Self-hosted infrastructure, made simple.
A lightweight, modern server control panel for managing web apps, databases, Docker containers, and security — without the complexity of Kubernetes or the cost of managed platforms.
English | Español | 中文版 | Português
Features · Quick Start · Screenshots · Architecture · Roadmap · Docs · Contributing · Discord
🎯 Features
🚀 Apps & Deployment
PHP / WordPress — PHP-FPM 8.x with one-click WordPress installation
Python Apps — Deploy Flask and Django with Gunicorn
Node.js — PM2-managed applications with log streaming
Workflow Builder — Node-based visual automation for server tasks, deployments, and CI/CD
Environment Pipeline — Multi-environment management for WordPress (Prod/Staging/Dev) with code/DB promotion
Docker — Full container and Docker Compose management with real-time log streaming and terminal access
Marketplace — Over 60+ one-click templates for popular apps (Immich, Ghost, Authelia, etc.)
🏗️ Infrastructure
Domain Management — Nginx virtual hosts with easy configuration
DNS Zone Management — Full DNS record management with propagation checking (A, AAAA, CNAME, MX, TXT, etc.)
SSL Certificates — Automatic Let's Encrypt with auto-renewal
Databases — MySQL/MariaDB and PostgreSQL with user management and query interface
Cloud Provisioning — Provision servers on DigitalOcean, Hetzner, Vultr, and Linode with cost tracking
Firewall — UFW/firewalld with visual rule management and port presets
Cron Jobs — Schedule tasks with a visual editor
File Manager — Browse, edit, upload, and download files via web interface
FTP Server — Manage vsftpd users and access
Backup & Restore — Automated backups to S3, Backblaze B2, or local storage with scheduling, retention policies, and one-click restore
Email Server — Postfix + Dovecot with DKIM/SPF/DMARC, SpamAssassin, Roundcube webmail, email forwarding rules
🔒 Security
Two-Factor Auth — TOTP-based with backup codes
Malware Scanning — ClamAV integration with quarantine
File Integrity Monitoring — Detect unauthorized file changes
Fail2ban & SSH — Brute force protection, SSH key management, IP allowlist/blocklist
Vulnerability Scanning — Lynis security audits with reports and recommendations
Automatic Updates — unattended-upgrades / dnf-automatic for OS-level patching
🖥️ Multi-Server Management
Agent-Based Architecture — Go agent with HMAC-SHA256 authentication and real-time WebSocket gateway
Fleet Management — Agent lifecycle control with version rollouts, approval queue, network discovery, and command queue
Fleet Monitor — Cross-server heatmaps, metric comparison charts, alert thresholds, anomaly detection, and capacity forecasting
Agent Plugins — Extensible plugin system with capabilities, permissions, and per-server installation
Server Templates — Configuration templates with compliance tracking, drift detection, and auto-remediation
Remote Docker — Manage containers, images, volumes, networks, and Compose projects across all servers
API Key Rotation — Secure credential rotation with acknowledgment handshake
Cross-Server Metrics — Historical metrics with comparison charts and retention policies
📊 Monitoring & Alerts
Real-time Metrics — CPU, RAM, disk, network monitoring via WebSocket
Uptime Tracking — Historical server uptime data and visualization
Status Pages — Public status pages with HTTP/TCP/DNS/Ping health checks, component monitoring, and incident management
Notifications — Discord, Slack, Telegram, email (HTML templates), and generic webhooks
Per-User Preferences — Individual notification channels, severity filters, and quiet hours
👥 Team & Access Control
Multi-User — Admin, developer, and viewer roles with team invitations
Workspaces — Multi-tenant workspace isolation with quotas and member management
RBAC — Granular per-feature permissions (read/write per module)
SSO & OAuth — Google, GitHub, OpenID Connect, and SAML 2.0 with account linking
Audit Logging — Track all user actions with detailed activity dashboard
API Keys — Tiered API keys (standard/elevated/unlimited) with rate limiting, usage analytics, and OpenAPI documentation
Webhook Subscriptions — Event-driven webhooks with HMAC signatures, retry logic, and custom headers
🎨 Customization
Sidebar Presets — Switch between Full, Web Hosting, Email Admin, DevOps, and Minimal views with one click
Collapsible Navigation — Sidebar groups auto-expand on navigation and collapse when switching sections
Accent Colors — 8 preset accent colors plus custom hex picker
Custom Branding — White-label the sidebar with your own logo, brand name, or full-width banner
Dashboard Widgets — Toggle and reorder dashboard widgets to fit your workflow
🚀 Quick Start
⏱️ Up and running in under 2 minutes
Option 1: One-Line Install (Recommended)
curl -fsSL https://serverkit.ai/install.sh | bashWorks on Ubuntu 22.04+ and Debian 12+. Sets up everything automatically.
Option 2: Docker
git clone https://github.com/jhd3197/ServerKit.git cd ServerKit cp .env.example .env # then edit .env with your secrets docker compose up -d # access at http://localhost
Option 3: Manual Installation
See the Installation Guide for step-by-step instructions.
