Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


apnscp License Sale - $99 lifetime through Monday
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

apnscp License Sale - $99 lifetime through Monday

nemnem Member, Host Rep

From the software formerly (and still officially known as apnscp), it’s the Apis Networks Control Panel: a hosting platform since 2002 engineered to help you achieve more. Once installed, apnscp’s adaptive firewall activates by protecting all facets from WordPress to SSH for added peace of mind. This is a multi-tenant platform in which each account is partitioned from one another and may be optionally controlled via resource enforcement. 1-click installation and automatic updates are provided for WordPress, Discourse, Ghost, Drupal, and Laravel.

ApisCP evolved from my time behind the helm with Hostineer/Apis Networks as a platform free from third-party licenses and as close to set-it-and-forget-it as one can achieve. It’s built for shared hosting, but nimble enough to stand on its own as a platform for your VPS. ApisCP is built to be self-healing, capable of correcting anomalies to keep your sites humming as efficiently as possible.

Black Friday sale!

ApisCP lifetime licenses are on sale for $99 through Monday via https://my.apnscp.com. Firm limit of 10 per user.

Even if you managed to grab a lifetime license, it’s a great opportunity to support development. :wink:

Monthly licenses/NOC resellers

Monthly licenses go on sale December 15 for $15/month per license. Volume discounts available over 10 licenses per month. Monthlies were slated to be part of the BF offering, but perfecting cPanel migrations took center stage to get existing clients off cPanel before the end of the year.

NOC partnerships are also open. Reach out to [email protected] for reseller pricing, commit rates, custom deployment pipelines, and determining the best fit for your fulfillment process. Prebuilt images hydrate within 3 minutes and provide the same level of protection immediately on deployment.

Getting started

Visit Customization utility to get started with a trial install. Configure the panel how you’d like (PHP 7.4 available 11/28). INSTALL.md for in-depth details. Trials are fully functional for 30 days. You can easily upgrade to a paid license within the panel or from command-line. Information is in LICENSE.md. Paid licenses are available through my.apnscp.com and on sale for $99 (normally $159).

Minimum requirements

  • CentOS 7.5+
  • 20 GB storage
  • 2 GB RAM

apnscp can work on a 1 GB machine, but RAM is cheap nowadays - performance not so much. Whatever excess RAM can be utilized is utilized to boost throughput.

2020 roadmap

3.1, released October 27, introduced TimescaleDB that’ll serve as the backbone for predictive analytics going forward. Beyond highlighting abusive clients exceeding CPU and I/O limits, it serves as an aggregation service for instrumentation- PHP-FPM requests/second, maximum OPCache memory used, MySQL open tables/second, queries/second, mail flow rate, etc. Now we can take this data and perform hot optimizations based upon feedback to trim slack between services. Best of all, the longer your account resides on ApisCP the more intelligent it becomes.

Metric logging is presently an opt-in feature released in 3.1.10 with implicit activation scheduled for January 2020. cpcmd scope:set cp.config telemetry enabled 1 will activate metrics logging.

Metrics are stored in appldb.metrics within PostgreSQL. env DEBUG=1 cpcmd -d domain.com test:metrics performs a simple metric fetch. This feature will continue to expand rapidly over the next month, right now the focus is making sure data retrieval is fast and efficient.

Secondly, rspamd will be fleshed out tremendously including DKIM/ARC signing and outbound rate-limiting per domain/authenticated source. There’s some wizardry involved with logical replication of data from PostgreSQL to Redis that will be implemented in the first half of 2020.

