{"id":47606828,"url":"https://github.com/ovexro/dockpanel","last_synced_at":"2026-06-07T07:00:45.007Z","repository":{"id":347734566,"uuid":"1189908370","full_name":"ovexro/dockpanel","owner":"ovexro","description":"Modern server management panel built with Rust and React. Sites, databases, Docker apps, Git deploy, mail, DNS, monitoring, backups, and security — all in one panel.","archived":false,"fork":false,"pushed_at":"2026-06-07T05:41:49.000Z","size":10895,"stargazers_count":381,"open_issues_count":36,"forks_count":62,"subscribers_count":5,"default_branch":"main","last_synced_at":"2026-06-07T06:22:03.041Z","etag":null,"topics":["control-panel","devops","docker","hosting-panel","react","rust","self-hosted","server-management","vps","web-hosting"],"latest_commit_sha":null,"homepage":"https://dockpanel.dev","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ovexro.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"ovexro","custom":["https://www.paypal.me/ovexro"]}},"created_at":"2026-03-23T19:35:12.000Z","updated_at":"2026-06-07T05:41:53.000Z","dependencies_parsed_at":"2026-03-29T11:04:26.128Z","dependency_job_id":"8c82569e-b91d-46d8-a4a9-d2ef333c8ae7","html_url":"https://github.com/ovexro/dockpanel","commit_stats":null,"previous_names":["ovexro/dockpanel"],"tags_count":75,"template":false,"template_full_name":null,"purl":"pkg:github/ovexro/dockpanel","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ovexro%2Fdockpanel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ovexro%2Fdockpanel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ovexro%2Fdockpanel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ovexro%2Fdockpanel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ovexro","download_url":"https://codeload.github.com/ovexro/dockpanel/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ovexro%2Fdockpanel/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":34011812,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-07T02:00:07.652Z","response_time":124,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["control-panel","devops","docker","hosting-panel","react","rust","self-hosted","server-management","vps","web-hosting"],"created_at":"2026-04-01T19:31:07.457Z","updated_at":"2026-06-07T07:00:44.981Z","avatar_url":"https://github.com/ovexro.png","language":"Rust","funding_links":["https://github.com/sponsors/ovexro","https://www.paypal.me/ovexro"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\".github/screenshots/dp-dashboard.png\" alt=\"DockPanel Dashboard\" width=\"800\"\u003e\n\u003c/p\u003e\n\n\u003ch1 align=\"center\"\u003eDockPanel\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong\u003eThe most feature-packed free server panel ever built.\u003c/strong\u003e\u003cbr\u003e\n  Self-hosted. Docker-native. Written in Rust. Panel services run on \u003cstrong\u003e~19MB of RAM\u003c/strong\u003e. 776 API endpoints. 152 app templates. 454 E2E tests. ~41MB binaries. Zero subscriptions.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/ovexro/dockpanel/releases\"\u003e\u003cimg src=\"https://img.shields.io/github/v/release/ovexro/dockpanel\" alt=\"Release\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/ovexro/dockpanel/actions\"\u003e\u003cimg src=\"https://img.shields.io/github/actions/workflow/status/ovexro/dockpanel/ci.yml?label=CI\" alt=\"CI\"\u003e\u003c/a\u003e\n  \u003ca href=\"LICENSE\"\u003e\u003cimg src=\"https://img.shields.io/badge/License-BSL_1.1-blue.svg\" alt=\"License: BSL 1.1\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://dockpanel.dev\"\u003eWebsite\u003c/a\u003e \u0026bull;\n  \u003ca href=\"https://docs.dockpanel.dev\"\u003eDocs\u003c/a\u003e \u0026bull;\n  \u003ca href=\"CHANGELOG.md\"\u003eChangelog\u003c/a\u003e \u0026bull;\n  \u003ca href=\"https://github.com/ovexro/dockpanel/discussions\"\u003eDiscussions\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n## Install\n\n```bash\ncurl -sL https://dockpanel.dev/install.sh | sudo bash\n```\n\nOpen `http://YOUR_SERVER_IP:8443`, create your admin account, done.\n\nSupports Ubuntu 20+, Debian 11+, CentOS 9+, Rocky 9+, Fedora 39+, Amazon Linux 2023. x86_64 and ARM64.\n\n## Why DockPanel?\n\nNo other free panel gives you Git push-to-deploy with blue-green zero-downtime updates, 152 one-click Docker app templates, per-image CVE scanning with deploy gating, a WAF, passkey login, GPU passthrough, multi-server management, reseller accounts, a developer CLI, and Infrastructure as Code — all while the panel services themselves use under 20MB of RAM. DockPanel does.