[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-81600":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":9,"language":10,"languages":9,"totalLinesOfCode":9,"stars":11,"forks":12,"watchers":13,"openIssues":14,"contributorsCount":15,"subscribersCount":15,"size":15,"stars1d":15,"stars7d":15,"stars30d":15,"stars90d":15,"forks30d":15,"starsTrendScore":15,"compositeScore":16,"rankGlobal":9,"rankLanguage":9,"license":17,"archived":18,"fork":18,"defaultBranch":19,"hasWiki":20,"hasPages":20,"topics":21,"createdAt":9,"pushedAt":9,"updatedAt":22,"readmeContent":23,"aiSummary":24,"trendingCount":15,"starSnapshotCount":15,"syncStatus":25,"lastSyncTime":26,"discoverSource":27},81600,"Orbit","KenyanRedwoods01\u002FOrbit","KenyanRedwoods01","Orbit is a comprehensive, security-first server management platform that unifies app deployment, database management, GitOps automation, real-time monitoring, and enterprise-grade security tools (Wazuh, Suricata, CrowdSec, Fail2ban) with granular port control—all in a modern, open-source interface that rivals Cloudron and Plesk.",null,"TypeScript",23,5,1,52,0,42.33,"Other",false,"main",true,[],"2026-06-12 04:01:34","\u003Cdiv align=\"center\">\n\n\u003Cpicture>\n \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"https:\u002F\u002Fcapsule-render.vercel.app\u002Fapi?type=waving&color=0:060910,30:0a1628,70:0d1f3c,100:060910&height=260§ion=header&text=◎%20ORBIT&fontSize=82&fontColor=4a9eff&fontAlignY=42&fontAlign=50&desc=Security-First%20%E2%80%A2%20Single%20Binary%20%E2%80%A2%20Full%20Stack%20Server%20Management&descSize=15&descColor=4a7fa5&descAlignY=62&descAlign=50&animation=fadeIn&stroke=0d2040&strokeWidth=2\">\n \u003Cimg src=\"https:\u002F\u002Fcapsule-render.vercel.app\u002Fapi?type=waving&color=0:060910,30:0a1628,70:0d1f3c,100:060910&height=260§ion=header&text=◎%20ORBIT&fontSize=82&fontColor=4a9eff&fontAlignY=42&fontAlign=50&desc=Security-First%20%E2%80%A2%20Single%20Binary%20%E2%80%A2%20Full%20Stack%20Server%20Management&descSize=15&descColor=4a7fa5&descAlignY=62&descAlign=50&animation=fadeIn\" alt=\"Orbit\">\n\u003C\u002Fpicture>\n\n[![Stars](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002FKenyanRedwoods01\u002FOrbit?style=for-the-badge&logo=github&logoColor=white&color=4a9eff&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fstargazers)\n[![Forks](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fforks\u002FKenyanRedwoods01\u002FOrbit?style=for-the-badge&logo=githubactions&logoColor=white&color=22c55e&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fnetwork\u002Fmembers)\n[![Issues](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues\u002FKenyanRedwoods01\u002FOrbit?style=for-the-badge&logo=github&logoColor=white&color=f97316&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fissues)\n[![PRs](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues-pr\u002FKenyanRedwoods01\u002FOrbit?style=for-the-badge&logo=github&logoColor=white&color=a855f7&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fpulls)\n[![Contributors](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcontributors\u002FKenyanRedwoods01\u002FOrbit?style=for-the-badge&logo=github&logoColor=white&color=f43f5e&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fgraphs\u002Fcontributors)\n[![Watchers](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fwatchers\u002FKenyanRedwoods01\u002FOrbit?style=for-the-badge&logo=github&logoColor=white&color=ec4899&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fwatchers)\n\n[![Release](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002FKenyanRedwoods01\u002FOrbit?style=for-the-badge&logo=github&logoColor=white&color=4a9eff&labelColor=0d1117&label=Release&include_prereleases)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Freleases\u002Flatest)\n[![CI](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Factions\u002Fworkflow\u002Fstatus\u002FKenyanRedwoods01\u002FOrbit\u002Fci.yml?branch=main&style=for-the-badge&logo=githubactions&logoColor=white&label=CI&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Fci.yml)\n[![Security