{"id":42811273,"url":"https://github.com/jaro-c/lynx","last_synced_at":"2026-03-10T08:05:25.854Z","repository":{"id":276404012,"uuid":"929188012","full_name":"Jaro-c/Lynx","owner":"Jaro-c","description":"⚡ A blazingly fast, modern, and secure process manager for Linux. The zero-overhead, systemd-native alternative to PM2 powered by Go.","archived":false,"fork":false,"pushed_at":"2026-03-08T18:02:19.000Z","size":491,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-03-08T21:33:14.226Z","etag":null,"topics":["community","daemon","deployment","devops","golang","isolation","linux","non-commercial","open-source-like","pm2","pm2-alternative","process-manager","sandboxing","security","supervisor","systemd"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Jaro-c.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null},"funding":{"github":"Jaro-c"}},"created_at":"2025-02-08T01:11:49.000Z","updated_at":"2026-03-08T18:02:23.000Z","dependencies_parsed_at":"2025-02-09T16:46:03.325Z","dependency_job_id":null,"html_url":"https://github.com/Jaro-c/Lynx","commit_stats":null,"previous_names":["jaro-c/lynx"],"tags_count":15,"template":false,"template_full_name":null,"purl":"pkg:github/Jaro-c/Lynx","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jaro-c%2FLynx","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jaro-c%2FLynx/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jaro-c%2FLynx/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jaro-c%2FLynx/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Jaro-c","download_url":"https://codeload.github.com/Jaro-c/Lynx/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jaro-c%2FLynx/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30327588,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-10T05:25:20.737Z","status":"ssl_error","status_checked_at":"2026-03-10T05:25:17.430Z","response_time":106,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["community","daemon","deployment","devops","golang","isolation","linux","non-commercial","open-source-like","pm2","pm2-alternative","process-manager","sandboxing","security","supervisor","systemd"],"created_at":"2026-01-30T05:17:31.834Z","updated_at":"2026-03-10T08:05:25.844Z","avatar_url":"https://github.com/Jaro-c.png","language":"Go","readme":"# 🦁 Lynx\n\n\u003cdiv align=\"center\"\u003e\n  \u003ch3\u003eThe Secure, Systemd-Native Process Manager for Linux\u003c/h3\u003e\n  \u003cp\u003eA lightning-fast, highly secure alternative to PM2 or Supervisor—built specifically for modern Debian/Ubuntu servers.\u003c/p\u003e\n\n  \u003cimg src=\"https://img.shields.io/badge/OS-Linux%20Only-informational?style=for-the-badge\u0026logo=linux\u0026color=2ecc71\" alt=\"Linux Only\" /\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Go-1.26+-00ADD8?style=for-the-badge\u0026logo=go\" alt=\"Go Version\" /\u003e\n  \u003cimg src=\"https://img.shields.io/github/v/release/Jaro-c/Lynx?style=for-the-badge\u0026color=ff69b4\" alt=\"Release\" /\u003e\n\u003c/div\u003e\n\n---\n\n## ✨ Why Lynx? (vs PM2 \u0026 Supervisor)\n\nStop wrestling with complex configurations, high RAM overhead, and insecure wrappers. Lynx gives you superpowers by natively combining the rock-solid reliability of `systemd` with a beautiful, modern CLI.\n\n| Feature | 🦁 Lynx | 🐢 PM2 | 🦖 Supervisor |\n| :--- | :--- | :--- | :--- |\n| **Technology** | `Compiled Go` (Native) | `Node.js` (V8 Engine) | `Python` (Interpreted) |\n| **Base RAM Overhead** | **~10 MB** ⚡ | ~60-100+ MB 🐌 | ~50+ MB 🐢 |\n| **Daemon Engine** | **Native OS (`systemd`)** 🛡️ | Custom (PM2 Daemon) ❌ | Custom (supervisord) ❌ |\n| **Crash Resilience** | Perfect (Apps outlive CLI) | Poor (Apps die with PM2) | Poor (Apps die with daemon) |\n| **Sandboxing \u0026 Security**| **DynamicUser isolation** 🔒 | Root / User-space ⚠️ | Root / User-space ⚠️ |\n| **Config Format** | `CLI` / `Lynxfile.yml` | `Ecosystem.config.js` | `ini` files |\n\n---\n\n## 🔒 The \"Zero-Privilege\" Deploy\n\nThe most powerful feature of Lynx. Start an API fully isolated: **no access to `/home`**, **no new privileges**, and secrets are passed securely via systemd without writing them to global disk variables.