sam/dev_arc_aws
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ArchNest paid SaaS line (AWS) — forked from open-source v1 (dev_archnest v1.0)
176 commits 2 branches 1 tag 45 MiB
TypeScript 96.9%
Shell 1.8%
CSS 0.8%
Dockerfile 0.3%
JavaScript 0.1%
Find a file
Samuel James 066a4f97bc Add Forgejo Actions build + deploy pipeline (registry -> racknerd2) 
Build the frontend and backend images in CI, push them to the Forgejo
container registry, and deploy to racknerd2 (validation host) over the
NetBird mesh. racknerd2 only pulls + runs (1.9 GiB RAM, never builds).

- .forgejo/workflows/build.yml: on push to main / manual, build both
  images and push :latest + :<sha> to forgejo.snsnetlabs.com/sam/...
  (installs the docker CLI in the job; relies on the runner's
  docker_host=automount to reach the host engine).
- .forgejo/workflows/deploy.yml: manual dispatch; SSH to racknerd2,
  docker compose pull + up -d, then /api/health check.
- deploy/docker-compose.yml: registry-image compose. Ports bound to the
  mesh IP only (Docker bypasses ufw), so the app is reachable over the
  mesh, not the public interface.
- deploy/.env.example + deploy/README.md: deploy host config + full
  pipeline/prereq docs.
- .gitignore: ignore real .env / deploy/.env.

Co-authored-by: Samuel James <ssamjame@amazon.com>
Co-authored-by: Kiro <noreply@kiro.dev>
2026-06-25 10:04:59 -04:00
.forgejo/workflows Add Forgejo Actions build + deploy pipeline (registry -> racknerd2) 2026-06-25 10:04:59 -04:00
.kiro Add code-audit-fixes spec (#5) 2026-06-24 19:20:18 +00:00
agent Add Docker-over-SSH management and push-agent monitoring (#31) 2026-06-20 16:24:57 -04:00
assets Document theme palettes + organize assets (#4) 2026-06-24 16:27:33 +00:00
backend System design, CloudFormation, theming assets (#3) 2026-06-24 13:55:04 +00:00
deploy Add Forgejo Actions build + deploy pipeline (registry -> racknerd2) 2026-06-25 10:04:59 -04:00
docs System design, CloudFormation, theming assets (#3) 2026-06-24 13:55:04 +00:00
infrastructure System design, CloudFormation, theming assets (#3) 2026-06-24 13:55:04 +00:00
pics Document theme palettes + organize assets (#4) 2026-06-24 16:27:33 +00:00
public Add Nerd Font icon fallback to the Terminal so Starship-style prompts render correctly 2026-06-21 09:00:39 +00:00
scripts Add host setup script for Starship + JetBrainsMono Nerd Font 2026-06-21 09:03:33 +00:00
src modified files 2026-06-22 16:10:05 -06:00
.dockerignore Add Docker deployment and GitHub Actions workflow for racknerd1 2026-06-18 14:18:00 +00:00
.env.example Update docs: mark feature work complete, document deploy setup as the only remaining task 2026-06-19 16:41:32 +00:00
.gitignore Add Forgejo Actions build + deploy pipeline (registry -> racknerd2) 2026-06-25 10:04:59 -04:00
design-decisions.md Document theme palettes + organize assets (#4) 2026-06-24 16:27:33 +00:00
docker-compose.yml Wire guacd sidecar into docker-compose for Remote Desktop deployment 2026-06-19 16:03:40 +00:00
Dockerfile Add Docker deployment and GitHub Actions workflow for racknerd1 2026-06-18 14:18:00 +00:00
eslint.config.js update 2026-06-18 08:14:00 -04:00
HANDOFF.md Group all integration node tiles by integration except Proxmox (#39) 2026-06-21 09:35:55 -04:00
homarr-bookmarks-import.json Add bulk delete-all for bookmarks (#20) 2026-06-20 09:09:44 -04:00
index.html Fix favicon, dark select dropdowns, add brand bookmark icons and Help page 2026-06-19 21:13:32 +00:00
nginx.conf Production deploy: nginx /api proxy, native-module toolchain, hardened CI 2026-06-19 14:22:08 -06:00
package-lock.json Phase 5: RDP/VNC/Telnet remote desktop via guacamole-lite + guacd 2026-06-19 15:25:10 +00:00
package.json Phase 5: RDP/VNC/Telnet remote desktop via guacamole-lite + guacd 2026-06-19 15:25:10 +00:00
README.md System design, CloudFormation, theming assets (#3) 2026-06-24 13:55:04 +00:00
ROADMAP.md Make Appearance light mode work (gray theme) + roadmap GNOME/KDE RDP (#50) 2026-06-22 16:39:50 -04:00
TERMIX_MIGRATION.md Update docs: mark feature work complete, document deploy setup as the only remaining task 2026-06-19 16:41:32 +00:00
tsconfig.app.json update 2026-06-18 08:14:00 -04:00
tsconfig.json update 2026-06-18 08:14:00 -04:00
tsconfig.node.json update 2026-06-18 08:14:00 -04:00
vite.config.ts Add Phase 1a: core SSH terminal (Termix migration) 2026-06-19 10:52:04 +00:00