\n\n| | DockPanel | HestiaCP | CloudPanel | RunCloud |\n|---|---|---|---|---|\n| **Price** | **Free** | Free | Free | $8/mo+ |\n| **Stack** | **Rust + React** | PHP | PHP | PHP (SaaS) |\n| **Docker native** | **152 templates** | No | No | No |\n| **Git deploy** | **Blue-green, zero-downtime** | No | No | Basic |\n| **Multi-server** | **Unlimited** | No | No | Yes |\n| **Reseller + white-label** | **Yes** | Reseller only | No | No |\n| **CLI + IaC** | **Full CLI + YAML export** | Limited | No | No |\n| **RAM usage (panel)** | **~19MB** | ~200MB+ | ~150MB+ | SaaS |\n| **ARM64 / Homelab** | **Yes** | Partial | No | No |\n| **Self-hosted** | **Yes** | Yes | Yes | No |\n\n## Screenshots\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eDashboard\u003c/strong\u003e — Live server metrics, 24h graphs, site overview, recent activity\u003c/summary\u003e\n\n![Dashboard](.github/screenshots/dp-dashboard.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eSites\u003c/strong\u003e — Static, PHP, Node.js, Python, reverse proxy with Nginx + SSL\u003c/summary\u003e\n\n![Sites](.github/screenshots/dp-sites.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eSite Detail\u003c/strong\u003e — SSL, WAF, file manager, terminal, backups, resource limits, custom nginx\u003c/summary\u003e\n\n![Site Detail](.github/screenshots/dp-site-detail.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eDocker Apps\u003c/strong\u003e — 152 one-click templates across 14 categories\u003c/summary\u003e\n\n![Docker Apps](.github/screenshots/dp-apps.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eDatabases\u003c/strong\u003e — MySQL/PostgreSQL, SQL browser, schema viewer, point-in-time recovery\u003c/summary\u003e\n\n![Databases](.github/screenshots/dp-databases.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eFile Manager\u003c/strong\u003e — Browse, edit, upload files from the browser\u003c/summary\u003e\n\n![File Manager](.github/screenshots/dp-file-manager.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eTerminal\u003c/strong\u003e — Full SSH in the browser with tabs, themes, session recording\u003c/summary\u003e\n\n![Terminal](.github/screenshots/dp-terminal.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eGit Deploy\u003c/strong\u003e — Push-to-deploy, atomic zero-downtime deploys, preview environments\u003c/summary\u003e\n\n![Git Deploy](.github/screenshots/dp-git-deploy.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eMonitoring\u003c/strong\u003e — HTTP/TCP/ping uptime checks, SLA tracking, PagerDuty integration\u003c/summary\u003e\n\n![Monitoring](.github/screenshots/dp-monitoring.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eSecurity\u003c/strong\u003e — Firewall, Fail2Ban, SSH hardening, vulnerability scanning, audit logs\u003c/summary\u003e\n\n![Security](.github/screenshots/dp-security.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eBackups\u003c/strong\u003e — Scheduled backups, S3/SFTP destinations, Restic incremental, one-click restore\u003c/summary\u003e\n\n![Backups](.github/screenshots/dp-backups.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eDNS\u003c/strong\u003e — Cloudflare + PowerDNS, zone management, cache purge, security settings\u003c/summary\u003e\n\n![DNS](.github/screenshots/dp-dns.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eMail\u003c/strong\u003e — Postfix + Dovecot + DKIM, Roundcube webmail, Rspamd spam filter\u003c/summary\u003e\n\n![Mail](.github/screenshots/dp-email.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eCron Jobs\u003c/strong\u003e — Scheduled tasks with output logging\u003c/summary\u003e\n\n![Cron Jobs](.github/screenshots/dp-crons.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eSystem\u003c/strong\u003e — Services, updates, diagnostics, auto-healing\u003c/summary\u003e\n\n![System](.github/screenshots/dp-system.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eSettings\u003c/strong\u003e — Branding, notifications, alert channels, account security\u003c/summary\u003e\n\n![Settings](.github/screenshots/dp-settings.png)\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003eLogin\u003c/strong\u003e — Email/password + passkey (WebAuthn) support\u003c/summary\u003e\n\n![Login](.github/screenshots/dp-login.png)\n\u003c/details\u003e\n\n## Features\n\n### Hosting\n- **Sites** — Static, PHP (8.1-8.4), Node.js, Python, reverse proxy. Automatic Nginx config, SSL, PHP-FPM pools.\n- **Databases** — MySQL/PostgreSQL in Docker. Built-in SQL browser, visual schema browser, point-in-time recovery (WAL/binlog). Auto-cleanup on site delete.