{"id":48907134,"url":"https://github.com/tyxak/remotepower","last_synced_at":"2026-05-24T10:00:41.792Z","repository":{"id":351630397,"uuid":"1210820062","full_name":"tyxak/remotepower","owner":"tyxak","description":"Self-hosted remote device management for Linux — shutdown, reboot, WoL, monitoring, CVEs, patches, etc. agent self-update — PIN enrollment, no inbound firewall rules, Nginx + Python CGI","archived":false,"fork":false,"pushed_at":"2026-05-14T15:26:21.000Z","size":10995,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-05-14T17:33:54.598Z","etag":null,"topics":["calendar","cmdb","cve","devops","homelab","linux","monitoring","nginx","patches","patching","python","redhat","remote-management","self-hosted","service-monitoring","sysadmin","tasks","ubuntu","vault","wake-on-lan"],"latest_commit_sha":null,"homepage":"https://demoremote.tvipper.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tyxak.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-14T19:39:50.000Z","updated_at":"2026-05-14T15:26:23.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/tyxak/remotepower","commit_stats":null,"previous_names":["tyxak/remotepower"],"tags_count":16,"template":false,"template_full_name":null,"purl":"pkg:github/tyxak/remotepower","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyxak%2Fremotepower","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyxak%2Fremotepower/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyxak%2Fremotepower/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyxak%2Fremotepower/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tyxak","download_url":"https://codeload.github.com/tyxak/remotepower/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyxak%2Fremotepower/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33429192,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-23T22:14:44.296Z","status":"online","status_checked_at":"2026-05-24T02:00:06.296Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["calendar","cmdb","cve","devops","homelab","linux","monitoring","nginx","patches","patching","python","redhat","remote-management","self-hosted","service-monitoring","sysadmin","tasks","ubuntu","vault","wake-on-lan"],"created_at":"2026-04-16T21:08:30.844Z","updated_at":"2026-05-24T10:00:41.787Z","avatar_url":"https://github.com/tyxak.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# RemotePower\n\n\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"docs/screenshots/logo-primary.png\" alt=\"RemotePower\" width=\"420\"\u003e\n\n**Self-hosted remote management for your Linux fleet — and your homelab.**\nWeb dashboard, push-based agents, no inbound ports. Set it up in five minutes.\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)\n[![Platform](https://img.shields.io/badge/platform-Linux%20%7C%20Windows-lightgrey.svg)](https://kernel.org)\n[![Docker](https://img.shields.io/badge/docker-ready-blue.svg)](https://hub.docker.com)\n[![Nginx](https://img.shields.io/badge/server-Nginx-green.svg)](https://nginx.org)\n[![Python](https://img.shields.io/badge/python-3.8+-yellow.svg)](https://python.org)\n[![Version](https://img.shields.io/badge/version-3.0.2-blue.svg)](https://github.com/tyxak/remotepower/releases)\n\n[Live demo](https://demoremote.tvipper.com) · [Install](docs/install.md) · [Features](docs/features.md) · [Docs](docs/)\n\n![RemotePower dashboard](docs/screenshots/Index.png)\n\n\u003c/div\u003e\n\n---\n\n## What is it?\n\nA web dashboard that manages your Linux machines (and Windows, kind of) without\nopening firewall ports on them. Each host runs a small Python agent that **polls**\nthe central server every 60 seconds — outbound HTTPS only. Enrolment is a 6-digit\nPIN, like pairing a console controller.\n\nDeliberately small: nginx + Python CGI + flat JSON files. No database, no Node.js,\nno Redis, no Kubernetes. The whole `/var/lib/remotepower/` directory backs up with\n`tar`. Tested on real homelabs running 5–50 devices, fine up to a few hundred.\n\n## Quick start\n\n```bash\n# Server (gets you nginx + fcgiwrap + Python deps + an admin password)\ngit clone https://github.com/tyxak/remotepower \u0026\u0026 cd remotepower\nsudo bash install-server.sh\n\n# Or: Docker\ndocker compose up -d\n```\n\nThe installer prints the URL and the auto-generated admin password. Log in,\nchange the password under **Settings → Account**, then enroll your first client:\n\n```bash\n# On the host you want to manage\nsudo bash install-client.sh\n# Paste the server URL and the 6-digit PIN from the dashboard.\n```\n\nShows up in the dashboard within ~60 seconds.