Mcaster1StackSmith — DevSecOps Container & Infrastructure Platform
Docker, Podman, and Kubernetes management built on the Celenite Stack — a single binary replacing Docker Desktop, Portainer, and the package manager treadmill.
Key Features
Three UI layers on one compiled C++ core. Single binary, sub-100MB container.
Container Management
Full Docker and Podman lifecycle — list, start, stop, restart, remove, logs, inspect, stats. Image browser with tags, sizes, and history. Volume and network management included.
Kubernetes Multi-Cluster
9-tab dashboard covering nodes, workloads, services, storage, config, Helm, events, and networking. CRUD actions for scale, restart, cordon, drain, and pod delete. 30-second auto-refresh on live cluster state.
Encrypted Credential Vault
AES-256-GCM vault for registry credentials, SSH keys, cloud API tokens, and TLS material. Argon2id-hashed user passwords. Vault unlock is workflow-gated, never auto-loaded.
Registry Management
One pane for AWS ECR, Azure ACR, DockerHub, Harbor, GitHub Container Registry, GitLab, and Quay. Browse repositories, pull tags, push images directly from the platform.
Alert Rules
Rule engine watching container, pod, and node state. Email + SMS notifications. Webhook hooks for Slack, PagerDuty, or Mcaster1Chatter rooms.
SOC2-Ready Audit
Full audit trail on every privileged action with HMAC-chained log integrity. Admin/operator/viewer RBAC. Per-user activity reports exportable to CSV.
Web SSH & Console
Browser-based xterm.js SSH with AD/LDAP, PAM, or internal auth. Multi-tab sessions. Per-cluster kubectl shells with namespace context preserved across reconnects.
nginx & KVM Hooks
nginx config management with template-based vhost generation and dry-run validation. KVM VM lifecycle (planned) with template-based provisioning and noVNC console.
Helm Chart Repository
MinIO-backed chart repository with push/pull, version history, one-click cluster install, and values editor. Rollback and upgrade flows built-in.
Architecture — Celenite Stack
The “C” in Celenite is C++. A compiled daemon owns HTTP/TLS termination, threading, Docker Engine API, and business logic. PHP-FPM renders the admin UI. Qt6 desktop talks the same REST API.
C++17 Daemon
HTTPS server on :9580. Hardware-aware thread pool. Direct Unix-socket access to Docker Engine. ASAN/UBSAN-clean. Sub-100MB container footprint.
PHP 8.4 Web Admin
FastCGI bridge over Unix domain socket. Hot-reloadable. Renders the entire dashboard, vault UI, and audit views. Standard, hireable PHP stack.
Qt6 Desktop Client
Native macOS, Windows, and Linux app consuming the same REST API. No special-cased backend — the daemon doesn’t know which client it’s talking to.