{"id":47629040,"url":"https://github.com/uwaserver/uwas","last_synced_at":"2026-04-05T03:05:46.881Z","repository":{"id":346025258,"uuid":"1188287101","full_name":"uwaserver/uwas","owner":"uwaserver","description":"Unified Web Application Server — Apache+Nginx+Varnish+Caddy in a single Go binary. Auto HTTPS, built-in caching, PHP/FastCGI, reverse proxy, load balancing, WAF, web dashboard, and MCP server.","archived":false,"fork":false,"pushed_at":"2026-04-02T21:17:57.000Z","size":18867,"stargazers_count":116,"open_issues_count":5,"forks_count":12,"subscribers_count":5,"default_branch":"main","last_synced_at":"2026-04-03T01:13:15.535Z","etag":null,"topics":["acme","cache","devops","fastcgi","go","golang","htaccess","https","lets-encrypt","load-balancer","mcp","php","reverse-proxy","single-binary","waf","web-server","webserver","wordpress"],"latest_commit_sha":null,"homepage":"http://uwaserver.com/","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/uwaserver.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-03-21T21:43:49.000Z","updated_at":"2026-04-02T21:18:02.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/uwaserver/uwas","commit_stats":null,"previous_names":["uwaserver/uwas"],"tags_count":82,"template":false,"template_full_name":null,"purl":"pkg:github/uwaserver/uwas","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uwaserver%2Fuwas","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uwaserver%2Fuwas/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uwaserver%2Fuwas/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uwaserver%2Fuwas/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/uwaserver","download_url":"https://codeload.github.com/uwaserver/uwas/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uwaserver%2Fuwas/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31422902,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-05T02:22:46.605Z","status":"ssl_error","status_checked_at":"2026-04-05T02:22:33.263Z","response_time":75,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acme","cache","devops","fastcgi","go","golang","htaccess","https","lets-encrypt","load-balancer","mcp","php","reverse-proxy","single-binary","waf","web-server","webserver","wordpress"],"created_at":"2026-04-01T23:05:04.699Z","updated_at":"2026-04-05T03:05:46.864Z","avatar_url":"https://github.com/uwaserver.png","language":"Go","readme":"# UWAS\n\n**Unified Web Application Server**\n\nOne binary to serve them all.\n\nApache + Nginx + Varnish + Caddy + cPanel → UWAS\n\n---\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"assets/banner.jpeg\" alt=\"UWAS Logo\" width=\"100%\"\u003e\n\u003c/p\u003e\n\n\u003e **Note:** This project is currently in development and not yet ready for production use.\n\n\n[![Go](https://img.shields.io/badge/Go-1.26+-00ADD8?logo=go\u0026logoColor=white)](https://go.dev)\n[![License](https://img.shields.io/badge/License-AGPL--3.0-blue.svg)](LICENSE)\n\n## What is UWAS?\n\nUWAS replaces your entire web server stack and hosting control panel with a single Go binary. Auto HTTPS, built-in caching, PHP support, .htaccess compatibility, reverse proxy, WebSocket forwarding, WAF, multi-user access control, and a 38-page React dashboard with 205+ API endpoints.\n\nOne binary. Zero hassle.\n\n## Current Snapshot (v0.0.38)\n\n- **Dashboard pages:** 38 (`web/dashboard/src/pages`)\n- **Admin API routes:** 205+ (route registrations under `/api/v1` in `internal/admin/api.go`)\n- **Go packages:** 52 (from `go list ./...