Agent 92bc12355c fix: show stopped services in list + loading bar on action
- API: --all flag in systemctl list-units to show inactive services
- API: removed head -50 limit
- Android: LinearProgressIndicator while service action is running
2026-06-09 19:29:36 -04:00
2026-06-06 17:58:34 -04:00
2026-06-06 17:58:34 -04:00
2026-06-06 17:58:34 -04:00
2026-06-06 17:58:34 -04:00

ServerManager

Web-based Linux Server Management Platform — manage multiple servers via SSH from a web interface.

Features

  • SSH Management — Connect to Linux servers via SSH (password or key-based auth)
  • Web Terminal — Interactive terminal in the browser with command history
  • Dashboard — Real-time CPU, RAM, Disk, Load Average monitoring
  • Server Admin — Reboot, shutdown, restart services, view processes, system logs
  • Multi-Role Auth — Super Admin, Administrator, Operator roles
  • AES-256 Encryption — SSH credentials encrypted with master key stored outside DB
  • Audit Trail — Complete logging of all actions with credential access tracking
  • REST API — Full API with Bearer token authentication
  • Responsive UI — Dark theme, collapsible sidebar, professional dashboard design

Tech Stack

Layer Technology
Backend PHP 8.3, MVC Architecture
Database MySQL 8 / MariaDB 10.5+
SSH Library phpseclib 3.0
Frontend HTML5, CSS3, JavaScript ES6+
Auth Argon2id password hashing
Encryption AES-256-CBC (OpenSSL)
Dependencies Composer, vlucas/phpdotenv

System Requirements

  • Ubuntu Server 22.04+ or 24.04+
  • PHP 8.3+ with extensions: pdo_mysql, openssl, mbstring, json, curl, zip, gd
  • MySQL 8.0+ or MariaDB 10.5+
  • Nginx (recommended) or Apache
  • Composer 2.x
  • Root/sudo access for initial setup

Quick Install (Ubuntu)

# Clone the repository
git clone https://github.com/your-org/servermanager.git /var/www/servermanager
cd /var/www/servermanager

# Run the installer (requires sudo)
sudo bash install.sh

Manual Installation

1. System Dependencies

sudo apt update
sudo apt install -y nginx mysql-server php8.3 php8.3-fpm \
    php8.3-mysql php8.3-mbstring php8.3-xml php8.3-curl \
    php8.3-zip php8.3-gd php8.3-openssl composer unzip git

2. Database Setup

sudo mysql -e "CREATE DATABASE servermanager CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
sudo mysql -e "CREATE USER 'servermanager'@'localhost' IDENTIFIED BY 'strong_password';"
sudo mysql -e "GRANT ALL PRIVILEGES ON servermanager.* TO 'servermanager'@'localhost';"
sudo mysql servermanager < database/migrations/001_initial_schema.sql

3. Application Setup

cd /var/www/servermanager

# Copy and configure environment
cp .env.example .env
nano .env  # Edit database credentials and URL

# Generate master encryption key
sudo php bin/generate-key.php
# Or manually: openssl rand -hex 32 | sudo tee /etc/servermanager/master.key
sudo chmod 600 /etc/servermanager/master.key
sudo chown www-data:www-data /etc/servermanager/master.key

# Install dependencies
composer install --no-dev --optimize-autoloader

# Set permissions
sudo chown -R www-data:www-data .
sudo chmod -R 755 .
sudo mkdir -p logs storage/ssh_keys
sudo chmod -R 770 logs storage
sudo chmod 700 storage/ssh_keys

4. Nginx Configuration

server {
    listen 80;
    server_name your-domain.com;
    root /var/www/servermanager/public;
    index index.php;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ /\. { deny all; }
    location ~* \.(env|log|json|lock|key)$ { deny all; }
}

5. Cron Job for Monitoring

# Add to crontab (runs every minute)
sudo crontab -u www-data -e

# Add line:
* * * * * php /var/www/servermanager/bin/monitor.php >> /var/www/servermanager/logs/cron.log 2>&1

6. Start Services

sudo systemctl restart php8.3-fpm nginx mysql

Default Credentials

Field Value
Username admin
Password Admin@123

Change this password immediately after first login!

Security Architecture

Credential Encryption

  • SSH passwords and private keys are encrypted with AES-256-CBC
  • Master encryption key stored outside the database at /etc/servermanager/master.key
  • If DB is compromised, SSH credentials remain safe without the master key
  • Every credential access is logged in the audit trail

Audit Logging

All credential accesses are logged:

  • SSH connection tests
  • Terminal command execution
  • System info/process/log viewing
  • Server actions (reboot, shutdown, service restart)

Other Security Measures

  • Password hashing with Argon2id
  • CSRF protection on all forms
  • XSS prevention (output escaping)
  • Rate limiting on login endpoints
  • Secure session configuration (HTTP Only, SameSite)
  • Input validation on all endpoints
  • API authentication via Bearer tokens
  • File access restrictions via Nginx