Scan](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Factions\u002Fworkflow\u002Fstatus\u002FKenyanRedwoods01\u002FOrbit\u002Fsecurity.yml?branch=main&style=for-the-badge&logo=githubactions&logoColor=white&label=Security&labelColor=0d1117&color=22c55e)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Fsecurity.yml)\n[![Last Commit](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flast-commit\u002FKenyanRedwoods01\u002FOrbit\u002Fmain?style=for-the-badge&logo=git&logoColor=white&color=f59e0b&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fcommits\u002Fmain)\n[![Commits\u002Fmonth](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcommit-activity\u002Fm\u002FKenyanRedwoods01\u002FOrbit?style=for-the-badge&logo=git&logoColor=white&color=06b6d4&labelColor=0d1117&label=Commits%2Fmo)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fgraphs\u002Fcommit-activity)\n\n[![Go 1.22](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FGo-1.22-00ADD8?style=for-the-badge&logo=go&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgolang.org)\n[![React 18](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FReact-18-61DAFB?style=for-the-badge&logo=react&logoColor=white&labelColor=0d1117)](https:\u002F\u002Freact.dev)\n[![TypeScript](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FTypeScript-5-3178C6?style=for-the-badge&logo=typescript&logoColor=white&labelColor=0d1117)](https:\u002F\u002Ftypescriptlang.org)\n[![SQLite](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FSQLite-WAL-003B57?style=for-the-badge&logo=sqlite&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fsqlite.org)\n[![AGPL](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-AGPL%20v3-22c55e?style=for-the-badge&logo=gnu&logoColor=white&labelColor=0d1117)](LICENSE)\n\n[![amd64](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Famd64-supported-4a9eff?style=flat-square&logo=linux&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Freleases)\n[![arm64](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Farm64-supported-4a9eff?style=flat-square&logo=linux&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Freleases)\n[![armv7](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Farmv7-supported-4a9eff?style=flat-square&logo=linux&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Freleases)\n[![.deb](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F.deb-package-A80030?style=flat-square&logo=debian&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Freleases)\n[![.rpm](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F.rpm-package-EE0000?style=flat-square&logo=redhat&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Freleases)\n[![Docker](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDocker-ghcr.io-2496ED?style=flat-square&logo=docker&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fpkgs\u002Fcontainer\u002Forbit)\n[![Docs](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDocs-live-4a9eff?style=flat-square&logo=readthedocs&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002F)\n\n\u003Cbr\u002F>\n\n```\n╔══════════════════════════════════════════════════════════════════╗\n║ 27,375 lines of Go · 49 API handlers · 59 database tables ║\n║ 38,894 lines of TypeScript · 66 React pages · 40 routes ║\n║ 4 CI\u002FCD workflows · amd64 + arm64 + armv7 · 0 runtime deps ║\n╚══════════════════════════════════════════════════════════════════╝\n```\n\n**[🌐 Live Docs](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002F) · [📦 Releases](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Freleases) · [🐛 Issues](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fissues) · [💙 