`)\n- **CLI commands:** 19\n- **Test status:** `go test -p 1 ./...` passing\n\n## Features\n\n### Web Server\n- **Auto HTTPS** — Let's Encrypt certificates with zero configuration\n- **HTTP/3 (QUIC)** — Via quic-go with Alt-Svc header advertisement\n- **Built-in Cache** — Varnish-level caching with grace mode, tag-based purge, ESI (Edge Side Includes)\n- **PHP Ready** — FastCGI with connection pooling and .htaccess support\n- **Per-domain PHP** — Multiple PHP versions per domain with auto-port assignment, crash auto-restart\n- **Load Balancer** — 5 algorithms, health checks, circuit breaker, canary routing\n- **WebSocket Proxy** — Transparent TCP tunnel with hijack + bidirectional pipe\n- **URL Rewrite** — Apache mod_rewrite compatible engine\n- **Brotli + Gzip** — Dual compression with Accept-Encoding negotiation\n- **Image Optimization** — On-the-fly WebP/AVIF conversion\n\n### Hosting Control Panel\n- **38-page Dashboard** — React 19 admin panel with dark/light theme\n- **App Manager** — Deploy and manage Node.js, Python, Ruby, Go applications\n- **Web Terminal** — Browser-based shell via WebSocket-to-PTY bridge\n- **Multi-user Auth** — Admin, reseller, user roles with TOTP 2FA\n- **WordPress Management** — One-click install, plugin updates, debug mode, error log viewer\n- **DNS Zone Editor** — Full CRUD for Cloudflare, Hetzner, DigitalOcean, Route53\n- **File Manager** — Browse, edit, upload, delete files via dashboard\n- **SFTP Server** — Built-in pure Go SFTP with chroot per domain + SSH key management\n- **Database Management** — MySQL/MariaDB + Docker containers (MariaDB/MySQL/PostgreSQL)\n- **Site Migration** — SSH wizard: rsync files + dump/import database\n- **Clone/Staging** — One-click domain clone with DB duplication\n- **Backup/Restore** — Local, S3, SFTP providers with scheduling + webhook notifications\n- **Cron Jobs** — Per-domain cron management with execution monitoring and failure alerts\n\n### Security \u0026 Monitoring\n- **WAF** — SQL injection, XSS, shell, RCE detection\n- **Per-domain Rate Limiting** — Sharded token bucket per domain\n- **Bandwidth Limits** — Monthly/daily caps with throttle or block action\n- **Webhook Events** — 11 event types with HMAC-SHA256 signatures and retry\n- **Uptime Monitoring** — Per-domain health checks with alerting\n- **Analytics** — Per-domain traffic, referrer tracking, user agent breakdown\n- **Prometheus Metrics** — p50/p95/p99 latency percentiles\n- **Audit Logging** — Track all admin actions with timestamps and IPs\n- **IP Access Control** — Per-domain whitelist/blacklist\n- **Resource Limits** — Per-domain CPU/memory/PID limits via Linux cgroups v2\n\n### DevOps\n- **Git Deploy** — Git clone/pull + Docker-based application deployment\n- **AI-Native** — MCP server for LLM-driven management\n- **Nginx/Apache Migration** — CLI config converter\n- **Hot-Reload** — All per-domain chains rebuild on SIGHUP (zero downtime)\n- **Self-Update** — Binary auto-update from GitHub releases\n- **CI/CD** — GitHub Actions for build, test, release automation\n- **Single Binary** — ~15MB, no dependencies, just download and run\n\n## Install\n\n```bash\n# One-line install (Linux / macOS)\ncurl -fsSL https://raw.githubusercontent.com/uwaserver/uwas/main/install.sh | sh\n```\n\n### Update\n\n```bash\n# One-line update (detects current version, downloads latest, restarts service)\ncurl -fsSL https://raw.githubusercontent.com/uwaserver/uwas/main/update.sh | sh\n```\n\nOr download from [GitHub Releases](https://github.com/uwaserver/uwas/releases).