Geeky technical details

  • Open-source
  • Frontend : PHP7, Laravel interoperability
  • Backend : PHP7, MySQL, PostgreSQL
  • Customizable : Yes, via Laravel Blade. See Customizing.md
  • Platform management : Ansible
  • Stack : via Stackshare
  • Audited: yes, via Rack911. Disclosure report .
  • API : yes, 2,500+ commands via SOAP. Drop-in modules alter API schema, which SOAP enforces strict error checking.
  • Filesystem isolation : yes, via synthetic roots mounted with OverlayFS (called BoxFS )
  • Resource enforcement : yes, via cgroups
  • PHP-FPM : yes, suid and jailed prior to pool launch. Uses socket activation to stagger launch of boot thus mitigating a Thundering Herd effect. Pools sleep when appropriate to conserve memory. Each account pool is isolated from neighboring accounts.
  • Design architecture : API driven-development + principle of least-privilege with elevated backend broker. Backend throughput ~10k API commands/second
  • DNS support : PowerDNS, CloudFlare, Route53, DigitalOcean, Linode, and Vultr.
  • Billing support : WHMCS (third-party). Reach out to me ([email protected]) if you’d like to author a Blesta module.
  • Backups : Bacula
  • Imaging support : yes, hydration completes in ~3 minutes. A desiccated image provides brute-force protection too!
  • Multi-php : no, but may be compiled and shared via a synthetic root. Bear in mind the consequences of running potentially abandoned, 5+ year old code. Good code should persist with little change. Bad code (and thus vulnerable code) requires tender loving care. Bad code may expose your server to malicious actors.

Contact

Comments

  • Does apnscp have auto letsencrypt ssl?

  • nemnem Member, Host Rep

    @hiphiphip0 said:
    Does apnscp have auto letsencrypt ssl?

    Of course. It'll attempt to acquire SSL whenever a web app is installed via Web > Web Apps. letsencrypt:bootstrap is an API command that periodically attempts to acquire SSL for all domains on the account using a best-effort approach (DNS + wildcard, then domain validated per-domain). If you're migrating off a cPanel account, letsencrypt:bootstrap is automatically invoked at conclusion of migration.

  • @nem said:

    Of course. It'll attempt to acquire SSL whenever a web app is installed via Web > Web Apps. letsencrypt:bootstrap is an API command that periodically attempts to acquire SSL for all domains on the account using a best-effort approach (DNS + wildcard, then domain validated per-domain). If you're migrating off a cPanel account, letsencrypt:bootstrap is automatically invoked at conclusion of migration.

    If one server have hundreds of domain need to renew letsencrypt, would it handle it properly, like put it in a queue?

  • @hiphiphip0 im pretty sure it uses laravel horizon to manage job queues

    Thanked by 1hiphiphip0
  • Does it work with sofaculous? :)

  • nemnem Member, Host Rep

    @MACscr said:
    @hiphiphip0 im pretty sure it uses laravel horizon to manage job queues

    Yup. Any long-running API command may be jobified.

    @MatthewLeigh said:
    Does it work with sofaculous? :)

    No need, it runs its own set of curated Web Apps, which covers a variety of trusted, maintained applications. This is from a dev version, Magento is disabled in production and Nextcloud is coming soon.

    Each of these applications honors privilege-separation, deploys updates automatically, and provides a consistent API that helps your securely manage your sites. If you want to disable privilege separation for a less secure single-user model like cPanel/Plesk, then you may do so via Account > Settings > PHP > Pool owner > admin. I would recommend against it; there's no need to give someone the keys to your house if you leave your shed unlocked.

    Separation ensures that only specific assets may be written to by the web server. Any files created by the web server are tagged with that owner to make audit trails quite easy to follow. There's even an "Audit" feature in the panel that does just this.

    Core updates are deployed within 24 hours once discovered upstream. Packages for those apps are deployed periodically, every Wednesday and Sunday. You'll even get a helpful alert of what updated,

    There are better ways of providing secure 1-clicks. cPanel and the like never put effort into building out such a system leaving the impression it's impossible. It is possible, if you build a platform with a solid framework. Let's go forward instead of turning the clock back 10 years and build a safer web in the process.

  • I wish your software worked on things like open vz/kvm and so on rather than just dedicated servers.

  • nemnem Member, Host Rep

    @MatthewLeigh said:
    I wish your software worked on things like open vz/kvm and so on rather than just dedicated servers.

    It works just fine on kvm. That's how I run my hosting outfit via Hostineer these days. Bypassing BIOS on automated system recovery is key to fast sub 20 second reboots. Remember, this platform is built for modern tech ;).

    apnscp optimizes all facets of a server and is not intended to work in a restrictive, containerized environment. Such optimizations include tuning kernel parameters and setting a swap, which you need for a healthy system.