\n\nBrowser SSH terminal is one more command: `sudo bash packaging/install-webterm.sh`.\n\nFor longer install paths (Docker, demo vhost, Windows client, Ansible-driven\nenrolment), see **[docs/install.md](docs/install.md)**.\n\n### Try the live demo\n\nA read-only demo deployment runs at **\u003chttps://demoremote.tvipper.com\u003e** —\nseeded with synthetic devices, alerts, CVE findings, and metrics so\nyou can poke around without installing anything.\n\n```\nURL:      https://demoremote.tvipper.com\nUsername: demo\nPassword: demo\n```\n\nThe demo is reset every few hours, so feel free to break things.\n\n## What you can do with it\n\n| | |\n|---|---|\n| 🟢 **See what's up** | Live status every 60 s. CPU / RAM / disk sparklines. Service matrix. Containers. CVE findings. |\n| ⚡ **Run commands** | Shutdown, reboot, WoL, arbitrary shell, multi-line scripts with dry-run lint, batch across many devices, scheduled (cron) and one-shot. |\n| 🌐 **Browser SSH** | Real xterm.js terminal proxied through a hardened daemon. asciinema session recordings. |\n| 🐳 **docker compose** | Up / down / restart / pull / logs on projects the agent discovered under `/opt /home /docker /srv`. |\n| 🖥️ **Proxmox** | Connect a Proxmox VE node — start/stop QEMU VMs and LXC containers, manage snapshots, all server-to-API. |\n| 🔍 **Configuration drift** | Hashes `sshd_config`, `sudoers` and friends against a baseline; diff, accept, or ignore changes. |\n| 🚨 **Alerts** | Disk %, memory %, CPU load, service down, container stopped, patches piling up, CVEs found, TLS expiring, config drift, mailbox thresholds. Discord / ntfy / Slack / generic JSON webhooks. |\n| 📦 **CMDB built in** | Asset metadata, encrypted credentials vault (AES-GCM + PBKDF2), Markdown docs per asset, network topology map, agentless devices. |\n| 🛡️ **CVE scanning** | OSV.dev-backed, CVSS v3.1-scored, severity-ranked, per-CVE ignore list. |\n| 🔑 **Auth that scales** | bcrypt + TOTP 2FA. LDAP/AD. Named API keys. Enrolment tokens for cloud-init / Ansible. |\n| ✨ **AI assistant** | Optional LLM integration (Ollama, LocalAI, Anthropic, OpenAI, DeepSeek). Explain output, triage CVEs, prioritise patches, generate scripts — all with regex-based secret redaction. Disabled by default. |\n| 📈 **Metrics \u0026 integrations** | Prometheus `/api/metrics` for Grafana. `/api/status` for Uptime Kuma / Homepage. MCP server for AI clients. |\n| 📲 **Installable PWA** | Chrome install prompt in the header. Service worker pre-caches the app shell; API calls are always network-only. Works on desktop and mobile. |\n| 🔬 **Custom monitoring scripts** | Define bash health checks server-side, assign to devices — agent runs them every 5 minutes. Exit 0 = OK. Fleet results page, edge-triggered alerts, inline AI generation. |\n\nFull feature inventory: **[docs/features.md](docs/features.md)**.\n\n## Security\n\nv3.0.2 ships with an end-to-end security audit covering the server, agent,\nWebTerm handshake, CMDB vault, LDAP, TOTP, API keys, AI provider, and Proxmox\nintegration. Posture in brief: PBKDF2-HMAC-SHA256 passwords at OWASP-2023\nparameters, header-based session tokens (CSRF-safe by construction), AES-GCM\nencryption for the CMDB vault, mandatory TLS verification for outbound calls,\nhardened agent state-file handling against local symlink attacks. Full\nposture, threat model, and operator hardening checklist:\n**[docs/security.md](docs/security.md)**.\n\n## Documentation\n\nEverything lives in **[docs/](docs/)** — start with the index there. The\nessentials:\n\n| Topic | Where |\n|---|---|\n| **Install** (Linux, Docker, demo, Windows) | [docs/install.md](docs/install.md) |\n| **Full feature inventory** | [docs/features.md](docs/features.md) |\n| **Architecture + on-disk layout** | [docs/architecture.md](docs/architecture.md) |\n| **API reference** (endpoints + OpenAPI) | [docs/api.md](docs/api.md) — interactive: `/swagger.html` |\n| **Reference manual** | [docs/Manual.html](docs/Manual.html) |\n| **Security notes** | [docs/security.md](docs/security.md) |\n| **Troubleshooting** | [docs/troubleshooting.md](docs/troubleshooting.md) |\n| **Upgrading** | [docs/upgrading.md](docs/upgrading.md) |\n\nFull release history — every version, newest first — is in\n**[CHANGELOG.md](CHANGELOG.md)**.\n\n## License\n\nMIT — see [LICENSE](LICENSE).\n\n\u003cdiv align=\"center\"\u003e\u003csub\u003eMade with ☕ and vi\u003c/sub\u003e\u003c/div\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftyxak%2Fremotepower","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftyxak%2Fremotepower","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftyxak%2Fremotepower/lists"}