Sponsor](https:\u002F\u002Fgithub.com\u002Fsponsors\u002FKenyanRedwoods01)**\n\n\u003C\u002Fdiv>\n\n---\n\n## ⚡ Install in 30 seconds\n\n\u003Ctable>\n\u003Ctr>\n\u003Ctd width=\"33%\">\n\n**One-line** _(recommended)_\n```bash\ncurl -fsSL https:\u002F\u002Fraw.githubusercontent.com\u002F\\\nKenyanRedwoods01\u002FOrbit\u002Fmain\u002Finstall.sh \\\n| sudo bash\n```\n\n\u003C\u002Ftd>\n\u003Ctd width=\"33%\">\n\n**Docker**\n```bash\ndocker run -d --name orbit \\\n -p 5000:5000 \\\n -v \u002Fvar\u002Frun\u002Fdocker.sock:\u002Fvar\u002Frun\u002Fdocker.sock \\\n -v orbit-data:\u002Fdata \\\n --cap-add CAP_NET_ADMIN \\\n --cap-add CAP_SYS_PTRACE \\\n ghcr.io\u002Fkenyanredwoods01\u002Forbit:latest\n```\n\n\u003C\u002Ftd>\n\u003Ctd width=\"33%\">\n\n**From source**\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\ncd Orbit\nmake build\nsudo .\u002Forbit\n```\n\n\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003C\u002Ftable>\n\n> Open `http:\u002F\u002Flocalhost:5000` — setup wizard runs automatically on first boot.\n\n---\n\n## 📊 Live Repository Tracking\n\n\u003Cdiv align=\"center\">\n\n[![Activity Graph](https:\u002F\u002Fgithub-readme-activity-graph.vercel.app\u002Fgraph?username=KenyanRedwoods01&repo=Orbit&theme=react-dark&bg_color=0d1117&color=4a9eff&line=4a9eff&point=22c55e&area=true&area_color=0d2a4a&hide_border=true&radius=6)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fgraphs\u002Fcommit-activity)\n\n\u003C\u002Fdiv>\n\n\u003Cdiv align=\"center\">\n\n| | Metric | Live |\n|:--:|:--|:--|\n| ⭐ | Stars | ![Stars](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fstars\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=4a9eff&labelColor=161b22) |\n| 🍴 | Forks | ![Forks](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fforks\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=22c55e&labelColor=161b22) |\n| 👥 | Contributors | ![Contributors](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcontributors\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=f43f5e&labelColor=161b22) |\n| 👁 | Watchers | ![Watchers](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fwatchers\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=ec4899&labelColor=161b22) |\n| 🐛 | Open issues | ![Issues](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=f97316&labelColor=161b22) |\n| ✅ | Closed issues | ![Closed](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues-closed\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=22c55e&labelColor=161b22) |\n| 🔀 | Open PRs | ![PRs](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues-pr\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=a855f7&labelColor=161b22) |\n| 📦 | Latest release | ![Release](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fv\u002Frelease\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=4a9eff&labelColor=161b22&include_prereleases) |\n| 📅 | Last commit | ![Commit](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flast-commit\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=f59e0b&labelColor=161b22) |\n| 🔥 | Commits\u002Fmonth | ![Activity](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fcommit-activity\u002Fm\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=06b6d4&labelColor=161b22&label=per%20month) |\n| 💾 | Repo size | ![Size](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Frepo-size\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=8b5cf6&labelColor=161b22) |\n| 📝 | Code size | ![Code](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flanguages\u002Fcode-size\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=06b6d4&labelColor=161b22) |\n| 🏷️ | Release date | ![Date](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Frelease-date\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=4a9eff&labelColor=161b22) |\n| 🌐 | Top language | ![Lang](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Flanguages\u002Ftop\u002FKenyanRedwoods01\u002FOrbit?style=flat-square&color=00ADD8&labelColor=161b22) |\n\n\u003C\u002Fdiv>\n\n---\n\n## 📈 Star History\n\n\u003Cdiv align=\"center\">\n\n[![Star History Chart](https:\u002F\u002Fapi.star-history.com\u002Fsvg?repos=KenyanRedwoods01\u002FOrbit&type=Date&theme=dark)](https:\u002F\u002Fstar-history.com\u002F#KenyanRedwoods01\u002FOrbit&Date)\n\n\u003C\u002Fdiv>\n\n---\n\n## 🏗️ Architecture\n\n```\n┌─────────────────────────────────────────────────────────────────────────────┐\n│ ORBIT v0.1.0 │\n│ Single Go binary · Port 5000 · Zero deps │\n├───────────────────────┬─────────────────────────┬───────────────────────────┤\n│ React 18 SPA │ Go 1.22 HTTP\u002F2 API │ Persistence Layer │\n│ TypeScript 5 │ │ │\n│ 38,894 lines │ 49 handlers │ SQLite (WAL mode) │\n│ 66 pages \u002F 40 routes│ 27,375 lines │ 59 tables │\n│ Zustand stores │ WebSocket hub │ BoltDB ring buffer │\n│ Custom SVG icons │ JWT + TOTP auth │ 24h metric history │\n│ Dark + Light theme │ Audit middleware │ \u002Fvar\u002Flib\u002Forbit\u002F │\n└───────────────────────┴─────────────────────────┴───────────────────────────┘\n │\n ┌─────────────────┴──────────────────┐\n ▼ ▼\n Unix socket MCP Prometheus \u002Fmetrics\n \u002Frun\u002Forbit\u002Fmcp.sock Grafana-scrapable\n AI agent access 40+ labeled metrics\n```\n\n### Dependencies (lean by design)\n\n```\ngithub.com\u002FBurntSushi\u002Ftoml v1.3.2 — config file parsing\ngithub.com\u002Fgolang-jwt\u002Fjwt\u002Fv5 v5.2.1 — JWT auth tokens\ngithub.com\u002Fgorilla\u002Fwebsocket v1.5.1 — WebSocket hub\ngithub.com\u002Fmattn\u002Fgo-sqlite3 v1.14.22 — SQLite (CGO)\ngithub.com\u002Fshirou\u002Fgopsutil\u002Fv3 v3.24.2 — OS metrics\ngo.etcd.io\u002Fbbolt v1.3.9 — BoltDB metric ring\ngolang.org\u002Fx\u002Fcrypto v0.21.0 — bcrypt + SSH + TOTP\ngithub.com\u002Fcreack\u002Fpty v1.1.24 — real PTY sessions\n```\n\n**8 direct dependencies. No Kubernetes. No Docker daemon. No Node runtime.**\n\n---\n\n## 🛡️ Security Stack — Unique in the Industry\n\n> No other open-source server panel manages all four of these tools.\n> Not Webmin. Not Cockpit. Not HestiaCP. Not Coolify. Not Portainer.\n\n\u003Ctable>\n\u003Ctr>\n\u003Ctd align=\"center\" width=\"25%\">\n\n**CrowdSec**\u003Cbr\u002F>`738 lines`\n\nStatus · alerts · decisions\nbouncers · LAPI · hub\ncollections · config\nallowlists · install\n\n\u003C\u002Ftd>\n\u003Ctd align=\"center\" width=\"25%\">\n\n**Fail2ban**\u003Cbr\u002F>`700 lines`\n\nAll jails · ban\u002Funban\nper-jail stats · log parse\nconfig read\u002Fwrite\nfilter list · sqlite3\n\n\u003C\u002Ftd>\n\u003Ctd align=\"center\" width=\"25%\">\n\n**Suricata**\u003Cbr\u002F>`1,031 lines`\n\nRule management\nalert stream · interfaces\nstats · socket control\neve.json tail\n\n\u003C\u002Ftd>\n\u003Ctd align=\"center\" width=\"25%\">\n\n**Wazuh**\u003Cbr\u002F>`1,020 lines`\n\nAgent status · alerts\nrules · decoder\nconfig · service control\nlog analysis\n\n\u003C\u002Ftd>\n\u003C\u002Ftr>\n\u003C\u002Ftable>\n\nPlus: **UFW firewall** (`1,641 lines` — largest handler) with NAT\u002Fport-forward, custom chains, real-time log stream, app profiles, jail integration.\n\n---\n\n## 📋 Complete Handler Reference\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>All 49 handlers with exact line counts — click to expand\u003C\u002Fb>\u003C\u002Fsummary>\n\n| Handler | Lines | What it does |\n|:--|--:|:--|\n| `firewall.go` | **1,641** | UFW exec, NAT, port-forward, app profiles, jails, real-time log WS |\n| `database.go` | **1,471** | MySQL\u002FPostgres\u002FRedis\u002FSQLite\u002FMongoDB\u002FMariaDB, queries, users, stats |\n| `multiserver.go` | **1,426** | SSH exec to remote fleet, server groups, bulk commands |\n| `uptime.go` | **1,384** | HTTP\u002FTCP monitors, incident tracking, background polling goroutine |\n| `settings_extended.go` | **1,173** | 7 categories: appearance, auth