\n\n### Build from Source\n\n```bash\ngit clone https://github.com/uwaserver/uwas.git \u0026\u0026 cd uwas\nmake build # Production binary → bin/uwas\nmake linux # Cross-compile for Linux amd64\n```\n\n## Quick Start\n\n```bash\n# Start server (auto-creates config on first run)\nuwas\n\n# Or with a specific config\nuwas serve -c uwas.yaml\n\n# Install as systemd service (auto-start on boot)\nsudo uwas install\nsudo systemctl start uwas\n\n# Dashboard\n# http://your-ip:9443/_uwas/dashboard/\n\n# CLI commands (API key auto-loaded from ~/.uwas/.env)\nuwas status\nuwas php list\nuwas domain list\nuwas doctor\n```\n\n## Configuration\n\nUWAS uses a single YAML file. See [`uwas.example.yaml`](uwas.example.yaml) for a full reference.\n\n### Static Site\n\n```yaml\nglobal:\n http_listen: \":80\"\n https_listen: \":443\"\n acme:\n email: you@example.com\n\ndomains:\n - host: example.com\n root: /var/www/html\n type: static\n ssl:\n mode: auto\n```\n\n### WordPress / PHP\n\n```yaml\ndomains:\n - host: blog.example.com\n root: /var/www/wordpress\n type: php\n ssl:\n mode: auto\n php:\n fpm_address: \"unix:/var/run/php/php8.3-fpm.sock\"\n htaccess:\n mode: import\n cache:\n enabled: true\n ttl: 1800\n```\n\n### Reverse Proxy with WebSocket\n\n```yaml\ndomains:\n - host: api.example.com\n type: proxy\n ssl:\n mode: auto\n proxy:\n upstreams:\n - address: \"http://127.0.0.1:3000\"\n weight: 3\n - address: \"http://127.0.0.1:3001\"\n weight: 1\n algorithm: least_conn\n websocket: true\n health_check:\n path: /health\n interval: 10s\n```\n\n### Bandwidth Limits + Rate Limiting\n\n```yaml\ndomains:\n - host: example.com\n root: /var/www/html\n type: static\n bandwidth:\n enabled: true\n monthly_limit: 100GB\n daily_limit: 5GB\n action: throttle # or \"block\"\n security:\n rate_limit:\n requests: 100\n window: 1m\n```\n\n## Requirements\n\n| Component | Minimum | Recommended | Notes |\n|-----------|---------|-------------|-------|\n| Go | 1.26+ | 1.26+ | For building from source |\n| PHP | 7.4+ | 8.3+ / 8.4+ | Only needed for PHP sites |\n| Docker | 20.10+ | 24+ | Only for Docker database containers |\n\n**No PHP needed** for static sites, reverse proxy, or redirect domains.\n\n## CLI\n\n```\nuwas Start server (auto-setup if no config)\nuwas serve -c uwas.yaml Start with specific config\nuwas serve -d Start as background daemon\nuwas version Print version info\nuwas config validate Validate config file\nuwas domain list List domains\nuwas cache stats Cache statistics\nuwas cache purge Purge cache\nuwas status Server status via admin API\nuwas reload Hot-reload configuration\nuwas stop Stop running server\nuwas restart Restart running server\nuwas migrate nginx \u003cfile\u003e Convert Nginx config to UWAS\nuwas migrate apache \u003cfile\u003e Convert Apache config to UWAS\nuwas backup Create config backup\nuwas restore Restore from backup\nuwas php list List detected PHP versions\nuwas php start \u003cver\u003e Start PHP-FPM for version\nuwas install Install as systemd service\nuwas uninstall Remove systemd service\nuwas user list List admin users\nuwas doctor System diagnostics + auto-fix\nuwas help Show help\n```\n\n## Architecture\n\n```\nRequest Flow:\n\n TCP → TLS (SNI routing)\n → HTTP Parse\n → Middleware Chain:\n Recovery → Request ID → Security Headers → Rate Limit → Access Log\n → Virtual Host