52 مستودعات
Tools and scripts for deploying applications across various environments.
Distinguishing note: Focuses on the deployment process rather than the application logic.
Explore 52 awesome GitHub repositories matching devops & infrastructure · Infrastructure Deployment. Refine with filters or upvote what's useful.
Huginn is a self-hosted automation platform that functions as an event-driven workflow engine. It allows users to build autonomous agents that monitor web services, scrape data, and execute complex tasks by propagating events through a directed graph. By running on your own server infrastructure, it provides a private environment for orchestrating workflows without relying on third-party automation services. The platform distinguishes itself through a modular, plugin-based architecture that enables the development of custom agents to handle specific data processing needs. Each agent maintains
Supports deployment across diverse environments using automated scripts and configuration management.
Shannon is an integrated security platform designed for autonomous penetration testing, static and dynamic analysis, and automated vulnerability remediation within self-hosted, private infrastructure. It functions as a unified security suite that orchestrates the entire lifecycle of vulnerability management, from initial discovery and reachability prioritization to the generation and verification of code-level patches. The platform distinguishes itself through its agentic approach to security, deploying autonomous agents to execute both black-box and white-box exploits against running applica
Operates entirely within private, air-gapped infrastructure to ensure data sovereignty and security.
This project is an AI model API gateway and proxy server designed to provide a unified interface for interacting with diverse artificial intelligence service providers. It functions as a centralized middleware platform that routes, load balances, and translates API requests across multiple models, enabling developers to access text, image, audio, and video generation capabilities through a single, standardized integration. The gateway distinguishes itself through comprehensive administrative and financial controls, including event-driven usage accounting, real-time token consumption tracking,
Supports deployment across containerized and distributed infrastructure environments.
Project Nomad is a self-hosted survival suite and containerized offline operating environment. It provides a collection of essential tools, including a local retrieval-augmented generation system, an offline mapping server, and a local knowledge base for large language models, all designed to operate on air-gapped hardware. The system prioritizes total offline isolation to ensure telemetry-free operation. It enables private data analysis and semantic document querying through local-first vector storage and offline model execution, keeping all data on internal hardware without requiring intern
Provides a deployment configuration specifically for air-gapped hardware via containerized services.
This project is a Docker educational resource and a collection of practical examples designed for learning containerization technologies. It serves as a guide for understanding container fundamentals, including the creation and management of custom images and the use of registries. The repository provides specialized references for container security hardening, such as managing kernel privileges and implementing supply chain security. It also includes tutorials for multi-container orchestration and a DevOps guide focused on CI/CD automation and image optimization. The material covers a broad
Details deployment configurations for installing container software in environments without internet access.
This project is a full-stack React starter kit and TypeScript web application boilerplate. It provides a pre-configured project template that combines a frontend and backend to accelerate the development of production-ready web applications. The kit is distinguished by its focus on type-safe architectures, utilizing a monorepo structure to synchronize data types between the server and client. It integrates specific implementations for SaaS operations, including recurring subscription billing via Stripe and user identity authentication supporting passkeys, social logins, and email verification
Ships tools for planning and applying infrastructure changes across multiple environments using code-defined configurations.
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
Installs and configures network bridge software on local infrastructure to establish secure tunnels.
This project is a web-based collaborative editor and scientific document management system designed for LaTeX. It provides a centralized environment for writing, editing, and compiling academic manuscripts, enabling multiple users to work on the same project simultaneously through real-time synchronization. The platform distinguishes itself by treating documents as version-controlled repositories, allowing for granular history tracking and bidirectional synchronization with external version control systems. It features a secure, containerized compilation pipeline that isolates build processes
Supports containerized deployment in air-gapped environments to ensure full network isolation.
Cap is a self-hosted screen recording and video collaboration platform designed for teams to replace synchronous meetings with asynchronous video updates. It provides a comprehensive suite for capturing high-resolution desktop activity, including system audio, microphone input, and camera overlays, which are then processed through an integrated post-production workflow. The platform distinguishes itself by offering full data sovereignty through containerized deployment and object storage abstractions, allowing users to host their media assets on private infrastructure or S3-compatible buckets
Deploys containerized application instances on private infrastructure for controlled data storage.
Kaniko is an OCI container image builder that executes Dockerfiles in userspace without requiring a privileged daemon. It is designed as a Kubernetes-native image builder, allowing for the construction and pushing of images to registries from within a cluster or container. The tool ensures reproducible build generation by stripping timestamps from image layers, guaranteeing that identical source inputs produce the same image identifier. It supports multi-architecture image building, allowing for the creation of images compatible with various hardware and operating systems from a single proces
Supports building images in isolated network environments by mapping registry references to internal mirrors.
Salt is an infrastructure configuration management tool and orchestration framework designed for large-scale system administration. It functions as a remote execution engine that enables administrators to manage, provision, and enforce declarative states across distributed fleets of servers from a central control point. By utilizing a high-performance message bus, the platform allows for the simultaneous execution of administrative tasks and the maintenance of consistent software configurations across thousands of nodes. The system distinguishes itself through a flexible architecture that sup
Facilitates software deployment and maintenance in air-gapped, isolated network environments.
Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a target web service. By acting as a reverse proxy, the tool intercepts and relays web requests to capture credentials and session tokens in real time, enabling the bypass of multi-factor authentication mechanisms through session cookie hijacking. The platform distinguishes itself by integrating infrastructure orchestration with modular template-driven content injection. It automates the deployment of proxy servers, manages the lifecycle of encryption certificates, and applies conte
The project provisions servers and configures network settings, including domain names and security certificates, to establish operational environments with minimal manual intervention.
OpenProject هي منصة مفتوحة المصدر لإدارة العمل ومحفظة المشاريع مصممة لتتبع المهام، وإدارة دورات حياة المشاريع، والإشراف على الأهداف الاستراتيجية. توفر بيئة مركزية لتنظيم سير عمل الفريق من خلال لوحات agile، ومخططات Gantt، وخرائط الطريق، مع دعم تسلسلات هرمية معقدة للمشاريع وتخطيط سعة الموارد عبر المؤسسات الكبيرة. تتميز المنصة بدعم متخصص لنمذجة معلومات البناء، مما يسمح للفرق باستيراد وتصور وتنسيق النماذج ثلاثية الأبعاد ومشكلات البناء مباشرة داخل متصفح الويب. كما تميز قدراتها من خلال دمج محركات سير العمل ذات الحالة الآلية ونمذجة حزم العمل العلائقية، والتي تتيح تتبعاً مخصصاً للغاية وقائماً على المخطط لعناصر المشروع والتبعيات وانتقالات الحالة. يغطي النظام سطح قدرات واسع بما في ذلك إدارة الهوية على مستوى المؤسسة، والتقارير الآلية، ومراقبة الأداء المالي. يوفر خيارات تكوين واسعة لأنواع العمل المخصصة، وأدوار حوكمة المشروع، ومنهجيات agile الموسعة، إلى جانب واجهات برمجية لأتمتة الأنظمة الخارجية واتصال مساعد الذكاء الاصطناعي. تم تصميم البرمجيات للنشر المستضاف ذاتياً، وتوفر إجراءات شاملة للتثبيت والصيانة وترحيل البيانات من أنظمة الطرف الثالث.
Provides procedures for installing and maintaining a collaborative project management environment on local or cloud infrastructure.
Capistrano is a Ruby-based release manager and remote server orchestrator. It uses SSH to push code updates and execute a standardized sequence of deployment tasks across a fleet of remote machines. The tool distinguishes itself through role-based server targeting and parallel connection pooling, allowing users to assign functional labels to servers and execute commands across multiple machines simultaneously. It manages multiple environments by applying a single deployment definition across different stages through parameter-based mapping. The system provides a framework for remote task exe
Allows users to assign functional roles to servers to control which deployment tasks execute on specific machines.
CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl
Supports flexible deployment across standalone, containerized, and cloud-native environments.
Coder is a self-hosted platform for provisioning and managing isolated, containerized development environments. It provides a centralized infrastructure for teams to deploy ephemeral workspaces on private cloud or on-premises hardware, ensuring consistent toolchains and dependencies across distributed development environments. The platform distinguishes itself through its focus on secure, infrastructure-as-code governance and autonomous agent integration. It allows organizations to define reusable, versioned environment templates that integrate with existing identity providers and role-based
Supports operation within air-gapped or disconnected networks without external internet access.
Mizu is a suite of tools for capturing, indexing, and visualizing cloud-native network traffic and decrypted payloads for cluster-wide diagnostics. It provides Kubernetes network observability by using eBPF to index and visualize layer 4 and layer 7 traffic with full cluster context, allowing for the mapping of workload dependencies and the diagnosis of network failures. The project distinguishes itself by using kernel-level hooks to decrypt TLS traffic in plain text without requiring private keys. It further integrates a standardized context protocol to expose indexed network telemetry to AI
Supports full on-premises operation without external network dependencies for strict air-gapped environments.
Kubeshark is a network observability platform designed for Kubernetes environments, functioning as an eBPF-powered engine for cluster-wide traffic analysis. It captures, indexes, and visualizes network activity and API calls directly from the kernel, providing deep visibility into service-to-service communication without requiring sidecar proxies or manual code instrumentation. The platform distinguishes itself through its ability to perform protocol-aware traffic dissection and user-space cryptographic hooking, which allows for the inspection of encrypted traffic and the reconstruction of ap
Operates within isolated networks by disabling external dependencies and utilizing local container image registries for all required components.
Talos is a minimal, immutable Linux distribution designed specifically for deploying and managing Kubernetes clusters. It functions as an API-driven infrastructure manager that replaces traditional shell access with a declarative gRPC interface to control operating system state and configuration. The system is distinguished by its use of a read-only root filesystem and a security-hardened kernel, which removes standard GNU utilities to reduce the attack surface. It ensures environment consistency by distributing the operating system as versioned, signed images and utilizes TPM-backed verified
Runs the management layer locally to maintain data sovereignty in environments without internet access.
This project is a comprehensive educational curriculum and practical guide designed to teach the fundamentals of DevOps practices within the Amazon Web Services ecosystem. It provides a structured learning path for mastering cloud infrastructure automation, deployment workflows, and system management through hands-on tutorials. The curriculum covers the end-to-end lifecycle of cloud resources, focusing on defining infrastructure through version-controlled templates and orchestrating automated delivery pipelines. It distinguishes itself by integrating security and governance directly into the
Automates the deployment of cloud resources using code-based templates for consistent environment setups.