v0.1.0  ·  Dev Release

Security-First
Server Management

A single Go binary that turns any Linux server into a fully managed VPS — real-time metrics, GitOps deployments, firewall control, containers, and MCP support. Zero dependencies.

Quick Install View on GitHub →
bash — one-line install
# Installs binary, systemd service, and config — one command $ curl -fsSL https://raw.githubusercontent.com/KenyanRedwoods01/Orbit/main/scripts/install.sh | sudo bash # Custom port (default: 5000, range: 5000-6000) $ sudo ORBIT_PORT=5100 bash install.sh
1
binary, zero deps
5000
default port
15+
built-in modules
Go
single binary
AGPL
open source
Preview

See it in action

A full-featured server management dashboard, live in your browser.

Features

Everything your server needs

All modules ship in one binary. Enable or disable each independently via orbit.toml.

Real-time Metrics

CPU, memory, disk, and network graphs streamed live over WebSocket. Per-process stats via /proc.

Security Suite

Integrated Wazuh, Suricata, CrowdSec, and Fail2ban management. Audit logs and RBAC built in.

Firewall Control

Visual nftables/iptables management. Port-level rules with one-click apply and rollback.

GitOps Deployments

Push-to-deploy pipelines from any Git provider. Webhook triggers, build logs, and rollbacks.

Container Management

Full Docker lifecycle — pull, run, inspect, shell, logs — all from the browser.

Web Server Manager

Nginx/Apache vhost management, SSL certificates via Let's Encrypt, and live config editing.

Uptime Monitoring

HTTP and TCP monitors with incident timelines, status pages, and multi-channel alerting.

MCP Server

Model Context Protocol support — let AI assistants like Claude manage your server securely.

Multi-Server Fleet

Manage a fleet of remote servers over SSH from a single Orbit instance.

File Explorer

SFTP-backed file browser with upload, download, edit, and permission management.

Alert Rules

Real-time threshold monitoring across any metric. Fires to email, Slack, webhook, and more.

GitHub Actions

Trigger and monitor GitHub Actions workflows directly from the Orbit dashboard.

Installation

Three ways to install

All methods default to port 5000. Every port must be in range 5000–6000.

Method 1 — One-liner recommended 
# Installs binary, creates system user, writes config, enables systemd service
curl -fsSL https://raw.githubusercontent.com/KenyanRedwoods01/Orbit/main/scripts/install.sh | sudo bash

# With custom options
sudo bash install.sh --port 5100 --version v1.2.0
Method 2 — Clone and install 
git clone https://github.com/KenyanRedwoods01/Orbit.git
cd Orbit
sudo bash scripts/install.sh
Method 3 — Docker (builds from source) 
# Clone and build — Docker image is built locally from source
git clone https://github.com/KenyanRedwoods01/Orbit.git
cd Orbit
cp .env.example .env  # set ORBIT_SECRET_KEY
docker compose up -d  # builds image then starts on port 5000

# Or run a manually built image
docker build -t orbit .
docker run -d --name orbit \
  --cap-add NET_ADMIN --cap-add SYS_PTRACE \
  -p 5000:5000 -v orbit-data:/var/lib/orbit \
  orbit
Installer options bash 
Usage: install.sh [OPTIONS]

  --version, -v  VERSION    Release tag to install  (default: latest)
  --port, -p     PORT       Main panel port [5000-6000]  (default: 5000)
  --mcp-port     PORT       MCP TCP port    [5000-6000]  (default: 5001)
  --metrics-port PORT       Metrics port    [5000-6000]  (default: 5002)
  --no-start                Install without starting the service
  --uninstall               Remove Orbit from this system
  --help, -h                Show this help message
Port Reference

Port range: 5000–6000

All Orbit services are confined to ports 5000–6000. The installer validates every assignment before proceeding.

PortServiceProtocolConfig keyStatus
5000 Main panel (HTTPS)TCP / WSS listen_addr Default
5001 MCP TCP listenerTCP [mcp] tcp_addr Optional
5002 Prometheus metricsHTTP [metrics] addr Optional
5000–6000 Custom user servicesAny Reserved range
CI / CD

GitHub Actions workflows

Orbit ships four production-ready workflows for testing, releasing, Docker publishing, and this documentation site.

1

CI .github/workflows/ci.yml

Runs on every push and PR. Runs golangci-lint, Go tests with race detection, frontend build, and uploads a smoke-test binary artifact.

2

Release .github/workflows/release.yml

Triggered by a version tag (v*.*.*). Runs GoReleaser to build Linux binaries (amd64, arm64, armv7), creates .deb/.rpm packages, and publishes a multi-arch Docker image to GHCR.

3

GitHub Pages .github/workflows/pages.yml

Deploys the docs/ directory to GitHub Pages on every push to main. This is the site you're reading right now.

4

Security Scan .github/workflows/security.yml

Weekly and on every main push: runs govulncheck for Go CVEs and CodeQL analysis for both Go and JavaScript source.

Create a release 
# Tag a release — triggers the release workflow automatically
git tag v0.1.0
git push origin v0.1.0

# GoReleaser builds:
#  orbit_linux_amd64.tar.gz
#  orbit_linux_arm64.tar.gz
#  orbit_linux_armv7.tar.gz
#  orbit_0.1.0_amd64.deb
#  orbit_0.1.0_x86_64.rpm
#  ghcr.io/kenyanredwoods01/orbit:v0.1.0
#  checksums.txt
Configuration

orbit.toml reference

Orbit reads /etc/orbit/orbit.toml by default. Pass a different path with --config.

/etc/orbit/orbit.toml 
# Main listen address — port must be in range 5000-6000
listen_addr = "0.0.0.0:5000"

data_dir   = "/var/lib/orbit"
secret_key = "<auto-generated on first run>"

[modules]
metrics      = true
firewall     = true
deploy       = true
# ... all modules default to true

[mcp]
enabled     = false
socket_path = "/run/orbit/mcp.sock"
# tcp_addr  = "127.0.0.1:5001"
Documentation

Guides & Reference

Everything you need to install, configure, and operate Orbit in production.

Installation Guide

Step-by-step install for Ubuntu, Debian, CentOS, and Docker.

Configuration Reference

All orbit.toml keys, env vars, and CLI flags documented.

API Reference

REST and WebSocket endpoints. OpenAPI spec at /api/openapi.json.

MCP Integration

Connect Claude, GPT, or any MCP-compatible AI to your server.

GitHub Actions

CI/CD workflows, release automation, and Docker publishing.

Security Guide

Hardening checklist, capability model, Wazuh/Suricata setup.

Contributing

Dev environment setup, conventions, and how to submit a PR.

Changelog

Release notes and version history on GitHub Releases.