Requirements
| Minimum | Recommended | |
|---|---|---|
| OS | Ubuntu 22.04 LTS | Ubuntu 24.04 LTS |
| CPU | 1 vCPU | 2+ vCPU |
| RAM | 1 GB | 2+ GB |
| Disk | 10 GB | 20+ GB |
| Docker | 24.0+ | Latest |
📸 Screenshots
View More Screenshots
🏗️ Architecture
┌──────────────────┐
│ INTERNET │
└────────┬─────────┘
│
▼
┌──────────────────────────────────────────────────────────────────────────┐
│ YOUR SERVER │
│ │
│ ┌─────────────────────────────────────────────────────────────────────┐ │
│ │ NGINX (Reverse Proxy) │ │
│ │ :80 / :443 │ │
│ │ │ │
│ │ app1.com ──┐ app2.com ──┐ api.app3.com ──┐ │ │
│ └───────────────┼─────────────────┼─────────────────────┼─────────────┘ │
│ │ proxy_pass │ proxy_pass │ proxy_pass │
│ ▼ ▼ ▼ │
│ ┌─────────────────────────────────────────────────────────────────────┐ │
│ │ DOCKER CONTAINERS │ │
│ │ │ │
│ │ ┌───────────┐ ┌───────────┐ ┌───────────┐ │ │
│ │ │ WordPress │ │ Flask │ │ Node.js │ ... │ │
│ │ │ :8001 │ │ :8002 │ │ :8003 │ │ │
│ │ └─────┬─────┘ └───────────┘ └───────────┘ │ │
│ └──────────┼──────────────────────────────────────────────────────────┘ │
│ │ │
│ ▼ │
│ ┌─────────────────────────────────────────────────────────────────────┐ │
│ │ DATABASES │ │
│ │ MySQL :3306 PostgreSQL :5432 Redis :6379 │ │
│ └─────────────────────────────────────────────────────────────────────┘ │
└──────────────────────────────────────────────────────────────────────────┘
View Full Architecture Documentation → — Request flow, template system, port allocation, database linking, and troubleshooting.
🗺️ Roadmap
- Core infrastructure — Flask + React + JWT + WebSocket
- Application management — PHP, Python, Node.js, Docker
- Domain & SSL — Nginx virtual hosts, Let's Encrypt
- Databases — MySQL, PostgreSQL
- File & FTP management
- Monitoring & alerts — Metrics, webhooks, uptime tracking
- Security — 2FA, ClamAV, file integrity, Fail2ban, Lynis
- Firewall — UFW/firewalld integration
- Multi-server management — Go agent, centralized dashboard
- Git deployment — Webhooks, auto-deploy, rollback, zero-downtime
- Backup & restore — S3, Backblaze B2, scheduled backups
- Email server — Postfix, Dovecot, DKIM/SPF/DMARC, Roundcube
- Team & permissions — RBAC, invitations, audit logging
- API enhancements — API keys, rate limiting, OpenAPI docs, webhook subscriptions
- SSO & OAuth — Google, GitHub, OIDC, SAML
- Database migrations — Flask-Migrate/Alembic, versioned schema
- Agent fleet management — Version rollouts, approval queue, discovery, command queue
- Cross-server monitoring — Fleet heatmaps, comparison charts, anomaly detection, capacity forecasting
- Agent plugin system — Extensible agent with capabilities, permissions, per-server install
- Server templates & config sync — Drift detection, compliance dashboards, auto-remediation
- Multi-tenancy — Workspaces with quotas, member management, isolation
- DNS zone management — Full record management with propagation checking
- Status pages — Public status pages with health checks, incident management
- Cloud provisioning — DigitalOcean, Hetzner, Vultr, Linode with cost tracking
- Customizable sidebar — Collapsible groups, view presets, accent colors, white-label branding
Full details: ROADMAP.md
📖 Documentation
| Document | Description |
|---|---|
| Architecture | System design, request flow, diagrams |
| Installation Guide | Complete setup instructions |
| Deployment Guide | CLI commands and production deployment |
| API Reference | REST API endpoints |
| Roadmap | Development roadmap and planned features |
| Contributing | How to contribute |
🧱 Tech Stack
| Layer | Technology |
|---|---|
| Backend | Python 3.11, Flask, SQLAlchemy, Flask-SocketIO, Flask-Migrate |
| Frontend | React 18, Vite, SCSS, Recharts |
| Database | SQLite / PostgreSQL |
| Web Server | Nginx, Gunicorn (GeventWebSocket) |
| Containers | Docker, Docker Compose |
| Security | ClamAV, Lynis, Fail2ban, TOTP (pyotp), Fernet encryption |
| Auth | JWT, OAuth 2.0, OIDC, SAML 2.0 |
| Postfix, Dovecot, SpamAssassin, Roundcube | |
| Agent | Go (multi-server), HMAC-SHA256, WebSocket |
🤝 Contributing
Contributions are welcome! Please read CONTRIBUTING.md first.
fork → feature branch → commit → push → pull request
Priority areas: Cloud provider integrations, marketplace extensions, UI/UX improvements, documentation, test coverage.
💬 Community
Join the Discord to ask questions, share feedback, or get help with your setup.