\n- **Docker Apps** — 152 templates across 14 categories (AI, CMS, Database, Media, Monitoring, and more). Compose stacks. Resource limits. GPU passthrough.\n- **Git Deploy** — Push-to-deploy. Atomic zero-downtime deploys (Capistrano-style). Nixpacks (30+ languages). Preview environments.\n- **WordPress Toolkit** — Multi-site dashboard, vulnerability scanning, security hardening, bulk updates.\n- **CMS Install** — WordPress, Laravel, Drupal, Joomla, Symfony, CodeIgniter — one click.\n- **Backups** — Scheduled, S3/SFTP remote destinations, one-click restore. Restic incremental (encrypted, deduplicated).\n- **Backup Orchestrator** — DB/volume backups, AES-256 encryption, restore verification, cross-resource policies, S3/SFTP/B2/GCS destinations, health dashboard.\n- **CDN** — BunnyCDN and Cloudflare CDN management. Cache purge, bandwidth stats, pull zone discovery.\n- **Image Optimization** — Server-side WebP/AVIF conversion per site.\n- **Secrets Manager** — AES-256-GCM encrypted vaults, version history, auto-inject to .env, masked API, CLI pull endpoint.\n- **Webhook Gateway** — Inbound endpoints with unique URLs, HMAC-SHA256/SHA1 verification, request inspector, route builder, retry/replay.\n\n### Operations\n- **Multi-Server** — Manage remote servers from one panel. Agent auto-registers.\n- **DNS** — Cloudflare + PowerDNS. Zone templates, propagation checker, DNSSEC. Cloudflare cache purge, security settings, Cloudflare Tunnel.\n- **Container Management** — Auto-sleep (scale to zero), auto-update detection, per-user isolation policies, app migration between servers.\n- **Mail** — Postfix + Dovecot + OpenDKIM. Webmail (Roundcube), spam filter (Rspamd), SMTP relay.\n- **Monitoring** — HTTP/TCP/ping uptime checks, SLA tracking, PagerDuty integration.\n- **Prometheus + Grafana** — Token-gated `/api/metrics` scrape endpoint (off by default) plus a drop-in [fleet dashboard](dashboards/dockpanel-grafana.json) covering CPU/memory/disk, GPU utilization/VRAM/temp/power, sites, and alerts. See [docs/guides/prometheus.md](docs/guides/prometheus.md).\n- **Incident Management** — Full lifecycle (investigating, identified, monitoring, resolved, postmortem), severity levels, timeline, affected components.\n- **Public Status Page** — Standalone dark-themed page at `/status`, component groups, email subscribers, overall status auto-computed from checks.\n- **Terminal** — Full SSH with tabs, themes, sharing, session recording.\n\n### Security\n- **Passkey/WebAuthn** — Passwordless login with biometrics or security keys. Plus 2FA/TOTP with recovery codes.\n- **WAF** — ModSecurity3 + OWASP CRS v4 per site. Detection or prevention mode. Event viewer.\n- **CSP \u0026 Bot Protection** — Per-site Content Security Policy headers and bot rate limiting.\n- **Firewall** — UFW management with smart port opener.\n- **Fail2Ban** — View/ban/unban IPs, panel-specific jail.\n- **SSH Hardening** — Disable password/root login, change port — one click.\n- **Vulnerability Scanning** — File integrity, security headers, full-server audits.\n- **Per-Image CVE Scanning** — Scan every running Docker app's image with Anchore grype. Severity badge per app row on the Apps page. Scheduled background rescans (configurable interval). Soft deploy gate refuses deploys on images exceeding a critical/high/medium threshold. Grype installs self-contained into `/var/lib/dockpanel/scanners/` from the Settings UI. **Defaults to off** — opt in from Settings → Services → Image Vulnerability Scanning.\n- **Signed Releases + SBOM** — Every release binary and its SPDX SBOM is signed in CI with cosign keyless via Sigstore (no long-lived signing key, recorded in the public Rekor transparency log). Verification snippet in [SECURITY.md](SECURITY.md#verifying-release-signatures).\n- **Per-Image SBOM Generation** — Generate an SPDX 2.3 JSON SBOM for any deployed Docker app's image on demand (syft). Click \"Download SBOM\" in any app's scan drawer. Self-contained install at `/var/lib/dockpanel/scanners/syft`. **Defaults to off** — opt in from Settings → Services → SBOM Generation. Companion to image CVE scanning: composition vs. risk.\n- **Auto-Healing** — Restart crashed services, clean disk, renew expiring SSL, auto-sleep idle containers.\n\n### Developer Experience\n- **CLI** — `dockpanel status`, `sites`, `apps`, `diagnose`, `export`, `apply`\n- **Infrastructure as Code** — Export/import server config as YAML. Terraform/Pulumi provider API with scoped IaC tokens.