Servers
Enroll hosts, inspect heartbeat and resource metrics, and keep agent readiness visible.
aseStack brings servers, sites, Docker, files, databases, backups, security, and logs into one guarded control plane—without hiding the risky parts.
Production-testable by design. aseStack is ready for deliberate trials, validation, and hardening—not blind migration of important fleets.
Review requirementsStart with fleet context, move into a focused workspace, and keep the safety boundary visible throughout the action.
Enroll hosts, inspect heartbeat and resource metrics, and keep agent readiness visible.
Deploy static, PHP-FPM, and reverse-proxy sites through previewable Nginx flows.
Inspect containers and Compose projects, follow logs and stats, and gate live actions.
Work inside bounded roots with atomic saves, backups, upload limits, and edit locks.
Inspect PostgreSQL, MySQL, MariaDB, and Redis with read-only policy controls.
Schedule control-plane backups, move archives to remote providers, and check restore readiness.
Review firewall and malware-scan posture, authentication policy, and action guards.
Search audit events, backup runs, deployments, guard changes, and agent commands.
The product connects daily administration with the policy, history, and recovery context that make it safe to repeat.
Use the dashboard for fleet-wide context while per-host agents keep execution close to the machine being managed.
Live metrics and durable operator history connect server health with the actions that shaped it.
Controller policy and host-side switches keep live mutations opt-in, visible, and attributable.
Backup, restore-readiness, deployment checks, and retained evidence turn recovery into an operating habit.
aseStack separates the public edge, the authenticated control plane, and host-level execution so each boundary can be inspected and hardened.
The Go API owns authentication, policy, inventory, jobs, and durable history.
Short-lived enrollment material establishes persistent mTLS trust with each host.
The agent reports health and executes only allowlisted commands enabled on that server.
The installer binds the controller locally by default. Put it behind your own HTTPS reverse proxy before signing in.
aseStack makes exposure, authentication, command permission, and recovery posture visible before an operator changes a host.
Explore the security modelThe controller binds to localhost by default so TLS and internet exposure remain explicit reverse-proxy decisions.
Sessions, rate limits, RBAC, TOTP MFA, passkeys, Turnstile, and an optional security entrance defend the control plane.
High-impact operations can require both controller permission and a separate opt-in on the target host.
Actor, target, command kind, state, and result stay connected across jobs and operator history.
A careful trial starts with a clear picture of what aseStack does today and where the operator still owns the decision.
Not yet. It is a production-testable vertical slice for careful trials and continued hardening, not a promise of turnkey parity with mature commercial panels.
Ubuntu and Debian are the documented targets today. Review the requirements and deployment guide before using a real server.
No. Read operations are broad, while many host-changing operations remain disabled until their controller and host-side guards are deliberately enabled.
Read the requirements, install the controller behind HTTPS, complete first-login hardening, then enroll one non-critical server before expanding the fleet.