Usulnet

Open-source Docker infrastructure platform. One web UI — containers, security, DNS, VPN, monitoring, backups, reverse proxy, terminal, and multi-node orchestration. Replace a dozen tools with one.

Generate Convert Improve

Install / Use

/learn @fr4nsys/Usulnet

About this skill

Quality Score

0/100

README

<a href="https://usulnet.com/"><img src="docs/screenshots/logo.png" alt="usulnet" width="320" /></a> Self-Hosted Docker Management Platform A modern, feature-rich platform for managing Docker infrastructure across single and multi-node deployments. <a href="#installation"><img src="https://img.shields.io/badge/Go-1.25+-00ADD8?style=flat-square&logo=go&logoColor=white" alt="Go 1.25+"/></a> <a href="#license"><img src="https://img.shields.io/badge/License-AGPL--3.0-blue?style=flat-square" alt="AGPL-3.0"/></a> <a href="#deployment"><img src="https://img.shields.io/badge/Docker-Ready-2496ED?style=flat-square&logo=docker&logoColor=white" alt="Docker Ready"/></a> <a href="https://github.com/fr4nsys/usulnet/releases"><img src="https://img.shields.io/github/v/release/fr4nsys/usulnet?style=flat-square&color=success&include_prereleases" alt="Release"/></a>  <a href="#-fast-deployment">Fast Deploy</a> • <a href="#features">Features</a> • <a href="#screenshots">Screenshots</a> • <a href="#deployment">Deployment</a> • <a href="#configuration">Configuration</a> • <a href="#api">API</a> • <a href="#architecture">Architecture</a> • <a href="#contributing">Contributing</a>

v26.2.7 — Latest Release

usulnet is in active development. We appreciate your feedback — please report any issues on GitHub Issues. Your reports help improve usulnet for everyone.

Support the Project

usulnet is built and maintained only by me at the moment. If you find it useful, consider supporting its continued development:

| Channel | Description | |---|---| | Buy Me a Coffee | One-time or recurring donations to support development | | Business License | Purchase a Business or Enterprise license starting at €79/node/year | | GitHub Sponsors | Sponsor via GitHub for recurring monthly support |

Every contribution, whether a coffee, a license purchase, or a star on GitHub, help to keep this project alive and growing. Thank you.

⚡ Fast Deployment

Deploy usulnet in one command. No manual configuration needed — all secrets are generated automatically.

curl -fsSL https://raw.githubusercontent.com/fr4nsys/usulnet/main/deploy/install.sh | sudo bash

This will:

Download the production Docker Compose configuration
Auto-generate secure database passwords, JWT secrets, and encryption keys
Start usulnet with PostgreSQL, Redis, NATS, Nginx, and Guacamole
Be ready in under 60 seconds (pre-built images, no compilation)

Access: https://your-server-ip:7443 — Default credentials: admin / usulnet

Or deploy manually with Docker Compose (requires sudo/root):

# Download the files
sudo mkdir -p /opt/usulnet && cd /opt/usulnet
sudo curl -fsSL https://raw.githubusercontent.com/fr4nsys/usulnet/main/deploy/docker-compose.prod.yml -o docker-compose.yml
sudo curl -fsSL https://raw.githubusercontent.com/fr4nsys/usulnet/main/deploy/.env.example -o .env
# IMPORTANT: download config.yaml — without this, Docker creates a directory and the app boot-loops
sudo curl -fsSL https://raw.githubusercontent.com/fr4nsys/usulnet/main/config.yaml -o config.yaml
# NATS server configuration (required — the compose file mounts this into the NATS container)
sudo curl -fsSL https://raw.githubusercontent.com/fr4nsys/usulnet/main/deploy/nats-server.conf -o nats-server.conf

# Generate secrets
DB_PASS=$(openssl rand -base64 24 | tr -dc 'a-zA-Z0-9' | head -c 32)
JWT_SECRET=$(openssl rand -hex 32)
ENCRYPTION_KEY=$(openssl rand -hex 32)
# Set database password in .env (used by PostgreSQL service)
sudo sed -i "s|CHANGE_ME_GENERATE_RANDOM_PASSWORD|${DB_PASS}|" .env
# Set secrets in config.yaml (used by usulnet application)
sudo sed -i "s|usulnet_dev|${DB_PASS}|" config.yaml
sudo sed -i "s|edbdbc0721315fc2529c04509d65c62e7c51ce9b10941078f2fae131acfb0e96|${JWT_SECRET}|" config.yaml
sudo sed -i "s|ed2cb601a830465890822d80d13668530b5af3c1c372799310339e8daf02e2e6|${ENCRYPTION_KEY}|" config.yaml