  • just want to say that nem is smart and not dumb, have sent some web dev clients to apis for years, buy this panel, it is good

    Thanked by 2nem vimalware
  • Just saw your post on reddit about free license! A little late lol. This looks very interesting and this BF looks like a good deal.. Just been using so many panels.. to try another panel.. that is the question.

  • nemnem Member, Host Rep

    @darvil said:
    Just saw your post on reddit about free license! A little late lol. This looks very interesting and this BF looks like a good deal.. Just been using so many panels.. to try another panel.. that is the question.

    Installation is completely automated. Spin up a VPS, run the one-liner, and poke around in a hour after it's setup. It's the most hands off of all panels. :smiley:

  • This looks good, but I really would like to use softaculous as well due to their large library of apps. Is it compatible?

  • nemnem Member, Host Rep

    @shillshocked said:
    This looks good, but I really would like to use softaculous as well due to their large library of apps. Is it compatible?

    No, although I'm curious as to what apps you want from Softaculous integrated into apnscp beyond WordPress, Ghost, Discourse, Drupal, Joomla, Laravel, Nextcloud, and Composer-backed projects. Depending upon general sentiment, I may integrate them to apnscp along with a corresponding Fortification profile.

    I'm against having a library of software that isn't properly vetted for the sake of numbers. The moment Softaculous falls behind on delivering patches or the authors of those apps stop producing updates, the server turns into a minefield of malware.

  • I just want to test what's out there. That's the advantage of something like softaculous. Once I've settled on software packages, I can batten down the hatches then.

  • nemnem Member, Host Rep

    @shillshocked said:
    I just want to test what's out there. That's the advantage of something like softaculous. Once I've settled on software packages, I can batten down the hatches then.

    I'm open to app ideas, but I need to hear why you want it, what the broad appeal is, and what features it offers that the other apps don't provide. Every app that I add must be capable of unassisted updates. APIs are built around each app. 1500 lines of code per app is no small feat to continuously manage, so these apps need to have some merit.

    Having a curated selection of apps that are vetted by the platform authors go a lot further than just giving you a means to install it. Beyond Fortification, certain apps support the ability to restart as well as reconfigure attributes such as admin or database credentials. In 2020, apps that are present in apnscp will support multi-user staging/development environments, which are more valuable additions than giving someone decision paralysis with 50 blog variations.

    There's little reason to have 50 different blogs when 1 (WordPress) addresses 99.5% of use cases and is vigorously maintained. Heaven knows what percentage of those 451 apps in Softaculous are actually secure.

  • @nem said:

    @darvil said:
    Just saw your post on reddit about free license! A little late lol. This looks very interesting and this BF looks like a good deal.. Just been using so many panels.. to try another panel.. that is the question.

    Installation is completely automated. Spin up a VPS, run the one-liner, and poke around in a hour after it's setup. It's the most hands off of all panels. :smiley:

    I mainly use directadmin now. Just a hassle with having too many panels to support.

    One question, are we allow to resell these license? Or trade I mean. I know we can buy a few. Just wondering thanks.

  • nemnem Member, Host Rep

    darvil said: I mainly use directadmin now. Just a hassle with having too many panels to support.

    Be sure to keep us in mind if you need a fresh change down the road. apnscp was built specifically for a hosting company, serving as the panel for Hostineer/Apis Networks since 2002. It's heavily automated, so I could spend less work administering and well, building the platform. apnscp is even better once you start delivering value-added releases from a custom repostiroy. I use a separate delivery pipeline for Hostineer that mixes in custom apps, modules, and migrations.

    One question, are we allow to resell these license? Or trade I mean. I know we can buy a few. Just wondering thanks.

    Yes, licenses are transferable. NOC partnerships - bulk reselling - are also open as well, which go live Q1 2020. Email [email protected] for details on commit rates and discussing delivery options (prebuilt images, custom repos, vanilla installs, etc).

  • Bought another 3 licenses :)

    Thanked by 1nem
  • nemnem Member, Host Rep

    @hiphiphip0 said:
    Bought another 3 licenses :)

    Thank you very much for your continued support :).