\n\n```bash\nlynx start api.js \\\n  --name max-security-api \\\n  --isolation dynamic \\\n  --env-file .env.production\n```\n\nIt is impossible to achieve this level of security with one command in other managers.\n\n---\n\n## ⚡ 1-Minute Quickstart\n\nGetting your app running has never been this easy.\n\n### 1. Install the Pre-built Package\nForget about compiling source code. Just download the Debian package!\n\n```bash\n# Download the package (check the Releases tab for the latest version)\ncurl -L -o lynxd.deb \"$(curl -s https://api.github.com/repos/Jaro-c/Lynx/releases/latest | grep browser_download_url | grep amd64.deb | cut -d '\"' -f 4)\"\n\n# Install it\nsudo apt install ./lynxd.deb\n\n# Clean up the downloaded file\nrm lynxd.deb\n\n# Add yourself to the lynx admin group \u0026 enable the backend engine\nsudo usermod -aG lynxadm $USER\nnewgrp lynxadm\nsudo systemctl enable --now lynx.lynxd\n\n# (Optional) Make your dev tools (bun, node, go) visible to Lynx\nsudo lynx install-tools\n\n# Verify the daemon is running securely\nsudo systemctl status lynx.lynxd\n```\n\n### 2. Deploy your application!\nThat's it! Let's bring your app to life in seconds:\n\n```bash\n# Start your program and keep it running 24/7 forever\nlynx start \"node server.js\" --name ultra-api --restart always\n\n# Watch the magic happen with real-time stats\nlynx list\n\n# Check your application logs in real-time\nlynx logs ultra-api --follow\n```\n\n---\n## 🔒 Access Model\n\nLynx supports two modes of operation:\n\n### 1. System Mode (Default)\n- **Daemon**: Runs as a system service (`lynxd`), managed by `systemd`.\n- **User**: `lynx` (system user).\n- **Socket**: `/run/lynxd/lynx.sock`.\n- **Permissions**: Restricted to `root` and members of the `lynxadm` group (mode `0660`).\n- **Environment**: Does **not** inherit system environment variables (to prevent leaking secrets). Whitelists safe variables (`PATH`, `LANG`, `XDG_*`, `LC_*`).\n- **Use Case**: Production servers where a central daemon manages services.\n- **Setup**: Add your user to the `lynxadm` group:\n  ```bash\n  sudo usermod -aG lynxadm $USER\n  newgrp lynxadm\n  ```\n\n### 2. User Mode\n- **Daemon**: Runs as a user service (`systemd --user`).\n- **User**: The current logged-in user.\n- **Socket**: `$XDG_RUNTIME_DIR/lynx/lynx.sock`.\n- **Permissions**: Restricted to the owner (`0600`).\n- **Environment**: Inherits the full user environment.\n- **Use Case**: Development environments or per-user service management.\n## 🛠️ Commands\n\n| Command | Description | Documentation |\n|---------|-------------|---------------|\n| `start` | Start a new process with monitoring, scheduling, and restart policies. | [Docs](docs/commands/start.md) |\n| `list` | List all managed processes with real-time status and metrics. | [Docs](docs/commands/list.md) |\n| `logs` | View and follow process logs (stdout/stderr). | [Docs](docs/commands/logs.md) |\n| `show` | Show detailed information about a process. | [Docs](docs/commands/show.md) |\n| `stop` | Stop one or more running processes. | [Docs](docs/commands/stop.md) |\n| `restart` | Restart one or more processes. | [Docs](docs/commands/restart.md) |\n| `reload` | Reload process configuration and restart. | [Docs](docs/commands/reload.md) |\n| `flush` | Truncate process log files. | [Docs](docs/commands/flush.md) |\n| `delete` | Delete one or more processes and their configurations. | [Docs](docs/commands/delete.md) |\n| `apply` | Apply a declarative Lynxfile.yml and start apps. | [Docs](docs/commands/apply.md) |\n| `export` | Export a namespace to Lynxfile.yml. | [Docs](docs/commands/export.md) |\n| `startup` | Enable system startup for the daemon (systemd). | [Docs](docs/commands/startup.md) |\n| `version` | Display CLI, Daemon, and Protocol version information. | [Docs](docs/commands/version.md) |\n| `update` | Check for updates and apply them. | [Docs](docs/commands/update.md) |\n| `install-tools` | Automatically