# Generate TLS certificates for PostgreSQL, Redis, and NATS (self-signed ECDSA P-256)
sudo mkdir -p certs
sudo openssl req -new -x509 -days 3650 -nodes \
    -newkey ec -pkeyopt ec_paramgen_curve:P-256 \
    -subj "/CN=postgres/O=usulnet" \
    -addext "subjectAltName=DNS:postgres,DNS:localhost,IP:127.0.0.1" \
    -keyout certs/postgres-server.key -out certs/postgres-server.crt 2>/dev/null
sudo openssl req -new -x509 -days 3650 -nodes \
    -newkey ec -pkeyopt ec_paramgen_curve:P-256 \
    -subj "/CN=redis/O=usulnet" \
    -addext "subjectAltName=DNS:redis,DNS:localhost,IP:127.0.0.1" \
    -keyout certs/redis-server.key -out certs/redis-server.crt 2>/dev/null
sudo openssl req -new -x509 -days 3650 -nodes \
    -newkey ec -pkeyopt ec_paramgen_curve:P-256 \
    -subj "/CN=nats/O=usulnet" \
    -addext "subjectAltName=DNS:nats,DNS:localhost,IP:127.0.0.1" \
    -keyout certs/nats-server.key -out certs/nats-server.crt 2>/dev/null
sudo chmod 600 certs/*.key

# Start
sudo docker compose up -d

Overview

usulnet is a self-hosted Docker management platform built with Go that gives engineering teams full control over their container infrastructure. It replaces the need for multiple tools by providing a unified interface for container orchestration, security scanning, backup management, reverse proxy configuration, monitoring, and multi-node deployment — all from a single, modern web UI.

Designed for sysadmins, DevOps engineers, and platform teams who need a production-grade, self-hosted alternative to cloud-native container management solutions without vendor lock-in or usage telemetry.

Why usulnet?

Single binary — No runtime dependencies like Node.js or Python. Templates are compiled into the binary at build time.
Multi-node out of the box — Master/agent architecture with NATS messaging, mTLS, and auto-deployment of agents.
Security-first — Built-in Trivy scanning, RBAC with 46 permissions, 2FA, LDAP/OIDC auth, encrypted secrets, audit logging.
Full-stack management — Containers, images, volumes, networks, stacks, proxies, backups, SSH, databases, LDAP, Git — everything in one place.
Lightweight — ~70 MB binary. No Electron, no bloated frontend frameworks. Pure Templ + Tailwind + Alpine.js + HTMX.

Features

Core Docker Management

| Feature | Description | |---|---| | Containers | Full lifecycle management — create, start, stop, restart, pause, kill, remove. Bulk operations, real-time stats, settings editor, filesystem browser. | | Images | Pull, inspect, remove, prune. Registry support (Docker Hub, private registries). Layer history and size analysis. | | Volumes | Create, inspect, remove, prune. Built-in file browser for volume contents. | | Networks | Create, inspect, remove, prune. Connect/disconnect containers. Bridge, overlay, macvlan support. | | Stacks | Docker Compose deployment, management, and monitoring. Built-in stack catalog with one-click deployment. | | Docker Swarm | Initialize clusters, manage nodes, create HA services, scale replicas, convert standalone containers. |

Security & Compliance

| Feature | Description | |---|---| | Vulnerability Scanning | Integrated Trivy scanner for container images and filesystems. CVE detection with severity classification. | | Security Scoring | 0-100 composite security score per container and across the infrastructure. Trends tracking over time. | | SBOM Generation | Software Bill of Materials in CycloneDX and SPDX formats. | | RBAC | Role-based access control with 46 granular permissions. Custom roles. Team-based resource scoping. | | 2FA / TOTP | Two-factor authentication with TOTP (Google Authenticator, Authy) and backup codes. | | LDAP / OIDC | Enterprise authentication via Active Directory, LDAP, OAuth2, and OIDC (GitHub, Google, Microsoft, custom). | | Audit Logging | User actions persisted to PostgreSQL with IP, timestamp, and details. Exportable as CSV. In-memory cache for fast dashboard rendering. | | Encrypted Secrets | AES-256-GCM encryption for all sensitive configuration values (passwords, tokens, keys). | | API Key Auth | Programmatic access via X-API-KEY header alongside JWT authentication. |

Monitoring & Alerting

| Feature | Description | |---|---| | Real-time Metrics | CPU, memory, network I/O, disk I/O per container and per host. WebSocket-powered live dashboards. | | Alert Rules | Threshold-based alerts on any metric. States: OK → Pending → Firing → Resolved. Silence rules. | | 11 Notification Channels | Email, Slack, Discord, Telegram, Gotify, ntfy, PagerDuty, Opsgenie, Microsoft Teams, Generic Webhook, Custom. | | Event Stream | Real-time Docker event stream (container, image, volume, n

Related Skills

node-connect

342.0k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

prose

342.0k

OpenProse VM skill pack. Activate on any `prose` command, .prose files, or OpenProse mentions; orchestrates multi-agent workflows.

frontend-design

84.7k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

342.0k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).