    New edge release provides early work in PHP-FPM management from within the panel, including granting users the option to flip between privilege-separation and cPanel same-user. It may be disabled within the panel via cpcmd scope:set cp.config httpd fpm_user_change false. Will have some tweaks to alter OPcache limits in a few days, which will morph into "auto" caps to dynamically reconfigure based upon utilization metrics up to the account resource limits early next year.

    Last chance for Lifetime Licenses! Sale ends Tuesday and it will be the last time they're this low. Lifetime prices go up permanently from $159 to $299 on December 15.

  • Man, now you're tempting me. I just got settled into MyVesta but it's free, aside from the Softaculous and file manager addons (although the file manager is somewhat limited).

    Give me three reasons why I should make the switch.

  • nemnem Member, Host Rep
    1. Platform is built from a hosting provider's perspective, and a lazy one at that. Much of what can be automated is automated. Much of what can be oneshot is oneshot (serializable, persistent configurations). Platform configuration changes are serialized to facilitate moving server-to-server in a consistent manner. It's the closest to having a hands-off platform. Even then, there are periodic platform changes to address issues when discovered. For example, rather recently: xfs behaves differently than ext4 with respect to quotas that required rolling out a migration to drop the sgid bit on directories as that could block Apache from starting up if it needed to generate logs on a site over quota.

    2. It's also built from the perspective that in order to survive you have to be better than the rest. Flexibility and performance are key to achieving that goal. ApisCP eschews third-party licensing, standing well on its own with multi-tenant isolation built into its design. From what I've surveyed on Apache stacks, ApisCP has the highest throughput. It also has remarkable uptime (via Hostineer) for originating as a shared hosting platform. Any outage I've encountered has been an opportunity to look at what went wrong and improve upon it in the future. Lack of reliability hurts my positioning as a hosting provider.

    3. Platform is still actively developed. I clock around 80 hours a week into this now and development is only picking up more steam with a solid foundation. In many open-source projects, devs have jobs outside of the project that makes it very difficult to sustain the same level of energetic focus. Bringing in other developers complicates opinionated design. At its core MyVesta is still very much Vesta.

    Lastly there are two low cost licensing classes upcoming: Mini and Startup. Licenses include 10 and 20 domains respectively at $30/$50 per year. These incorporate all of the standard features (1-clicks, isolation, resource enforcement, threat deterrence, malware scans, etc). These should be here in a week or so when platform work slows down.

  • @nem said:
    3. Platform is still actively developed. I clock around 80 hours a week into this now and development is only picking up more steam with a solid foundation.

    I never like reading things like this, I never take it as a positive thing. 16 hour day 5 days a week or 11 hour day every single day of the week.

    In my experience, software developers are near useless after 10-12 hours and often better to stop, have a rest and pick it up in the morning to avoid making unnecessary mistakes. 80 hour work weeks are unsustainable, heck, it's twice the average work week! Burn out is a certainty and unless you expect a huge revenue return so you can reduce development or higher additional coders, this is going to end badly.

    I can understand when people making $300/hr push high hours (with long vacation after), but not when you're scraping by and not for long periods.

  • nemnem Member, Host Rep

    @TimboJones said:

    @nem said:
    3. Platform is still actively developed. I clock around 80 hours a week into this now and development is only picking up more steam with a solid foundation.

    I never like reading things like this, I never take it as a positive thing. 16 hour day 5 days a week or 11 hour day every single day of the week.
    I can understand when people making $300/hr push high hours (with long vacation after), but not when you're scraping by and not for long periods.

    Deep Work is a great book on this topic and you're right - you can't sustain the same level of work all the time. Most of my better work comes at night when everyone else is asleep. I set aside the day for maintaining a presence and responding like topics such as these or on Discord fielding questions and looking at what opportunities there are to improve.

    I'll keep a backburner of issues for later in the evening, meditating on them throughout the day. Everyone's wired differently in many respects. Whereas I'm not producing code 80 hours a week (I would've burned out eons ago) I am actively engaged in the evolution of the platform either through user engagement, documentation, ancillary facets (licensing, website), or even too learning related skills. It's not all code. A good part is in fact problem solving.

    Everything in moderation and so long as there are a variety of facets to evolve, everything is novel.

    Thanked by 2TimboJones vimalware
Sign In or Register to comment.