Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Best self hosted, web based GUI tool to manage multiple servers
New on LowEndTalk? Please Register and read our Community Rules.

Best self hosted, web based GUI tool to manage multiple servers

trycatchthistrycatchthis Member
edited December 2021 in General

So far there's cockpit which ships with Centos 8;

Any other suggestions?

Thanked by 1Logano

Comments

  • I'd be up for some ideas too, I've been using Cockpit on all my linux boxes.

    Thanked by 1Logano
  • Moss.sh

  • jmgcaguiclajmgcaguicla Member
    edited December 2021

    Mist CE is a bit on the heavy side resource-wise, plus its more focused on server management rather than system administration (when compared right next to Cockpit).

    Thanked by 1BlazinDimes
  • @Dazzle said:
    Moss.sh

    I can not get an account from them

  • Indeed, I am looking for a SolusVM alternatives but some are dead or old-school projects. Thinking to start from scratch, with regarding security aspects and command lines as backend, do you recommend which language to start as front-end? PHP? Python? Other?

  • Daniel15Daniel15 Member
    edited December 2021

    @bsh said: do you recommend which language to start as front-end? PHP? Python? Other?

    Whatever you use, please ensure you have proper privilege separation :smile:

    The backend (running stuff as root) and the frontend (running as www-data or a similar unprivileged user) should be completely separate components. The backend should not be exposed to the user. The frontend should not allow direct access to change anything on the server. It should user inter-process communication (eg via a UNIX socket, IPC APIs offered by the programming language you're using, gRPC, etc) with a backend service that properly verifies that the user is authenticated to perform the action, before doing anything.

    This should hopefully reduce your attack surface (nothing the user directly touches is executing as root), and theoretically reduce the likelihood of risks around RCE (Remote Code Execution), as long as your backend service properly validates all inputs.

    I wouldn't recommend PHP for something like this though. Python is good and already available on most servers. Go is good too, especially since Go apps can be statically compiled into a single executable.

    Thanked by 2bsh yoursunny
  • Nice thanks @Daniel15 for your precious advices. I've been familiar with PHP since its beginning, but I will take a look at Go for this though even learning from scratch to start a project takes a long time and dedis hires.

  • If you feel comfortable with PHP, then writing the frontend with it is fine, although PHP isn't so good for backend services (doable but not ideal)

  • If using PHP, I think I'd put Python in the middle layer. Just looking at Go, it's not hard to learn, natively supported by major OS'es, but it seems to take a long trip for having my codes mature.

  • @Daniel15 said:

    @bsh said: do you recommend which language to start as front-end? PHP? Python? Other?

    Whatever you use, please ensure you have proper privilege separation :smile:

    The backend (running stuff as root) and the frontend (running as www-data or a similar unprivileged user) should be completely separate components. The backend should not be exposed to the user. The frontend should not allow direct access to change anything on the server. It should user inter-process communication (eg via a UNIX socket, IPC APIs offered by the programming language you're using, gRPC, etc) with a backend service that properly verifies that the user is authenticated to perform the action, before doing anything.

    This should hopefully reduce your attack surface (nothing the user directly touches is executing as root), and theoretically reduce the likelihood of risks around RCE (Remote Code Execution), as long as your backend service properly validates all inputs.

    I wouldn't recommend PHP for something like this though. Python is good and already available on most servers. Go is good too, especially since Go apps can be statically compiled into a single executable.

    I am blocking ports 9090 on every VPS I install Cockpit on except for whitelisted IP addresses.

  • Currently cockpit has still been the easiest thing to use.

    I should clarify here:
    1. Easy to use
    2. Easy to install
    3. GUI Web Based (in a browser)
    4. Displays basic information like ram, disk, cpu utilization as a percentage of total with the total visable. OS, I/O and maybe network performance.

  • trycatchthistrycatchthis Member
    edited January 23

    accidental double post

  • TrKTrK Member

    necro.... @Arkas

This discussion has been closed.