Project Structure

ServerManager/
├── bin/
│   ├── monitor.php           # CLI: collect metrics
│   └── generate-key.php      # CLI: generate master key
├── config/
│   └── config.php            # App configuration
├── database/
│   └── migrations/
│       └── 001_initial_schema.sql
├── logs/                     # Application logs (runtime)
├── public/
│   ├── index.php             # Front controller
│   ├── .htaccess
│   └── assets/
│       ├── css/style.css
│       └── js/app.js
├── routes/
│   └── web.php               # Route definitions
├── src/
│   ├── Controllers/          # MVC Controllers
│   │   ├── AuthController.php
│   │   ├── DashboardController.php
│   │   ├── ServerController.php
│   │   ├── TerminalController.php
│   │   ├── AdminController.php
│   │   └── ApiController.php
│   ├── Core/                 # Framework core
│   │   ├── App.php           # Application bootstrap
│   │   ├── Database.php      # PDO wrapper (Singleton)
│   │   ├── Encryption.php    # AES-256 encryption
│   │   ├── Logger.php        # PSR-like logging
│   │   ├── Router.php        # HTTP router
│   │   ├── Security.php      # CSRF, XSS, password hashing
│   │   ├── Session.php       # Session management
│   │   ├── Validator.php     # Input validation
│   │   └── View.php          # Template engine
│   ├── Helpers/
│   │   └── functions.php     # Global helper functions
│   ├── Middleware/
│   │   ├── AuthMiddleware.php
│   │   ├── CSRFMiddleware.php
│   │   ├── RateLimitMiddleware.php
│   │   └── RoleMiddleware.php
│   ├── Models/
│   │   ├── User.php
│   │   ├── Server.php
│   │   └── CommandHistory.php
│   └── Services/
│       ├── SSHService.php    # SSH connection management
│       ├── MonitoringService.php
│       └── AuditService.php
├── storage/
│   └── ssh_keys/             # SSH key storage (restricted)
├── views/                    # Templates
│   ├── layouts/
│   │   ├── main.php
│   │   └── auth.php
│   ├── auth/
│   │   ├── login.php
│   │   └── profile.php
│   ├── dashboard/
│   │   └── index.php
│   ├── servers/
│   │   ├── index.php
│   │   ├── create.php
│   │   ├── edit.php
│   │   ├── show.php
│   │   ├── processes.php
│   │   ├── system_info.php
│   │   └── logs.php
│   ├── terminal/
│   │   └── index.php
│   ├── admin/
│   │   ├── users.php
│   │   ├── audit.php
│   │   └── security.php
│   └── errors/
│       └── 500.php
├── .env.example
├── .gitignore
├── composer.json
├── install.sh
└── README.md

API Reference

Authentication

All API requests require a Bearer token:

Authorization: Bearer YOUR_API_TOKEN

Endpoints

Method Endpoint Description
GET /api/status Application status + stats
GET /api/servers List all servers
POST /api/servers Add a new server
GET /api/servers/:id Server details + metrics
PUT /api/servers/:id Update server
DELETE /api/servers/:id Delete server
GET /api/servers/:id/metrics Historical metrics
POST /api/servers/:id/execute Execute remote command
GET /api/users List users (admin only)
GET /api/refresh-metrics Refresh all metrics

Example: Execute Command via API

curl -X POST https://your-domain.com/api/servers/1/execute \
  -H "Authorization: Bearer YOUR_API_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"command": "uptime"}'

Maintenance

Logs

  • Application: logs/app-YYYY-MM-DD.log
  • Errors: logs/error-YYYY-MM-DD.log
  • Cron: logs/cron.log

Monitoring

The cron job runs every minute to collect metrics. Check:

sudo crontab -u www-data -l
tail -f /var/www/servermanager/logs/cron.log

Backup

# Database
mysqldump servermanager > backup_$(date +%Y%m%d).sql

# Master key (CRITICAL!)
sudo cp /etc/servermanager/master.key /secure/backup/location/

# Application files
tar -czf servermanager_backup.tar.gz /var/www/servermanager

HTTPS Setup

sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d your-domain.com

Auto-renewal

sudo crontab -e
# Add: 0 0 1 * * certbot renew --quiet

Troubleshooting

Cannot connect to servers

  • Verify SSH credentials in server configuration
  • Test connection from command line: ssh user@host -p port
  • Check firewall rules on target server
  • Verify the master encryption key is correct

Blank page / 500 error

# Enable debug mode temporarily
sudo nano /var/www/servermanager/.env
# Set: APP_DEBUG=true

# Check logs
tail -f /var/www/servermanager/logs/error-*.log

Database connection issues

# Verify MySQL is running
sudo systemctl status mysql

# Test connection
mysql -u servermanager -p servermanager -e "SELECT 1"

License

MIT License. See LICENSE file for details.

Description
Languages
PHP 55.3%
Kotlin 22.1%
JavaScript 11.9%
CSS 8.9%
Shell 1.7%
Other 0.1%