README.md

ArchNest

A multi-tenant SaaS platform for infrastructure management — SSH terminal, Docker management, remote desktop, host metrics, file management, and 9 real integration adapters from a single browser interface. Developer-first alternative to enterprise RMM tools, starting at $2.50/month.

Pricing

Starter Pro Team
Monthly $2.50/mo $4.25/mo $12/mo
Annual $25/yr $45/yr $95/yr
Hosts 50 125 Unlimited
Users 5 50 200
Remote Desktop
SSO

Features

SSH Suite — Terminal (multi-tab, split panes, persistent sessions), tunnels (local/remote/SOCKS5), SFTP file manager, host-to-host transfer, host metrics (5s polling), jump-host chaining, tmux, certificate auth (OPKSSH).

Docker — Management via TCP API, CLI over SSH, or push agent. Container actions, logs, interactive exec, detail views.

Remote Desktop — RDP/VNC/Telnet via Guacamole (Pro+).

Integrations — Proxmox, Docker, AWS, Cloudflare, NetBird, Uptime Kuma, Weather, SSH, Remote Desktop. All real, no mocks.

Bookmarks — Categorized hub with favorites, link health, full CRUD.

Auth — Cognito (OIDC/SAML SSO for Team), MFA, multi-user roles, audit log.

4 Themes — ArchNest Dark, Midnight Blue, Forest, Light.

Architecture

Hybrid: Akamai Cloud for compute, AWS for managed services.

Layer Provider Service
Compute Akamai G7 Dedicated (4GB, ARM)
Load Balancer Akamai NodeBalancer
Frontend Akamai Object Storage
Database Self-managed PostgreSQL (RLS)
Cache Self-managed Redis
Auth AWS Cognito
Secrets AWS Secrets Manager
Storage AWS S3
DNS AWS Route 53
Email AWS SES

Infrastructure cost: ~$66.50/month at 50 users. Scales to full AWS (Fargate + Aurora) at 100+ users / $500+ MRR.

See docs/aws-architecture/system-design.md for the full system design with diagrams, cost analysis, tier enforcement, and scale-up path.

Tech Stack

Frontend: React 19, Vite 8, TypeScript, Tailwind CSS v4, React Router, Recharts, Lucide React, xterm.js

Backend: Fastify 5, TypeScript, PostgreSQL, Redis, zod, ssh2

Auth: AWS Cognito (OIDC/SAML SSO, MFA, PKCE)

CI/CD: Forgejo Actions → Docker → Akamai VM deploy

Development

npm install && npm run dev          # frontend
cd backend && npm install && npm run dev  # backend

Type-check before committing:

npm run build                    # frontend
cd backend && npx tsc --noEmit  # backend

Documentation

File Content
docs/aws-architecture/system-design.md Full architecture, costs, tier enforcement
design-decisions.md Visual conventions + per-page notes
HANDOFF.md Current state, workflow rules
ROADMAP.md Deferred/tiered work