ❌ | ❌ |\n| Automatic HTTPS at the edge | ✅ | ✅ | ✅ | ✅ |\n| Built-in alerting + dead-man's switch | ✅ | ⚠️ basic | ⚠️ partial | ⚠️ partial |\n| Documented security / threat model | ✅ | ⚠️ partial | ⚠️ partial | ⚠️ partial |\n| Single static binary (no extra DB/services) | ✅ | ❌ | ❌ | ❌ |\n\n*Comparisons are best-effort as of 2026, based on each project's public docs — corrections via PR are welcome.*\n\n## Features\n\n- **Automatic HTTPS** — give an app a domain and Mooring issues and renews the certificate and routes traffic to it. No proxy to run, no certbot.\n- **A real dashboard** — health for every app and the host (with live CPU/memory/disk charts), logs, and start / stop / restart / redeploy per app or service.\n- **Safe deploys** — straight from a Git repo's `mooring.yaml`. Every change is checked before it goes live, with automatic rollback on failure.\n- **Deploy from Git, one click** — connect a repo (including one-click **Connect with GitHub**, which installs a read-only deploy key for you). Mooring watches for new commits and shows you what changed; you click Deploy. Access is fetch-only — Mooring never pushes to your repo.\n- **Several apps from one repo** — keep `mooring.yaml` plus variants like `mooring.staging.yaml` and `mooring.prod.yaml` in the same repo, and Mooring deploys **each as its own app** (you pick which on connect). One `mooring.yaml`? Nothing changes.\n- **Secrets, done right** — passwords and API keys are stored encrypted and referenced by name, never sitting in plain text in your files, repo, or logs.\n- **Incidents in one place** — open alerts, unhealthy apps, and recent failures roll up onto a single screen.\n- **Alerting** — optional email / webhook / Slack / Discord / Telegram, with quiet hours and an external dead-man's switch. Off until you turn it on.\n- **Scaling \u0026 self-healing** — optional, conservative automation that keeps stateless services responsive and recovers crashed ones (and pages you when it can't).\n- **Backups** — encrypted snapshots of your whole Mooring setup, with a safe restore onto a fresh server.\n- **Single static binary** — no external services, no asset pipeline, no build step. Runs as its own systemd unit.\n\n## Install\n\nMooring is third-party, so (like Docker or Tailscale) `apt` needs to know where to find it. Two ways:\n\n**Quickest** — grab the `.deb` from the [latest release](https://github.com/daboss2003/mooring/releases/latest) and install it directly:\n\n```bash\nsudo apt install ./mooring_\u003cversion\u003e_amd64.deb\n```\n\n**For automatic `apt upgrade` updates** — add the signed APT repo once, then install:\n\n```bash\ncurl -fsSL https://daboss2003.github.io/mooring/gpg.key | sudo gpg --dearmor -o /usr/share/keyrings/mooring.gpg\necho \"deb [signed-by=/usr/share/keyrings/mooring.gpg] https://daboss2003.github.io/mooring stable main\" | sudo tee /etc/apt/sources.list.d/mooring.list\nsudo apt update \u0026\u0026 sudo apt install mooring\n```\n\nA matching `.rpm` and standalone binaries are on every [release](https://github.com/daboss2003/mooring/releases). Full setup — generating your login + key, the config file, and starting the service — is in the [installation guide](./docs/installation.md).\n\n## Quickstart\n\n1. **[Install it](./docs/installation.md)** and generate your login + master key over SSH.\n2. Open the dashboard at your `admin.hostname`.\n3. **[Deploy your first app](./docs/first-steps.md)** — connect its Git repo (its `mooring.yaml` defines the app), set its secrets, and give it a domain.\n\nAfter install, you work entirely in the dashboard. To change an app's structure, edit its `mooring.yaml` and deploy — see [The `mooring.yaml` file](./docs/definition-file.md).\n\n## What you can do in the dashboard\n\n- **Overview \u0026 Apps** — every app's status at a glance; open one to see services, logs, and lifecycle controls.\n- **Repository \u0026 updates** — for repo-backed apps: what changed, and Deploy / Redeploy.\n- **Edge \u0026 TLS** — see the routes declared in an app's `mooring.yaml`; Mooring handles the certificate and routing.\n- **Env \u0026 secrets** — set your apps' secret values and non-secret env (the `mooring.yaml` declares secret *names*; the values live encrypted, never in the file). Config files and cert bindings are editable here too (and can be seeded from the file).\n- **Incidents \u0026 Alerts** — see what needs you, and configure how you're notified.\n- **Audit log, API tokens, Backups** — review privileged actions, manage machine tokens, and snapshot your setup.\n\n## Command line\n\nThe dashboard is the day-to-day surface. The CLI is for installation and the occasional power-user task:\n\n| Command | What it does |\n|---|---|\n| `mooring serve` | Run the dashboard + managed edge. |\n| `mooring gen-key` · `hash-password` · `gen-totp` · `verify-key` | Generate the master key, password hash, and 2FA secret over SSH (the root of trust). |\n| `mooring validate` · `init` | Check a `mooring.yaml`, or scaffold a starter one (read-only, CI-safe). |\n| `mooring secret import` | Import an existing `.env` into an app's encrypted store. |\n| `mooring token mint` · `list` · `revoke` | Manage scoped API tokens. |\n| `mooring restore` | Restore Mooring's database from an encrypted backup. |\n\nFull reference: [docs/cli.md](./docs/cli.md).\n\n## Security\n\nMooring is secure out of the box, with no tuning required: the dashboard is private (loopback + IP allowlist), traffic is HTTPS, secrets are encrypted at rest, a push can't deploy itself, and an unsafe configuration makes it refuse to start rather than run insecure. If you're evaluating it, the [security model](./docs/security.md) covers the threat model and design in full.\n\n\u003e Mooring runs the write plane (`docker compose up/pull/build`) on servers with **≥ 1 GB RAM**; monitoring and HTTPS run fine on a smaller box.\n\n## Documentation\n\n📖 **[Read the docs →](./docs/README.md)** — start with the three-page on-ramp: **[Introduction](./docs/introduction.md) → [Install](./docs/installation.md) → [First steps](./docs/first-steps.md)**.\n\nGuides: [Deploy from Git](./docs/gitops.md) · [Edge \u0026 TLS](./docs/edge-and-tls.md) · [Secrets \u0026 config files](./docs/config-files-and-secrets.md) · [Import a `.env`](./docs/env-import.md) · [Scaling \u0026 self-healing](./docs/scaling-and-self-healing.md) · [Alerts](./docs/alerting.md) · [Backups](./docs/backup-and-recovery.md) · [Many apps on one server](./docs/host-file.md) · [The `mooring.yaml` file](./docs/definition-file.md). For internals: [Architecture](./docs/architecture.md) · [Security](./docs/security.md).\n\n## License \u0026 contributing\n\n- **License** — [Apache License 2.0](./LICENSE) (see also [NOTICE](./NOTICE)).\n- **Contributing** — see [CONTRIBUTING.md](./CONTRIBUTING.md). Because safety is the paramount requirement, changes to security-sensitive areas re-trigger the project's security checks before merge.\n- **Security reports** — please report vulnerabilities privately (see [docs/security.md](./docs/security.md)) rather than opening a public issue.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaboss2003%2Fmooring","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdaboss2003%2Fmooring","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaboss2003%2Fmooring/lists"}