Orbit VPS

One binary that replaces Cockpit, Coolify, and Webmin — metrics, logs, services, firewall, and GitOps from a single port.

Comment

Inspiration

Every server I managed required five different tools. Cockpit gave me metrics but couldn't deploy apps. Coolify deployed apps but showed nothing about OS health. Webmin edited configs but had no container awareness. At 2 AM, debugging a downed server meant running htop, docker logs, journalctl, and ufw status — four different syntaxes, four different mental models. I was paying for servers and spending more time managing tools than building products. No existing project even attempted to unify these layers. So I built one that does.

What it does

Orbit is a single Go binary — under 18MB — that embeds a complete server management platform. It provides real-time per-process CPU, memory, disk, and network graphs with a 24-hour ring buffer via WebSocket streaming. It manages systemd services, Docker containers, and PM2 processes from a unified interface with a built-in unit file editor. It streams logs from any file or journald unit in real-time with full-text search. It provides visual nftables/UFW firewall rule editing with conflict detection. It supports GitOps deployments triggered by webhooks from any Git provider, with zero-downtime blue/green deployment and automatic rollback. It includes a full user profile system with display names, avatar color pickers, TOTP two-factor authentication with QR codes and backup codes, session management with per-device revoke, and a timestamped activity audit trail. It exposes an MCP server for AI agents to query server state and trigger actions through scoped Unix sockets. Everything serves from one port with self-signed TLS. No agents. No external database. No runtime dependencies beyond the Linux kernel.

How we built it

The backend is Go 1.22 using only net/http for HTTP/2 serving, gorilla/websocket for live metric and log streams, gopsutil for /proc abstraction, go-sqlite3 for user accounts and configuration, and bbolt for the metric ring buffer. Authentication uses golang-jwt with bcrypt password hashing via golang.org/x/crypto. TOTP two-factor authentication is implemented following RFC 6238 with QR code generation for authenticator apps. The frontend is React 18 with TypeScript, built with Vite 5, using recharts for time-series graphs, xterm.js for the built-in terminal and log viewer, zustand for global state management, and @tanstack/react-query for server state. The entire React SPA compiles to static files and embeds into the Go binary via go:embed. Database migrations are handled with a custom migration runner operating on the embedded SQLite database. GoReleaser cross-compiles for amd64, arm64, and armv7, producing .deb, .rpm, and tarball artifacts. GitHub Actions handles CI/CD with four workflows: CI (lint, test, build on every push), Release (GoReleaser on version tags), Pages (documentation site deployment), and Security (weekly govulncheck and CodeQL scanning).

Challenges we ran into

CGO with SQLite broke cross-compilation. Go's standard cross-compiler doesn't work when C code is involved, so every ARM build required a native ARM64 GitHub Actions runner with the correct cross-compilation toolchain. One missing library produced a binary that linked against the wrong SQLite version, crashing on startup.

The /proc filesystem format varies subtly across distributions. Ubuntu 24.04 reports memory statistics differently than Debian 11. ARM64 kernels on Raspberry Pi expose CPU frequencies in a different structure than x86_64 cloud instances. What worked perfectly on my development machine returned zero values on a user's Rockchip board.

nftables rule parsing was unexpectedly complex. Reading rules created by Docker, fail2ban, or a previous administrator's custom script — and displaying them alongside Orbit-managed rules without breaking anything — required building a bidirectional parser that could handle nftables' full ruleset format with sets, maps, and verdict chains.

The TOTP implementation required careful time synchronization handling. RFC 6238 allows for clock drift, but different authenticator apps and server clock skew created edge cases where valid codes were rejected. Adding a time drift tolerance window and testing against Google Authenticator, Authy, and Bitwarden revealed subtle differences in code generation timing.

The bus factor of one was the hardest non-technical challenge. Every commit, every code review, every release, every support question flows through one person. Building a comprehensive profile and security system meant users now expect production-grade reliability — and being the sole developer carrying that expectation required disciplined testing and documentation habits.

Accomplishments that we're proud of

Shipping a working binary that installs with one command and runs on any Linux server. The first user who reported "it just works on my Raspberry Pi" made every late night worth it. The architecture is genuinely minimal — 18MB, 30MB RAM idle, zero runtime dependencies — without sacrificing functionality that usually requires five separate daemons. The profile and security system rivals what enterprise SaaS products offer: TOTP 2FA with QR codes, session management with per-device revocation, password strength meters, and a full activity audit trail — all running on an embedded SQLite database with no external services. The security posture is deliberate: no telemetry, no phone-home, no account required, no external API calls. And the entire project was built with zero funding, purely on nights and weekends, proving that a solo developer can still ship meaningful infrastructure software that competes with funded alternatives.

What we learned

Integration is harder than algorithms. The hard problems in Orbit weren't efficient data structures — they were understanding systemd D-Bus error codes across versions, parsing /proc consistently across kernel builds, implementing RFC 6238 with real-world clock drift tolerance, and making nftables rules coexist with Docker's networking. Infrastructure software lives at the boundaries between systems, and those boundaries are where complexity accumulates.

We also learned that profile and identity management is a first-class feature, not an afterthought. Users immediately asked for display names, avatars, 2FA, and session management — features typically associated with SaaS products, not server management tools. Building a complete identity system taught us that security-conscious developers expect the tools managing their servers to take authentication as seriously as any production application.

Documentation is a feature, not an afterthought. The install script, the configuration reference, the contributing guide, the profile page comparison table against competing tools — these are the first things users see, and their quality determines whether someone becomes a user or bounces. We invested heavily in GitHub Pages documentation with feature cards, tech stack transparency, and honest comparisons that acknowledge where Orbit excels and where it's still catching up.

What's next for Orbit VPS

v0.3 introduces multi-server federation — one Orbit hub managing multiple servers with mutual TLS, aggregated fleet metrics, and centralized configuration push. The MCP server graduates from experimental to production with full token-scoped permissions, audit logging, and Claude Desktop integration for AI-assisted server management.

v0.4 adds a comprehensive security audit module: SSH hardening scores with specific remediation steps, CVE scanning for open ports and installed packages, Fail2ban integration with visual rule management, and enterprise SSO/OIDC support (Google, GitHub, GitLab, Microsoft).

Long-term, Orbit aims to become the last server management tool anyone installs. One binary, one port, complete control — from real-time metrics to GitOps deployments to AI-assisted operations. The monetization path includes managed hosting (Orbit Cloud), enterprise features (SSO, audit logs, SLA), and white-label licensing for VPS providers who want to offer Orbit as their native management interface.

Built With

Share this project:

Updates