Hello HN, I've been working solo on Octelium for years now and I'd love to get some honest opinions from you. Octelium is simply an open source, self-hosted, unified platform for zero trust resource access that is primarily meant to be a modern alternative to corporate VPNs and remote access tools. It is built to be generic enough to not only operate as a a zero-config remote access VPN (i.e. alternative to OpenVPN Access Server, Twingate, Tailscale, etc...), ZTNA/BeyondCorp platform (i.e. alternative to Cloudflare Zero Trust, Google BeyondCorp, Zscaler Private Access, Teleport, etc...), a scalable infrastructure for secure tunnels (i.e. alternative to ngrok, Cloudflare Tunnels, etc...), but also can operate as an API gateway, an AI gateway, a secure infrastructure for MCP gateways and A2A architectures, a PaaS-like platform for secure as well as anonymous hosting and deployment for containerized applications, a Kubernetes gateway/ingress/load balancer and even as an infrastructure for your own homelab.
Octelium provides a scalable zero trust architecture (ZTA) for identity-based, application-layer (L7) aware secret-less secure access (eliminating the distribution of L7 credentials such as API keys, SSH and postgres/mysqal-based databases' passwords as well as mTLS certs), via both private client-based access over WireGuard/QUIC tunnels as well as public clientless access, for users, both humans and workloads, to any private/internal resource behind NAT in any environment as well as to publicly protected resources such as SaaS APIs and databases via identity-based, context-aware, L7 aware ABAC on a per-request basis through centralized policy-as-code with CEL and OPA.
You can read more in detail about the features and how octelium works in the documentation https://octelium.com/docs
znpy•5h ago
I love the code being AGPLv3, this means i can actually trust you not to pull the rug from under my feet.
geoctl•4h ago