Cardea
★ 28European Union Public License 1.2Open Source — No Paywall3 Containers — 3 containers — light hosting footprintDocker · BinaryNo external DB
About
Cardea is an SSH bastion server aimed at small and mid-sized teams that manage infrastructure through code. It lets administrators define access rules in a text file, which makes permissions...
Community Ratings
No ratings yetFeatures
- Access control rules
- Session recording
- TPM-backed key protection
- Authorized-keys-based access rules
- Known hosts validation
- Connection and forwarding limits
- Rate limiting
- Session retention
- Health/metrics server
- Configurable logging
Details
- Last Updated
- Jun 20, 2026
- Created
- Oct 7, 2025
- Install Methods
- dockerbinary
- Requirements
- SSH clientsTPM device (optional, for TPM mode)No databaseNo web UI
- Authentication
- local
- Backup & Export
- file-backup
- Runtime / Stack
- GoDocker
- Privacy & Independence
- No Cloud RequiredOffline Capable
- Deployment
Deployment: Docker Compose ✓3 Containers — light hosting footprintRuns as 3 containers
Docker Compose
3 services · 2 unclassified (prometheus, grafana)
no resource limits declared
needs persistent storage (6 volumes)
compose.yaml · @ edc427d · scanned Jun 15, 2026
# yaml-language-server: $schema=https://raw.githubusercontent.com/compose-spec/compose-spec/master/schema/compose-spec.json
name: "cardea"
services:
cardea:
image: "cardea"
pull_policy: "build"
build: { context: "./" }
deploy:
mode: "replicated"
replicas: "${CARDEA_REPLICAS:-1}"
restart: "always"
read_only: true
user: "${CARDEA_UID:-1000}:${CARDEA_GID:-1000}"
networks:
- "cardea"
ports:
- "${CARDEA_SSH_PORT_RANGE:-2222-2222}:2222/tcp"
- "127.0.0.1:${CARDEA_HTTP_PORT_RANGE:-9222-9222}:9222/tcp"
volumes:
# ...
Tags
Track your self-hosted stack
Bookmark software to try, rate tools you've used, and keep your collection in one place.
Metadata extracted from README on Jun 7, 2026
Related Software
code-server
78.1k
Runs VS Code in the browser so it can be accessed from any machine anywhere.
IDE ToolsPermissive LicenseSelf Hosting Solutions+1
Puter
42.4k
Puter is an open-source internet operating system for managing files, apps, and games, and for building and publishing web apps and games.
File SynchronizationRemote AccessCopyleft License+4
Sunshine
38.7k
Sunshine is a self-hosted game stream host for Moonlight.
Game Server PanelsVideo StreamingRemote Access+2
qBittorrent
38.5k
qBittorrent is a BitTorrent client built in C++/Qt and powered by libtorrent.
P2P File SharingCopyleft LicenseMedia Management+2
Pangolin
21.4k
Pangolin is an identity-based remote access platform that combines reverse proxy and VPN capabilities for secure access to private and public resources.
Web ServersRemote AccessCopyleft License+3
Open Core
Neko
21.2k
Neko is a self-hosted virtual browser that runs in Docker and streams a desktop or browser over WebRTC.
Miscellaneous ToolsSelf Hosting SolutionsRemote Access+3
Teleport
20.5k
Teleport is an identity-aware access platform for securing and auditing access to infrastructure, applications, databases, Kubernetes, and cloud services.
Miscellaneous ToolsRemote AccessAuthentication Services+3
Open Core
Termix
13.8k
Termix is an open-source, self-hosted server management platform for managing servers and infrastructure through a single interface.
Remote AccessWeb File ManagersPersonal Dashboards+3
Coder
13.6k
Coder is a self-hosted platform for cloud development environments and AI coding agents.
IDE ToolsPlatform as a ServiceRemote Access+1
Open Core
Firezone
8.7k
Firezone is an open source platform for secure remote access and zero-trust network connectivity for organizations.
Remote AccessPermissive LicenseAuthentication Services+2
Open Core
iodine
7.9k
Iodine tunnels IPv4 data through a DNS server, enabling connectivity when only DNS traffic is allowed.
Proxy ServersPermissive LicenseNetwork Utilities+2
Warpgate
7.2k
A transparent bastion host for SSH, HTTPS, Kubernetes, MySQL, and PostgreSQL that records sessions and provides a built-in web admin UI.
Remote AccessProxy ServersAuthentication Services+2