Three tiers. One platform.
WoneCloud is architected as three distinct but connected systems. You can use one, two, or all three.
WoneCloud SaaS Portal
portal.wonecloud.com — This is where you buy licenses, manage subscriptions, and view billing. It is the license authority and the global threat intelligence aggregator. Built with Rust (Axum) and PostgreSQL.
- License sales (self-service)
- Stripe billing & subscriptions
- Usage metering aggregation
- Global threat intel aggregation
- Customer CRM
- Revocation list distribution
Self-Hosted Hub
The Hub is installed on the customer's own VPS. One Hub = one organization. It manages unlimited servers via agents, hosts the admin dashboard, and includes built-in billing for the hosting provider's own customers.
- Multi-server fleet management
- Site CRUD (all 5 stack patterns)
- Role-based access control
- Built-in billing for customers
- Agent command queue
- Agent heartbeat collection
Direct Hosting Fleet
WoneCloud operates the server fleet. Customers sign up, choose a plan, and sites are auto-provisioned on the least-loaded server. Zero server management required. Each server runs the Agent, Warden, nginx, Postfix, Dovecot, MariaDB, CoreDNS, and MinIO.
- Automatic server provisioning
- Auto-allocation (least-loaded)
- Per-site isolation (user + cgroup)
- All 5 stack patterns
- Internal DNS (CoreDNS)
- Warden security (eBPF/XDP)
- Built-in SSL (Let's Encrypt)
- Built-in backups (BorgBackup + MinIO)