Lookup\n → Per-domain: IP ACL → Rate Limit → BasicAuth → CORS → Header Transform\n → Security Guard (blocked paths, WAF)\n → Bandwidth Check (throttle/block)\n → Rewrite Engine (mod_rewrite compatible)\n → Cache Lookup (L1 memory + L2 disk)\n → Handler:\n ├── Static File (ETag, Range, pre-compressed, SPA)\n ├── FastCGI/PHP (connection pool, CGI env)\n ├── Reverse Proxy (5 LB algorithms, circuit breaker)\n ├── WebSocket (TCP tunnel, bidirectional pipe)\n └── Redirect (301/302/307/308)\n → Cache Store\n → Bandwidth Record\n → Response\n```\n\n## Project Layout\n\n```\ncmd/uwas/ → CLI entry point (19 commands)\ninternal/\n admin/ → REST API (205+ routes) + dashboard embed + TOTP auth\n alerting/ → Alert thresholds + webhook/Slack/Telegram/email notifications\n analytics/ → Per-domain traffic analytics\n appmanager/ → Node.js/Python/Ruby/Go process management\n auth/ → Multi-user RBAC (admin/reseller/user) + session + TOTP 2FA\n backup/ → Local/S3/SFTP backup + restore + scheduling\n bandwidth/ → Per-domain bandwidth limits (throttle/block)\n build/ → Build metadata (version, commit, date) via ldflags\n cache/ → L1 memory (256-shard LRU) + L2 disk cache + ESI\n cli/ → CLI framework and commands\n config/ → YAML parser, validation, defaults, ByteSize/Duration types\n cronjob/ → Cron job management + execution monitoring\n database/ → MySQL/MariaDB management + Docker container support\n deploy/ → Git clone/pull + Docker-based application deployment\n dnsmanager/ → Cloudflare, Route53, Hetzner, DigitalOcean DNS CRUD\n dnschecker/ → DNS record verification (A/MX/NS/TXT)\n doctor/ → System diagnostics + auto-fix\n filemanager/ → Web file manager (browse/edit/upload/delete)\n firewall/ → UFW management via API\n handler/\n fastcgi/ → PHP handler, CGI environment builder\n proxy/ → Reverse proxy, load balancing, WebSocket, circuit breaker\n static/ → Static files, MIME, ETag, pre-compressed, SPA\n install/ → System package installer task queue\n logger/ → Structured logger (slog wrapper)\n mcp/ → MCP server for AI management\n metrics/ → Prometheus-compatible metrics\n middleware/ → Chain, recovery, rate limit, gzip, CORS, WAF, bot guard\n migrate/ → Nginx/Apache converter + SSH site migration + clone\n monitor/ → Uptime monitoring per domain\n notify/ → Webhook, Slack, Telegram, Email (SMTP) channels\n pathsafe/ → Path traversal guard (symlink-resolving containment check)\n phpmanager/ → PHP detect, install, start/stop, per-domain assign\n rewrite/ → URL rewrite engine (Apache mod_rewrite compatible)\n rlimit/ → Per-domain resource limits via Linux cgroups v2\n router/ → Virtual host routing, request context\n selfupdate/ → Binary self-update from GitHub releases\n server/ → HTTP/HTTPS/HTTP3 server + request dispatch + log rotation\n serverip/ → Server IP detection (interfaces + public IP)\n services/ → systemd service management (start/stop/restart)\n sftpserver/ → Built-in SFTP server (pure Go, chroot per domain)\n siteuser/ → SFTP user management (chroot jail + SSH keys)\n terminal/ → WebSocket-to-PTY bridge for browser-based shell\n tls/ → TLS manager, ACME client, auto-renewal, cert expiry alerts\n acme/ → RFC 8555 ACME protocol, JWS signing\n webhook/ → Event-driven webhook delivery (11 events, HMAC, retry)\n wordpress/ → WordPress install, manage, debug, permissions\npkg/\n fastcgi/ → FastCGI binary protocol, connection pool\n htaccess/ → .htaccess parser and converter\nweb/dashboard/ → React 19 SPA (38 pages, Vite + TypeScript + Tailwind)\n```\n\n## Dashboard\n\nUWAS includes a 38-page React 19 dashboard at `/_uwas/dashboard/` with dark/light theme:\n\n**Sites:** Dashboard, Domains, Domain Detail, Topology, Certificates, DNS Zone Editor, WordPress, Clone/Staging, Migration, File Manager\n\n**Server:** PHP, PHP Config, Applications, Database, SFTP Users, Cron Jobs, Services, Packages, IP Management, Email Guide\n\n**Performance:** Cache, Metrics, Analytics, Logs\n\n**Security:** Security, Firewall, Unknown Domains, Audit Log, Admin Users\n\n**System:** Config Editor, Webhooks, Backups, Terminal, Updates, Doctor, Settings\n\n**Auth:** Login (with 2FA/TOTP support)\n\n## Comparison\n\n| Feature | UWAS | Nginx | Caddy | Apache | cPanel |\n|---------|------|-------|-------|--------|--------|\n| Single binary | Yes | No | Yes | No | No |\n| Auto HTTPS | Yes | No | Yes | No | Yes |\n| Built-in cache | Yes | No | No | No | No |\n| PHP FastCGI | Yes | Yes | Yes | Yes | Yes |\n| .htaccess support | Yes | No | No | Yes | Yes |\n| Load balancer | Yes | Yes | No | No | No |\n| WebSocket proxy | Yes | Yes | No | No | No |\n| WAF | Yes | No | No | Mod | Yes |\n| Control panel | Yes (built-in) | No | No | No | Yes |\n| Multi-user auth | Yes | No | No | No | Yes |\n| Webhook events | Yes | No | No | No | No |\n| DNS management | 4 providers | No | No | No | Yes |\n| MCP / AI-native | Yes | No | No | No | No |\n| Open source | AGPL-3.0 | BSD | Apache 2.0 | Apache 2.0 | Proprietary |\n\n## Performance\n\nTested with [hey](https://github.com/rakyll/hey) on AMD Ryzen 9 9950X3D:\n\n| Scenario | Requests/sec | Avg Latency |\n|----------|-------------|-------------|\n| Small static file (14B) | **7,000** | 7.1ms |\n| 4KB static file | **7,100** | 7.0ms |\n| 100K requests @ 200 concurrent | **7,254** | 27ms |\n| 404 error page | **22,000** | 2.2ms |\n| Cache L1 lookup (bench) | **75,000,000** | 31ns |\n| VHost routing (bench) | **70,000,000** | 35ns |\n\n## Deployment\n\n### Systemd\n\n```bash\nsudo cp init/uwas.service /etc/systemd/system/\nsudo systemctl enable uwas\nsudo systemctl start uwas\n\n# Live config reload (zero downtime)\nsudo systemctl reload uwas\n```\n\n### Docker\n\n```bash\ndocker build -t uwas .\ndocker run -p 80:80 -p 443:443 -v ./uwas.yaml:/etc/uwas/uwas.yaml uwas\n```\n\n## Migration from Nginx/Apache\n\n```bash\n# Convert existing Nginx config\nuwas migrate nginx /etc/nginx/sites-enabled/example.conf \u003e uwas.yaml\n\n# Convert Apache config\nuwas migrate apache /etc/apache2/sites-enabled/example.conf \u003e uwas.yaml\n\n# Or use the dashboard Migration wizard for full site transfer (files + database)\n```\n\n## Development\n\n```bash\nmake dev # Build development binary\nmake test # Run all tests\nmake lint # Run go vet + staticcheck\nmake clean # Clean build artifacts\n\n# Dashboard\ncd web/dashboard \u0026\u0026 npm run build\n```\n\n## License\n\nUWAS is dual-licensed:\n\n- **AGPL-3.0** for open-source and community use — [full text](LICENSE)\n- **Commercial license** for enterprise and proprietary use — [uwaserver.com/enterprise](https://uwaserver.com/enterprise)\n\n## Contributing\n\n1. Open an issue first to discuss\n2. One feature/fix per PR\n3. Tests required\n4. `go vet` must pass\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fuwaserver%2Fuwas","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fuwaserver%2Fuwas","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fuwaserver%2Fuwas/lists"}