Uwas
Unified Web Application Server — Apache+Nginx+Varnish+Caddy in a single Go binary. Auto HTTPS, built-in caching, PHP/FastCGI, reverse proxy, load balancing, WAF, web dashboard, and MCP server.
Install / Use
/learn @uwaserver/UwasREADME
UWAS
Unified Web Application Server
One binary to serve them all.
Apache + Nginx + Varnish + Caddy + cPanel → UWAS
<p align="center"> <img src="assets/banner.jpeg" alt="UWAS Logo" width="100%"> </p>
Note: This project is currently in development and not yet ready for production use.
What is UWAS?
UWAS replaces your entire web server stack and hosting control panel with a single Go binary. Auto HTTPS, built-in caching, PHP support, .htaccess compatibility, reverse proxy, WebSocket forwarding, WAF, multi-user access control, and a 38-page React dashboard with 205+ API endpoints.
One binary. Zero hassle.
Current Snapshot (v0.0.38)
- Dashboard pages: 38 (
web/dashboard/src/pages) - Admin API routes: 205+ (route registrations under
/api/v1ininternal/admin/api.go) - Go packages: 52 (from
go list ./...) - CLI commands: 19
- Test status:
go test -p 1 ./...passing
Features
Web Server
- Auto HTTPS — Let's Encrypt certificates with zero configuration
- HTTP/3 (QUIC) — Via quic-go with Alt-Svc header advertisement
- Built-in Cache — Varnish-level caching with grace mode, tag-based purge, ESI (Edge Side Includes)
- PHP Ready — FastCGI with connection pooling and .htaccess support
- Per-domain PHP — Multiple PHP versions per domain with auto-port assignment, crash auto-restart
- Load Balancer — 5 algorithms, health checks, circuit breaker, canary routing
- WebSocket Proxy — Transparent TCP tunnel with hijack + bidirectional pipe
- URL Rewrite — Apache mod_rewrite compatible engine
- Brotli + Gzip — Dual compression with Accept-Encoding negotiation
- Image Optimization — On-the-fly WebP/AVIF conversion
Hosting Control Panel
- 38-page Dashboard — React 19 admin panel with dark/light theme
- App Manager — Deploy and manage Node.js, Python, Ruby, Go applications
- Web Terminal — Browser-based shell via WebSocket-to-PTY bridge
- Multi-user Auth — Admin, reseller, user roles with TOTP 2FA
- WordPress Management — One-click install, plugin updates, debug mode, error log viewer
- DNS Zone Editor — Full CRUD for Cloudflare, Hetzner, DigitalOcean, Route53
- File Manager — Browse, edit, upload, delete files via dashboard
- SFTP Server — Built-in pure Go SFTP with chroot per domain + SSH key management
- Database Management — MySQL/MariaDB + Docker containers (MariaDB/MySQL/PostgreSQL)
- Site Migration — SSH wizard: rsync files + dump/import database
- Clone/Staging — One-click domain clone with DB duplication
- Backup/Restore — Local, S3, SFTP providers with scheduling + webhook notifications
- Cron Jobs — Per-domain cron management with execution monitoring and failure alerts
Security & Monitoring
- WAF — SQL injection, XSS, shell, RCE detection
- Per-domain Rate Limiting — Sharded token bucket per domain
- Bandwidth Limits — Monthly/daily caps with throttle or block action
- Webhook Events — 11 event types with HMAC-SHA256 signatures and retry
- Uptime Monitoring — Per-domain health checks with alerting
- Analytics — Per-domain traffic, referrer tracking, user agent breakdown
- Prometheus Metrics — p50/p95/p99 latency percentiles
- Audit Logging — Track all admin actions with timestamps and IPs
- IP Access Control — Per-domain whitelist/blacklist
- Resource Limits — Per-domain CPU/memory/PID limits via Linux cgroups v2
DevOps
- Git Deploy — Git clone/pull + Docker-based application deployment
- AI-Native — MCP server for LLM-driven management
- Nginx/Apache Migration — CLI config converter
- Hot-Reload — All per-domain chains rebuild on SIGHUP (zero downtime)
- Self-Update — Binary auto-update from GitHub releases
- CI/CD — GitHub Actions for build, test, release automation
- Single Binary — ~15MB, no dependencies, just download and run
Install
# One-line install (Linux / macOS)
curl -fsSL https://raw.githubusercontent.com/uwaserver/uwas/main/install.sh | sh
Update
# One-line update (detects current version, downloads latest, restarts service)
curl -fsSL https://raw.githubusercontent.com/uwaserver/uwas/main/update.sh | sh
Or download from GitHub Releases.
Build from Source
git clone https://github.com/uwaserver/uwas.git && cd uwas
make build # Production binary → bin/uwas
make linux # Cross-compile for Linux amd64
Quick Start
# Start server (auto-creates config on first run)
uwas
# Or with a specific config
uwas serve -c uwas.yaml
# Install as systemd service (auto-start on boot)
sudo uwas install
sudo systemctl start uwas
# Dashboard
# http://your-ip:9443/_uwas/dashboard/
# CLI commands (API key auto-loaded from ~/.uwas/.env)
uwas status
uwas php list
uwas domain list
uwas doctor
Configuration
UWAS uses a single YAML file. See uwas.example.yaml for a full reference.
