30 open-source projects similar to steveltn/https-portal, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Https Portal alternative.
This project is a Docker-based web gateway and Nginx reverse proxy manager. It functions as a containerized network edge designed to route incoming HTTP and HTTPS traffic to backend services using subdomains and subfolders. The system automates the procurement and renewal of Let's Encrypt SSL certificates via the ACME protocol and various DNS plugins. It includes a mechanism to export and share these certificates through persistent volumes so other containers can utilize the same encryption keys. Security is handled through a combination of server intrusion prevention, using Fail2Ban to moni
Automate SSL/TLS certificates on Windows with ease
dnmp is a containerized web development environment that provisions a full LNMP stack consisting of Nginx, MySQL, PHP, and Redis. It serves as a management system for coordinating web server routing, language runtime versions, database administration, and SSL certificate provisioning within Docker containers. The project distinguishes itself through a comprehensive PHP runtime manager that allows for switching between multiple language versions and managing extensions in isolated environments. It includes an automated SSL certificate manager that uses webroot validation to provision and renew
Sish is a reverse SSH proxy and tunneling server designed to expose local services to the internet. It functions as an SSH tunneling proxy that routes HTTP, WebSocket, and TCP traffic from a remote server to a local machine, enabling the creation of public URLs for local applications. The project distinguishes itself through a combination of an SNI proxy for routing encrypted TLS traffic without decryption and a TCP load balancer that distributes incoming requests across multiple backend targets. It also includes a dedicated service console for real-time inspection and debugging of forwarded
Higress is an AI API gateway and cloud-native traffic manager that functions as a Kubernetes ingress controller. It provides a centralized system for routing, securing, and optimizing traffic directed toward large language models, AI agents, and microservice architectures. The project distinguishes itself through deep AI orchestration, including the ability to host and manage Model Context Protocol servers that transform REST APIs into tools for AI agents. It features specialized AI infrastructure for model request proxying, protocol translation across multiple providers, and semantic-based c
Fabio is a network gateway that provides reverse proxying, layer 7 traffic management, and automated service discovery mapping. It functions as an HTTP reverse proxy, a gRPC and TCP proxy, and a service discovery gateway to route incoming traffic to healthy backend instances. The project distinguishes itself through deep integration with service registries, specifically acting as a Consul load balancer to automatically synchronize routing tables and update destination targets. It manages diverse traffic types using SNI-based routing for raw TCP streams and maintains full protocol compatibilit
The NGINX Ingress Controller is a Kubernetes-native traffic manager that handles external requests and routes them to internal services. It translates Kubernetes API objects and annotations into proxy configurations to manage incoming HTTP, TCP, and UDP traffic. The controller distinguishes itself through advanced traffic steering and security integration. It supports blue-green and canary traffic splitting, as well as content-based and regex path routing. Security is handled at the edge via a web application firewall, denial-of-service protection, and a variety of authentication methods incl
This project is a web-based management interface designed for the administration, monitoring, and configuration of Nginx server instances. It functions as a centralized platform for managing reverse proxy settings, traffic routing, and server lifecycles, providing a visual dashboard to replace manual configuration file editing. The platform distinguishes itself through integrated infrastructure automation and observability tools. It supports distributed environments by synchronizing configuration states across multiple nodes and containerized services, while offering artificial intelligence a
This project is a curated collection of deployment files and configurations for hosting a wide variety of open-source services on a home server. It primarily utilizes Docker and Docker Compose to automate the orchestration, lifecycle management, and deployment of containerized applications. The repository provides a comprehensive suite for self-hosted infrastructure, covering network management tools, media streaming, and home automation. It includes specialized configurations for securing internal services via reverse proxies, WireGuard VPN tunnels, and automated SSL/TLS certificate manageme
BunkerWeb is a containerized suite of infrastructure tools that functions as a cloud-native web application firewall and Nginx reverse proxy. It provides a security layer for web applications, combining traffic routing with automated SSL certificate management and a web-based security dashboard for monitoring and configuration. The project distinguishes itself through its deep integration with container orchestrators, serving as a Kubernetes ingress controller that automates security settings and service discovery via container labels. It features a plugin-based extension model and a manageme