link dev tools (bun, node, etc) to system path. | [Docs](docs/commands/install-tools.md) |\n| `help` | Show help for any command. | [Docs](docs/commands/help.md) |\n\n## ⚙️ Advanced Installation \u0026 Build from Source\n\nIf you prefer modifying the source code or building the binaries yourself:\n\n```bash\n# 1. Clone repository\ngit clone https://github.com/Jaro-c/Lynx.git\ncd Lynx\n\n# 2. Build binaries manually\n$env:GOOS=\"linux\"; $env:GOARCH=\"amd64\"; go build -v -o lynx_linux_amd64 ./cmd/lynx\n\n# 3. Build \u0026 Install Debian Package locally\nsudo apt-get update \u0026\u0026 sudo apt-get install -y build-essential debhelper\ndpkg-buildpackage -us -uc -b\nsudo dpkg -i ../lynx-pm_*.deb\n```\n\n### User Mode (Optional)\nIf you prefer per-user isolation without system-wide privileges:\n```bash\n# Start the daemon as your user (in a separate terminal)\nsystemd --user \u0026\n# Then use lynx with default user-mode socket ($XDG_RUNTIME_DIR/lynx-\u003cuid\u003e/lynx.sock)\nlynx list\n```\n\n## 🚀 Deployment Guide (Debian/Ubuntu)\n\n1. Install Lynx using either Option A or B above.\n2. Add your user to `lynxadm` (system mode) and re-login or run `newgrp lynxadm`.\n3. Verify daemon logs:\n   ```bash\n   journalctl -u lynx.lynxd -f\n   ```\n4. Start your application:\n   ```bash\n   lynx start app.js --name my-api --restart on-failure\n   ```\n5. Use secure isolation for production:\n   ```bash\n   lynx start app.js --name my-api --isolation dynamic --env-file .env\n   ```\n6. Inspect and follow logs:\n   ```bash\n   lynx logs my-api --follow\n   ```\n7. Manage lifecycle:\n   ```bash\n   lynx list\n   lynx show my-api\n   lynx reload my-api\n   lynx restart my-api\n   lynx stop my-api\n   lynx delete --purge my-api\n   ```\n\n## 📚 Getting Started Tutorial\n\n### 1. Install Lynx\nUse the prebuilt `.deb` and enable `lynxd` as shown in the Installation section.\n\n### 2. Start a simple app\n```bash\nlynx start \"node server.js\" --name hello --restart on-failure\n```\n\n### 3. Scale instances\n```bash\nlynx start \"node server.js\" --name hello --scale 3 --shell\n```\nNote: `--shell` enables variable expansion. Ensure each instance binds to a unique port.\n\n### 4. Monitor and logs\n```bash\nlynx monit\nlynx logs hello --follow\n```\n\n### 5. Secure isolation and env\n```bash\necho \"PORT=8080\" \u003e .env\nlynx start server.js --name secure-hello --isolation dynamic --env-file .env\n```\n\n### 6. Export and re-apply configurations\n```bash\nlynx export --namespace default \u003e Lynxfile.yml\nlynx apply Lynxfile.yml\n```\n\n## 👨‍💻 Development\n\n**Note for Windows Developers**:\nSince Lynx is Linux-only, we recommend using **VS Code Remote-WSL**.\nIf you are editing on Windows, you may see false positive errors (e.g., \"build constraints exclude all Go files\").\nTo fix this in your editor settings, set the environment variable:\n`GOOS=linux`\n\n## 📦 Packaging\n\nLynx is designed to be installed as a native Debian package. See `docs/BUILDING_UBUNTU_RELEASE.md` for full instructions.\n\n## ⚠️ Troubleshooting\n\n### Dynamic Isolation \u0026 Systemd Permissions\nWhen using `--isolation dynamic`, Lynx uses `systemd-run` to spawn transient services. The `lynxd` daemon runs as the `lynx` user.\n\n- **Standard Setup**: The Debian package (`lynx-pm`) automatically installs a restrictive Polkit rule (`/usr/share/polkit-1/rules.d/lynx-pm.polkit.rules`).\n- **Security**: This rule **ONLY** allows the `lynx` user to manage units whose names start with `lynx-`.\n    - ✅ **Allowed**: `systemctl stop lynx-app-123.service`\n    - ❌ **Blocked**: `systemctl stop sshd.service`, `systemctl stop docker.service`\n- **No Action Required**: You do not need to configure anything manually. The installation script handles permissions for you securely.\n","funding_links":["https://github.com/sponsors/Jaro-c"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjaro-c%2Flynx","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjaro-c%2Flynx","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjaro-c%2Flynx/lists"}