Static Site
global:
http_listen: ":80"
https_listen: ":443"
acme:
email: you@example.com
domains:
- host: example.com
root: /var/www/html
type: static
ssl:
mode: auto
WordPress / PHP
domains:
- host: blog.example.com
root: /var/www/wordpress
type: php
ssl:
mode: auto
php:
fpm_address: "unix:/var/run/php/php8.3-fpm.sock"
htaccess:
mode: import
cache:
enabled: true
ttl: 1800
Reverse Proxy with WebSocket
domains:
- host: api.example.com
type: proxy
ssl:
mode: auto
proxy:
upstreams:
- address: "http://127.0.0.1:3000"
weight: 3
- address: "http://127.0.0.1:3001"
weight: 1
algorithm: least_conn
websocket: true
health_check:
path: /health
interval: 10s
Bandwidth Limits + Rate Limiting
domains:
- host: example.com
root: /var/www/html
type: static
bandwidth:
enabled: true
monthly_limit: 100GB
daily_limit: 5GB
action: throttle # or "block"
security:
rate_limit:
requests: 100
window: 1m
Requirements
| Component | Minimum | Recommended | Notes | |-----------|---------|-------------|-------| | Go | 1.26+ | 1.26+ | For building from source | | PHP | 7.4+ | 8.3+ / 8.4+ | Only needed for PHP sites | | Docker | 20.10+ | 24+ | Only for Docker database containers |
No PHP needed for static sites, reverse proxy, or redirect domains.
CLI
uwas Start server (auto-setup if no config)
uwas serve -c uwas.yaml Start with specific config
uwas serve -d Start as background daemon
uwas version Print version info
uwas config validate Validate config file
uwas domain list List domains
uwas cache stats Cache statistics
uwas cache purge Purge cache
uwas status Server status via admin API
uwas reload Hot-reload configuration
uwas stop Stop running server
uwas restart Restart running server
uwas migrate nginx <file> Convert Nginx config to UWAS
uwas migrate apache <file> Convert Apache config to UWAS
uwas backup Create config backup
uwas restore Restore from backup
uwas php list List detected PHP versions
uwas php start <ver> Start PHP-FPM for version
uwas install Install as systemd service
uwas uninstall Remove systemd service
uwas user list List admin users
uwas doctor System diagnostics + auto-fix
uwas help Show help
Architecture
Request Flow:
TCP → TLS (SNI routing)
→ HTTP Parse
→ Middleware Chain:
Recovery → Request ID → Security Headers → Rate Limit → Access Log
→ Virtual Host Lookup
→ Per-domain: IP ACL → Rate Limit → BasicAuth → CORS → Header Transform
→ Security Guard (blocked paths, WAF)
→ Bandwidth Check (throttle/block)
→ Rewrite Engine (mod_rewrite compatible)
→ Cache Lookup (L1 memory + L2 disk)
→ Handler:
├── Static File (ETag, Range, pre-compressed, SPA)
├── FastCGI/PHP (connection pool, CGI env)
├── Reverse Proxy (5 LB algorithms, circuit breaker)
├── WebSocket (TCP tunnel, bidirectional pipe)
└── Redirect (301/302/307/308)
→ Cache Store
→ Bandwidth Record
→ Response
Project Layout
cmd/uwas/ → CLI entry point (19 commands)
internal/
admin/ → REST API (205+ routes) + dashboard embed + TOTP auth
alerting/ → Alert thresholds + webhook/Slack/Telegram/email notifications
analytics/ → Per-domain traffic analytics
appmanager/ → Node.js/Python/Ruby/Go process management
auth/ → Multi-user RBAC (admin/reseller/user) + session + TOTP 2FA
backup/ → Local/S3/SFTP backup + restore + scheduling
bandwidth/ → Per-domain bandwidth limits (throttle/block)
build/ → Build metadata (version, commit, date) via ldflags
cache/ → L1 memory (256-shard LRU) + L2 disk cache + ESI
cli/ → CLI framework and commands
config/ → YAML parser, validation, defaults, ByteSize/Duration types
cronjob/ → Cron job management + execution monitoring
database/ → MySQL/MariaDB management + Docker container sup
Related Skills
tmux
344.1kRemote-control tmux sessions for interactive CLIs by sending keystrokes and scraping pane output.
xurl
344.1kA CLI tool for making authenticated requests to the X (Twitter) API. Use this skill when you need to post tweets, reply, quote, search, read posts, manage followers, send DMs, upload media, or interact with any X API v2 endpoint.
Hook Development
96.8kThis skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.
MCP Integration
96.8kThis skill should be used when the user asks to "add MCP server", "integrate MCP", "configure MCP in plugin", "use .mcp.json", "set up Model Context Protocol", "connect external service", mentions "${CLAUDE_PLUGIN_ROOT} with MCP", or discusses MCP server types (SSE, stdio, HTTP, WebSocket). Provides comprehensive guidance for integrating Model Context Protocol servers into Claude Code plugins for external tool and service integration.