policy, notif config, backup config |\n| `suricata.go` | **1,031** | Rule mgmt, alert stream, interface config, stats, socket |\n| `wazuh.go` | **1,020** | Agent status, alerts, rules, decoder, config |\n| `apps.go` | **1,019** | Application install\u002Fremove\u002Fstatus\u002Fcontrol |\n| `ports.go` | **970** | ss + iptables + \u002Fproc\u002Fnet, risk scoring, service name lookup |\n| `filesystem.go` | **872** | Browse\u002Fread\u002Fwrite\u002Fupload\u002Fdownload\u002Fchmod\u002Fchown\u002Fcompress\u002Fextract\u002Fhex |\n| `webserver.go` | **835** | Nginx site CRUD, config read\u002Fwrite, SSL, performance, reload |\n| `crowdsec.go` | **738** | cscli + LAPI, alerts, decisions, bouncers, hub, collections |\n| `logs.go` | **711** | journalctl tail, \u002Fvar\u002Flog scan, WS stream, log-level parse, search |\n| `fail2ban.go` | **700** | fail2ban-client, jails, ban\u002Funban, log parse, config, filter list |\n| `ssh.go` | **691** | Key vault (Ed25519+RSA gen), saved hosts, snippets, port-forward |\n| `containers.go` | **680** | Docker socket — list\u002Fstart\u002Fstop\u002Fremove, images, volumes, stats WS |\n| `server.go` | **675** | HTTP\u002FWS router, middleware chain, graceful shutdown, route groups |\n| `pipelines.go` | **674** | CI\u002FCD stages, env vars, runs, approval gates, cancel, shell exec |\n| `github_actions.go` | **672** | GitHub API — workflows, runs, logs, dispatch, HMAC webhook |\n| `plugins.go` | **501** | Plugin registry CRUD, install\u002Fremove hooks |\n| `notifications.go` | **475** | SMTP + Slack + webhook, channel CRUD, test, event history |\n| `certificates.go` | **451** | Self-signed gen, certbot Let's Encrypt, expiry check |\n| `ftp.go` | **423** | FTP user management, quotas, config |\n| `security.go` | **417** | sshd_config audit, open ports, apt vuln scan |\n| `processes.go` | **397** | gopsutil list, kill, renice, detail (FDs\u002Fenv\u002Fthreads\u002FCWD) |\n| `cron.go` | **390** | Scheduler goroutine, job CRUD, history, run-now |\n| `deploy.go` | **362** | Webhook CRUD, HMAC verify, shell exec, log capture |\n| `totp.go` | **355** | RFC 6238, QR code, backup codes, separate login route |\n| `openapi.go` | **351** | OpenAPI 3.1 spec, embedded Swagger UI at \u002Fapi\u002Fdocs |\n| `backup.go` | **347** | Scheduler goroutine, tar+gzip, run history |\n| `audit.go` | **334** | Every mutation: user\u002Fmethod\u002Fpath\u002Fstatus\u002FIP\u002Fbody SHA-256 |\n| `alert_rules.go` | **295** | Threshold rules, eval on WS tick, dispatch notification |\n| `metrics.go` | **291** | WS hub, snapshot broadcast, BoltDB history, summary |\n| `agent.go` | **284** | Remote agent: register\u002Fheartbeat\u002Fmetrics-push, staleness |\n| `services.go` | **272** | systemctl exec — start\u002Fstop\u002Frestart\u002Fenable\u002Fdisable, journal WS |\n| `users.go` | **229** | User CRUD, roles (admin\u002Fviewer), password change |\n| `ssh_collab.go` | **208** | Shared terminal sessions, invite tokens, participant management |\n| `prometheus.go` | **179** | 40+ metrics: CPU times, IOPS, await_ms, packets, drops |\n| `mcp.go` | **158** | Token CRUD, scopes, SHA-256 hash, last-used, audit |\n| `sysinfo.go` | **143** | OS\u002Fkernel\u002Fdistro, logged-in users, pending updates |\n| `setup.go` | **116** | First-boot wizard, admin creation, config write |\n| `terminal.go` | **104** | creack\u002Fpty PTY session, xterm-256color, resize protocol |\n| `auth.go` | **77** | JWT issue\u002Fvalidate, bcrypt compare, HttpOnly cookie |\n| `settings.go` | **69** | Settings key\u002Fvalue read\u002Fwrite |\n| `middleware.go` | **44** | requireAuth, CORS, rate-limit |\n| `static.go` | **38** | Embedded SPA serve, SPA catch-all fallback |\n| `helpers.go` | **37** | Shared exec helpers, shell sanitize |\n| `filesystem_unix.go` | **21** | Unix-specific FS helpers |\n| `suricata_socket.go` | **15** | Suricata Unix