Nginx Proxy Manager is a web-based administrative interface for configuring and managing Nginx reverse proxy hosts and server rules within Docker containers. It functions as a containerized network gateway that routes external web traffic to internal services and backend applications. The system automates the acquisition and renewal of Let's Encrypt SSL certificates to encrypt network traffic without manual command line intervention. It provides a graphical dashboard for defining proxy hosts, access lists, and custom server configurations, removing the need for manual configuration file editi
This project is an automated reverse proxy and load balancer designed for containerized environments. It functions by monitoring container lifecycle events through the container runtime API, allowing it to dynamically generate and update web server configurations in real time as services start, stop, or change their network status. The system distinguishes itself through its ability to orchestrate proxy processes without dropping active connections, ensuring continuous availability during configuration updates. It utilizes a template-based engine to map container metadata to routing logic, en
Lucky is a connectivity and routing utility suite focused on SSL automation, dynamic DNS client services, NAT traversal, and port forwarding. It provides a network gateway management interface to coordinate public network access for internal services. The project distinguishes itself through a centralized web-based administration panel used to configure reverse proxy servers, manage ACME-based SSL certificate renewals via DNS provider APIs, and synchronize public IP addresses across multiple dynamic DNS providers. It also includes a NAT traversal tool using STUN to establish external connecti
acme.sh is a shell-based certificate manager and ACME SSL certificate client. It automates the issuance, renewal, and installation of digital security certificates using a portable Unix shell script to remove dependencies on heavy runtime environments. The project specializes in automated domain ownership verification through a DNS challenge automator that integrates with provider APIs. It supports the generation of diverse certificate types, including wildcard certificates and issuance based on pre-existing certificate signing requests. The tool covers the full certificate lifecycle, includ
Uncloud is a decentralized container orchestrator designed to deploy and manage applications across multiple servers without a central control plane. It functions as a peer-to-peer system and a Docker Compose cluster deployer, using SSH-based infrastructure management to coordinate operations across remote nodes. The project distinguishes itself by using a secure mesh network overlay to enable direct inter-container communication across different physical machines. It facilitates container image distribution by transferring missing layers directly from local environments to target nodes, bypa
CapRover is a self-hosted platform-as-a-service that provides a centralized dashboard for managing containerized applications and databases. It functions as a container orchestration platform, simplifying the deployment, scaling, and networking of services across server environments. By leveraging a reverse-proxy-based architecture, the platform handles domain mapping, traffic routing, and automated SSL certificate lifecycle management to ensure secure, encrypted access for hosted web services. The platform distinguishes itself through its integrated automation capabilities, which include aut
Devilbox is a containerized development environment that provides a reproducible suite of web servers, databases, and language runtimes managed through a unified configuration. It functions as a Docker-based local development stack for LAMP and MEAN software stacks and as a manager for switching between different versions of these services to match specific project requirements. The system distinguishes itself by automating local network orchestration. It includes a Docker-based virtual host manager that automatically maps local directories to custom domains and a local DNS and SSL orchestrat
ProxySU is a Windows desktop application that automates the deployment and management of proxy services on a Linux VPS. It combines single-click installation of multiple proxy protocols, including V2ray, Xray, Trojan, and Shadowsocks, with automatic SSL/TLS certificate provisioning and renewal through Let's Encrypt. The tool distinguishes itself by handling the full lifecycle of proxy server setup from a Windows environment, using SSH key-based authentication for secure, passwordless remote access. It also includes network optimization capabilities, such as activating the BBR TCP congestion c
Certd is a self-hosted platform that automates the full lifecycle of SSL certificates using the ACME protocol. It handles certificate application, renewal, and deployment across multiple domains through a pipeline-driven workflow engine, with DNS challenge orchestration and multi-cloud deployment capabilities. The platform distinguishes itself through its configurable pipeline system, which allows users to build multi-step workflows that can pass outputs between tasks, execute custom scripts, and handle errors. It supports multi-tenant access control with role-based permissions, encrypted cre
Certmagic is a Go library for automating the issuance and renewal of TLS certificates. It functions as an automatic HTTPS provisioner and ACME client that handles the full lifecycle of certificates to ensure secure connectivity without manual intervention. The library is distinguished by its support for on-demand TLS provisioning, which generates certificates dynamically during the TLS handshake based on the server name. It also provides automation for wildcard certificates through DNS challenge verification and integrates with the ZeroSSL API for certificate acquisition. The project covers