\n- **Smart Diagnostics** — 6 check categories with one-click fixes. Auto-optimization recommendations.\n- **File Manager** — Browse, edit, upload files from the browser.\n- **Command Palette** — Ctrl+K to navigate anywhere.\n- **Nginx FastCGI Cache** — Per-site toggle with smart bypass for logged-in users.\n- **Redis Object Cache** — Per-site isolated Redis DB with WP auto-config.\n\n### Themes \u0026 Layouts\n- **6 Themes** — Terminal (hacker green), Midnight (navy blue), Ember (warm amber), Arctic (light teal), Clean (light blue SaaS), Clean Dark (GitHub-dark).\n- **3 Layouts** — Sidebar (full sidebar nav), Compact (collapsible icon rail), Topbar (horizontal navbar).\n\n### Business\n- **Reseller Accounts** — Admin → Reseller → User hierarchy with quotas.\n- **White-Label** — Custom logo, colors, panel name per reseller.\n- **OAuth/SSO** — Google, GitHub, GitLab login.\n- **Extension API** — Webhook events with HMAC signing and scoped API keys.\n- **WHMCS Integration** — Provisioning, suspension, termination hooks. Auto-create users from billing.\n- **Horizontal Auto-Scaling** — Rule-based CPU thresholds with min/max replicas and cooldown.\n- **Migration Wizard** — Import from cPanel, HestiaCP. Plesk (beta). App migration between servers.\n- **Teams** — Multi-user access with role-based permissions.\n\n## Architecture\n\n```\nBrowser → React 19 SPA → Nginx\n                           ├── /api/* → API (Rust/Axum)\n                           │              ├── PostgreSQL 16\n                           │              └── Agent (Unix socket / HTTPS)\n                           │                     └── Docker, Nginx, SSL, files, terminal\n                           └── /*     → Frontend (static files)\n```\n\n**3 Rust binaries**: Agent (~21MB), API (~20MB), CLI (~1MB). Runtime RAM: ~12MB agent + ~7MB API ≈ 19MB for the panel itself; ~85MB with the bundled PostgreSQL. 11 background services.\n\n| Component | Tech | Role |\n|-----------|------|------|\n| Agent | Rust/Axum | Root-level host operations (Docker, Nginx, SSL, files) |\n| API | Rust/Axum + SQLx | Auth, business logic, multi-server dispatch, background tasks |\n| CLI | Rust/Clap | Command-line interface for automation |\n| Frontend | React 19 + Vite + Tailwind 4 | Browser UI with 6 themes + 3 layouts |\n\n## Security\n\nDockPanel has undergone seven rounds of security auditing (280+ vulnerabilities found and fixed). Credentials are encrypted at rest with AES-256-GCM. All child processes run with sanitized environments. Per-image CVE scanning (grype) with optional deploy gating catches vulnerable images before they ship. See [SECURITY.md](SECURITY.md) for details.\n\n## Development\n\n```bash\ngit clone https://github.com/ovexro/dockpanel.git \u0026\u0026 cd dockpanel\n\n# Start database\ndocker run -d --name dockpanel-postgres \\\n  -e POSTGRES_USER=dockpanel -e POSTGRES_PASSWORD=dockpanel -e POSTGRES_DB=dockpanel \\\n  -p 5450:5432 postgres:16\n\n# Build\ncargo build --release --manifest-path panel/agent/Cargo.toml\ncargo build --release --manifest-path panel/backend/Cargo.toml\ncargo build --release --manifest-path panel/cli/Cargo.toml\ncd panel/frontend \u0026\u0026 npm install \u0026\u0026 npx vite build\n```\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md) for full development setup.\n\n## CLI\n\n```bash\ndockpanel status              # Server status (CPU, RAM, disk)\ndockpanel sites               # List all sites\ndockpanel apps                # List Docker apps\ndockpanel diagnose            # Run smart diagnostics\ndockpanel export -o config.yml  # Export server config as YAML\ndockpanel apply config.yml    # Apply config (Infrastructure as Code)\n```\n\n## Update / Uninstall\n\n```bash\nsudo bash /opt/dockpanel/scripts/update.sh     # Update\nsudo bash /opt/dockpanel/scripts/uninstall.sh   # Remove\n```\n\n## Documentation\n\n- [Live Docs](https://docs.dockpanel.dev) — Getting started, guides, configuration\n- [FEATURES.md](FEATURES.md) — Complete feature manifest (60+ features, ~280 capabilities)\n- [CHANGELOG.md](CHANGELOG.md) — Version history\n- [SECURITY.md](SECURITY.md) — Security model and vulnerability reporting\n- [CONTRIBUTING.md](CONTRIBUTING.md) — Development setup and PR process\n\n## License\n\nBusiness Source License 1.1. Free to use on your own servers. See [LICENSE](LICENSE) for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fovexro%2Fdockpanel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fovexro%2Fdockpanel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fovexro%2Fdockpanel/lists"}