socket I\u002FO |\n\n**Total: 27,375 lines across 49 handlers**\n\n\u003C\u002Fdetails>\n\n---\n\n## 🗄️ Database Schema — 59 Tables\n\n\u003Cdetails>\n\u003Csummary>\u003Cb>All 59 tables by domain — click to expand\u003C\u002Fb>\u003C\u002Fsummary>\n\n| Domain | Tables |\n|:--|:--|\n| **Auth** | `users` · `sessions` · `totp_backup_codes` · `api_tokens` |\n| **Firewall** | `fw_rules` · `fw_nat_rules` · `fw_state` · `fw_app_profiles` · `fw_jails` · `fw_banned_ips` · `fw_logs` |\n| **Deploy** | `deploy_hooks` · `deploy_log` · `pipelines` · `pipeline_stages` · `pipeline_envs` · `pipeline_runs` · `pipeline_stage_runs` |\n| **GitHub** | `git_settings` · `git_workflows` · `git_runs` · `git_run_logs` |\n| **Monitoring** | `alert_rules` · `alert_events` · `server_alerts` |\n| **Uptime** | `uptime_monitors` · `uptime_events` · `uptime_incidents` |\n| **SSH** | `ssh_keys` · `ssh_saved` · `ssh_sessions` · `ssh_snippets` · `ssh_port_forwards` · `ssh_recordings` · `ssh_collab_sessions` · `ssh_collab_participants` |\n| **Fleet** | `managed_servers` · `server_groups` · `server_group_members` · `server_commands` · `agents` · `agent_metrics` |\n| **System** | `cron_jobs` · `cron_history` · `backup_configs` · `backup_runs` · `ftp_users` · `ftp_quotas` · `certs` |\n| **Apps** | `server_apps` · `plugins` |\n| **Database** | `database_connections` · `db_query_history` |\n| **Security** | `mcp_tokens` · `mcp_audit` · `audit_log` |\n| **Notifications** | `notification_channels` · `notification_events` |\n| **Config** | `settings` |\n\n\u003C\u002Fdetails>\n\n---\n\n## 🆚 Comparison Matrix\n\n| | **Orbit** | Webmin | Cockpit | Coolify | Portainer | HestiaCP |\n|:--|:--:|:--:|:--:|:--:|:--:|:--:|\n| Single binary, no runtime | ✅ Go | ❌ Perl | ❌ C | ❌ PHP | ❌ Node | ❌ PHP |\n| Modern React UI | ✅ | ❌ | ⚠️ | ✅ | ✅ | ❌ |\n| Dark + light theme | ✅ | ❌ | ✅ | ✅ | ✅ | ❌ |\n| CrowdSec full management | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ |\n| Fail2ban full management | ✅ | ⚠️ | ❌ | ❌ | ❌ | ⚠️ |\n| Suricata management | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ |\n| Wazuh management | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ |\n| Prometheus \u002Fmetrics export | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ |\n| MCP \u002F AI agent access | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ |\n| Database manager (6 engines) | ✅ | ⚠️ | ❌ | ❌ | ❌ | ⚠️ |\n| GitHub Actions integration | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ |\n| SSH collaboration sessions | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ |\n| CI\u002FCD pipelines | ✅ | ❌ | ❌ | ✅ | ❌ | ❌ |\n| Docker containers | ✅ | ⚠️ | ✅ | ✅ | ✅ | ❌ |\n| systemd services | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |\n| Cron + backup scheduler | ✅ | ✅ | ❌ | ❌ | ❌ | ✅ |\n| Full audit log (SHA-256) | ✅ | ❌ | ❌ | ❌ | ❌ | ❌ |\n| TOTP 2FA (RFC 6238) | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ |\n| OpenAPI 3.1 spec | ✅ | ❌ | ❌ | ✅ | ✅ | ❌ |\n| One-line install | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ |\n\n---\n\n## 🚦 CI\u002FCD Pipeline\n\n[![CI](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Fci.yml\u002Fbadge.svg?branch=main)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Fci.yml)\n[![Release](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Frelease.yml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Frelease.yml)\n[![Pages](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Fpages.yml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Fpages.yml)\n[![Security](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Fsecurity.yml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Factions\u002Fworkflows\u002Fsecurity.yml)\n\n```\nPush to main ──► ci.yml golangci-lint · go vet · govulncheck\n npm audit · TypeScript check · build test\n concurrency: cancel-in-progress ✓\n\nTag v*.*.