Dehydrated is a shell-script ACME client that automates the lifecycle of TLS certificates from certificate authorities like Let's Encrypt. It implements the ACME protocol entirely in POSIX shell script with no external dependencies beyond standard Unix tools, relying on OpenSSL for all cryptographic operations including key generation, signing, and certificate parsing. The tool manages account keys, certificates, and configuration as plain files on disk, maintaining certificate metadata and account status in simple text files without a database. It delegates domain validation challenges to us
YunoHost is a self-hosted server management platform designed for deploying, configuring, and maintaining a suite of open source applications on a private server. It functions as a package-based application orchestrator that installs and updates software from a curated catalog using standardized deployment scripts. The platform features a centralized identity management system using a directory service to synchronize user accounts and credentials across hosted applications for single sign-on access. It includes an integrated reverse proxy to route network traffic to backend services based on
BaoTa is a web-based Linux server control panel and system administration dashboard designed for managing hosting environments and system resources. It provides a graphical interface to translate administrative actions into system-level configurations, allowing users to manage Linux servers and web hosting stacks without relying solely on the command line. The platform distinguishes itself through AI-driven server operations, utilizing artificial intelligence for performance analysis and the execution of maintenance tasks via natural language commands. It supports multi-node orchestration, en
JimsGarage is a collection of shell scripts and automation tools designed to help individuals deploy and manage a wide range of self-hosted services on their own hardware. It provides a structured approach to setting up containerized applications, from media servers and document management systems to VPNs and monitoring stacks, all through automated Docker-based configurations. The project distinguishes itself by offering a comprehensive library of deployment recipes that cover the full lifecycle of a home server environment. This includes not just the services themselves, but also the suppor
This project is a set of configuration guides and instructional tutorials for setting up Nginx as a web server and reverse proxy. It provides practical examples for hosting static files and directing network traffic to backend servers. The materials cover the implementation of load balancing using weighted round-robin strategies to distribute traffic across server clusters. It also provides guidance on configuring reverse proxies to manage request flow and secure application access. The documentation includes instructions for routing requests by URL path to host multiple applications on a si
acme-tiny is a minimal ACME client implemented as a single-file Python script that automates obtaining and renewing SSL/TLS certificates from a Certificate Authority using the Automated Certificate Management Environment (ACME) protocol. It relies on OpenSSL command-line tools for key generation and certificate signing request creation, and uses file-based HTTP validation to verify domain ownership by placing a token file on the web server. Designed for fully automated certificate lifecycle management, acme-tiny is intended to be executed periodically by a system scheduler like cron, checking
Pingora is a Rust-based framework for building high-performance network services, including HTTP reverse proxies, layer seven load balancers, and TLS termination proxies. It serves as an asynchronous network library designed to intercept and route HTTP, gRPC, and WebSocket traffic between clients and upstream backend servers. The project enables zero-downtime service updates by handing over listening sockets between processes during binary or configuration upgrades. It utilizes a programmable multi-phase pipeline to modify request and response bodies and headers, and it provides a pluggable T
This project is an HTTP web server that delivers web content to clients using HTTP/1.1 and HTTP/2 protocols across various operating systems. It functions as a reverse proxy server, a rule-based URL rewriter, an SSL/TLS termination gateway, and a virtual host manager. The server is capable of hosting multiple distinct domains on a single instance by mapping requests to specific directory structures. It encrypts and decrypts network traffic at the server boundary to secure communication between clients and servers. Additionally, it transforms requested URLs into different paths using a regular
This project is an automated SSL certificate manager and orchestrator for Nginx proxy configurations. It functions as an ACME protocol client that handles the request, issuance, and renewal of security certificates for web services running in containers. The system monitors Docker container lifecycle events to automatically provision certificates based on assigned hostnames. It automates the full certificate lifecycle, including domain ownership validation and the issuance of specialized wildcard or multi-domain certificates. The tool manages security through both HTTP and DNS challenge reso
Contour is a Kubernetes ingress controller and traffic orchestrator that manages external HTTP and HTTPS traffic routing into a cluster. It serves as an Envoy proxy manager, translating Kubernetes custom resources into dynamic configurations for Envoy proxy instances to handle L7 routing, TLS termination, and load balancing. The system distinguishes itself by providing a management layer that distributes routing updates in real time without requiring infrastructure restarts. It integrates with cloud network load balancers using the PROXY protocol to preserve client IP addresses and utilizes l