* ───► release.yml GoReleaser cross-compile (CGO):\n orbit_linux_{amd64,arm64,armv7}.tar.gz\n orbit_linux_{amd64,arm64}.{deb,rpm}\n ghcr.io\u002Fkenyanredwoods01\u002Forbit (multi-arch)\n SHA256SUMS + signature\n ► pages.yml Docs site → GitHub Pages (auto)\n ► security.yml govulncheck + nancy dependency scan\n```\n\n---\n\n## 🔒 Security Model\n\n[![AGPL-3.0](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-AGPL%20v3-22c55e?style=flat-square&logo=gnu&logoColor=white&labelColor=0d1117)](LICENSE)\n[![CVD](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDisclosure-GitHub%20Advisories-f59e0b?style=flat-square&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fsecurity\u002Fadvisories)\n\n| Layer | Implementation |\n|:--|:--|\n| Authentication | JWT HS256 · bcrypt cost 12 · HttpOnly secure cookie |\n| 2FA | TOTP RFC 6238 · QR code generation · backup codes |\n| Sessions | SQLite-persisted · expiry-aware · revocable |\n| Process isolation | Dedicated `orbit` system user · no login shell |\n| Capabilities | `CAP_NET_ADMIN` + `CAP_SYS_PTRACE` only — all others dropped |\n| Audit trail | Every `POST\u002FPUT\u002FPATCH\u002FDELETE`: user · method · path · status · IP · body SHA-256 |\n| MCP tokens | Scoped · SHA-256 stored · last-used timestamp · revocable |\n| Dependency scanning | govulncheck + nancy on every push |\n| Disclosure | 72h acknowledgment · 7-day resolution · GitHub Security Advisories |\n\n**Report a vulnerability:** [GitHub Security Advisories](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fsecurity\u002Fadvisories\u002Fnew) — never open a public issue for security bugs.\n\n---\n\n## 🤖 MCP — Server Management for AI Agents\n\n```bash\n# Create a scoped token\ncurl -X POST http:\u002F\u002Flocalhost:5000\u002Fapi\u002Fmcp\u002Ftokens \\\n -H \"Authorization: Bearer $ORBIT_JWT\" \\\n -d '{\"name\":\"claude-agent\",\"scope\":\"read\"}'\n\n# Agent lists available tools\nGET \u002Fapi\u002Fmcp\u002Ftools\n\n# Agent executes a tool\nPOST \u002Fapi\u002Fmcp\u002Fexecute {\"tool\":\"get_metrics\",\"token\":\"orb_read_...\"}\n```\n\n| Scope | Access |\n|:--|:--|\n| `read` | Metrics, logs, processes, ports, uptime status |\n| `deploy` | Trigger hooks, run pipelines, view deployments |\n| `admin` | Full read + write on all endpoints |\n\nEvery MCP execution is audit-logged: token ID · tool · params hash · status · timestamp.\n\n---\n\n## ⚙️ Configuration\n\n```toml\n# \u002Fetc\u002Forbit\u002Forbit.toml\n\n[server]\nport = 5000 host = \"0.0.0.0\" tls = false\n\n[database]\npath = \"\u002Fvar\u002Flib\u002Forbit\u002Forbit.db\"\n\n[metrics]\nretention = \"24h\" interval = \"2s\"\n\n[auth]\njwt_secret = \"\" session_ttl = \"24h\" totp_enabled = true\n\n[prometheus]\nenabled = true path = \"\u002Fmetrics\" token_required = false\n\n[mcp]\nsocket = \"\u002Frun\u002Forbit\u002Fmcp.sock\" tcp = false tcp_port = 5001\n```\n\n---\n\n## 📁 Repository Structure\n\n```\nOrbit\u002F\n├── cmd\u002Forbit\u002F main.go · cli.go\n├── internal\u002F\n│ ├── api\u002F 49 handlers — 27,375 lines\n│ ├── collector\u002F gopsutil: CPUTimes\u002FMemory\u002FDiskIOPS\u002FNetPackets\u002FLoad\n│ ├── db\u002F 59-table SQLite schema + migrations\n│ └── modules\u002F domain modules\n├── web\u002Fsrc\u002F\n│ ├── pages\u002F 66 React 18 TypeScript pages — 38,894 lines\n│ ├── components\u002F Modal · Toast · DataTable · StatCard · StatusBadge\n│ ├── lib\u002Fapi.ts 80+ typed fetch functions\n│ ├── hooks\u002F useWebSocket · useMetricsStream\n│ └── store\u002F Zustand: auth · toast\n├── packaging\u002F Dockerfile · orbit.service · postinstall.sh\n├── deploy\u002Fnginx\u002F reverse proxy config\n├── docs\u002F GitHub Pages — 7 documentation pages\n├── .github\u002Fworkflows\u002F ci.yml · release.yml · pages.yml · security.yml\n├── goreleaser.yml amd64\u002Farm64\u002Farmv7 · deb\u002Frpm\u002FDocker\n├── install.sh one-line installer\n├── SECURITY.md\n├── CHANGELOG.md\n└── LICENSE AGPL-3.0\n```\n\n---\n\n## 📖 Documentation\n\n| | | |\n|:--|:--|:--|\n| [🚀 Installation](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002Finstallation.html) | [⚙️ Configuration](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002Fconfiguration.html) | [📡 API Reference](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002Fapi-reference.html) |\n| [🤖 MCP Guide](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002Fmcp.html) | [🔁 GitHub Actions](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002Fgithub-actions.html) | [🔐 Security](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002Fsecurity.html) |\n| [🤝 Contributing](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002Fcontributing.html) | [📋 Changelog](CHANGELOG.md) | [🌐 Swagger UI](http:\u002F\u002Flocalhost:5000\u002Fapi\u002Fdocs) |\n\n---\n\n## 🤝 Contributing\n\n[![PRs Welcome](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FPRs-Welcome-22c55e?style=for-the-badge&logo=github&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fpulls)\n[![Good First Issues](https:\u002F\u002Fimg.shields.io\u002Fgithub\u002Fissues\u002FKenyanRedwoods01\u002FOrbit\u002Fgood%20first%20issue?style=for-the-badge&color=7c3aed&labelColor=0d1117&label=Good%20First%20Issues)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit\u002Fissues?q=is%3Aopen+label%3A%22good+first+issue%22)\n\n```bash\ngit clone https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit && cd Orbit\ngo run .\u002Fcmd\u002Forbit --dev --port 5000 # backend (Go 1.22+, CGO)\ncd web && npm install && npm run dev # frontend (Node 20+, :5173)\n```\n\n---\n\n## 💙 Support\n\n\u003Cdiv align=\"center\">\n\n[![GitHub Sponsors](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FSponsor-GitHub%20Sponsors-ea4aaa?style=for-the-badge&logo=github-sponsors&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002Fsponsors\u002FKenyanRedwoods01)\n[![Open Collective](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FDonate-Open%20Collective-7fadf2?style=for-the-badge&logo=opencollective&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fopencollective.com\u002Forbit)\n\n\u003C\u002Fdiv>\n\nSponsors get: priority issue responses · name in CHANGELOG · company logo in README ($100+\u002Fmo)\n\n---\n\n\u003Cdiv align=\"center\">\n\n\u003Cpicture>\n \u003Csource media=\"(prefers-color-scheme: dark)\" srcset=\"https:\u002F\u002Fcapsule-render.vercel.app\u002Fapi?type=waving&color=0:060910,30:0a1628,70:0d1f3c,100:060910&height=140§ion=footer&animation=fadeIn\">\n \u003Cimg src=\"https:\u002F\u002Fcapsule-render.vercel.app\u002Fapi?type=waving&color=0:060910,30:0a1628,70:0d1f3c,100:060910&height=140§ion=footer&animation=fadeIn\" alt=\"footer\">\n\u003C\u002Fpicture>\n\n**◎ ORBIT** — Go + React · AGPL-3.0 · [kenyanredwoods01.github.io\u002FOrbit](https:\u002F\u002Fkenyanredwoods01.github.io\u002FOrbit\u002F)\n\n[![Go](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FGo-00ADD8?style=flat-square&logo=go&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgolang.org)\n[![React](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FReact-61DAFB?style=flat-square&logo=react&logoColor=white&labelColor=0d1117)](https:\u002F\u002Freact.dev)\n[![Self-hostable](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002F100%25-Self%20Hostable-22c55e?style=flat-square&logo=homeassistant&logoColor=white&labelColor=0d1117)](https:\u002F\u002Fgithub.com\u002FKenyanRedwoods01\u002FOrbit)\n\n*A ⭐ star takes 3 seconds and helps more people find this project.*\n\n\u003C\u002Fdiv>","Orbit 是一个以安全为首要考量的服务器管理平台,集成了应用部署、数据库管理、GitOps 自动化、实时监控以及企业级安全工具(如 Wazuh, Suricata, CrowdSec, Fail2ban)等功能,并提供细粒度的端口控制。该项目采用 TypeScript 编写,具有单一二进制文件和全栈服务器管理的特点,通过现代化且开源的界面呈现,可与 Cloudron 和 Plesk 等商业产品相媲美。Orbit 适用于需要高效管理和保护其服务器环境的企业或个人开发者,特别是在对安全性有较高要求的应用场景中表现尤为出色。",2,"2026-06-11 04:05:39","CREATED_QUERY"]