AXGhost is a zero-cloud, zero-AI Go daemon that turns Telegram into a secure natural-language command console for your server — Arabic + English, whitelisted execution, full audit trail.
(199 chars — drop-in for GitHub repo description, hero banners, plugin cards.)
AXGhost is a standalone, single-binary Go daemon that runs on your server and turns any Telegram chat into a precise, auditable command console. You message the bot in plain Arabic or English — "شغل nginx", "create a website", "kill port 3000", "traffic report" — and AXGhost parses intent with deterministic pattern matching (no LLM, no cloud inference), executes a whitelisted system operation, and replies with a clean formatted result.
Unlike ChatOps tools that pipe your command stream through a cloud AI provider or expose an SSH surface to the public internet, AXGhost:
- Never talks to anyone but Telegram. Not to OpenAI, not to Anthropic, not to a proxy, not to a webhook relay. The bot token is the only outbound credential; server data never leaves the box.
- Uses no AI at any stage. Intent detection is pure regex and keyword matching across ~200 bilingual patterns. Fully deterministic. Fully auditable. Reads a config file, not a model weight.
- Runs one static binary. CGO-disabled Go build, no runtime dependencies, runs as a dedicated service user with scoped sudo.
- Authorizes by Telegram user ID. Strict whitelist, silent-drop for strangers, hard-coded forbidden command list, confirmation for destructive operations, sliding-window rate limits, and a JSONL audit log rotated daily.
- Understands context. Per-chat session memory — say "backup it" after creating a database and the bot knows what it refers to.
It is shipped, installed, and configured through the AevonX macOS app plugin manager, but runs fully standalone on any Linux server with systemd.
- Features
- Architecture
- Installation
- Configuration
- Usage
- CLI
- Security
- File layout on disk
- Requirements
- AevonX ecosystem — for developers
- Project status
- License
- Reporting vulnerabilities
Ten command categories. Bilingual. Whitelisted. Auditable.
|
Start / stop / restart / status for any systemd unit — nginx, mysql, redis, php-fpm, postgres, docker, custom units. Create / delete / list / backup across MySQL, PostgreSQL, MariaDB, Redis, MongoDB. Generates strong passwords. Creates users + grants. Create Nginx / Apache sites, reverse proxies, PHP / Node / static / Laravel / WordPress presets, enable SSL via Let's Encrypt with auto-renewal. List open ports, identify the owning process, kill by port, open/close via UFW or iptables. Parse access / error / ssh logs into readable summaries — top IPs, top paths, status codes, bandwidth, failed SSH attempts. |
Container lifecycle, CPU, memory, disk, load, uptime, top processes. Auto-diagnosis when thresholds are breached.
UFW and iptables status, allow / deny, rule listing, policy checks. One-shot shortcuts — |
|
Bilingual NL
Understands Arabic and English in the same chat, including colloquial Gulf / Levantine / Egyptian forms ( |
Contextual memory Per-chat session state with TTL. Multi-step flows (pick engine → pick name → confirm) survive across messages. "Backup it", "delete that one", "create another" all resolve from context. |
Smart error diagnosis On failure, AXGhost doesn't just echo stderr. Port conflict? It names the owning process and offers to kill it. Permission denied? It suggests the exact fix. Disk full? It lists the top ten largest files. |
|
Inline keyboards Interactive options for choice steps — tap "Yes + SSL", "Reverse Proxy", "PostgreSQL 16" instead of retyping. |
Hot-reload config
|
AevonX-native Managed through the AevonX macOS app — dashboard, stats, config editor, live command log, all wired to the local stats API. |
┌──────────────────────────────────────────────────────────────────────┐
│ USER'S SERVER │
│ │
│ ┌─────────────────────── AXGhost Daemon ──────────────────────┐ │
│ │ │ │
│ │ Telegram Listener ──► Command Router ──► Executor │ │
│ │ (webhook / poll) (intent detect) (os/exec) │ │
│ │ │ │ │ │ │
│ │ │ Session Manager Discovery Module │ │
│ │ │ (per-chat memory) (detect services) │ │
│ │ ▼ │ │
│ │ Telegram Sender Report Generator Stats API │ │
│ │ (reply + keyboards) (logs, traffic) (127.0.0.1:*) │ │
│ │ │ │
│ │ Config (config.avx) Audit Log (JSONL, rotated) │ │
│ └────────────────────────────────────────────────────────────────┘ │
│ │
│ Nginx MySQL/PgSQL Docker systemd UFW ... │
└──────────────────────────────────────────────────────────────────────┘
│ ▲
▼ │
Telegram Cloud ◄──────────────► AevonX macOS app
(HTTPS only) (stats, config, logs)
Core modules under internal/:
| Module | Responsibility |
|---|---|
| router/ | Intent detection, regex + keyword matching, parameter extraction |
| session/ | Per-chat state machine, TTL-bounded memory, optional SQLite persistence |
| executor/ | Domain handlers (services, databases, websites, ports, reports, packages, docker, system, files, firewall) |
| telegram/ | Listener (webhook + long-poll) and sender with inline-keyboard support |
| discovery/ | Auto-detects installed services, databases, runtimes, web servers, package manager, init system |
| ghost/ | Daemon lifecycle, signal handling, hot reload |
| ipc/ | Local stats API on 127.0.0.1:<random-port> for AevonX UI integration |
| config/ | config.avx loader and validator |
| logger/ | Four-channel JSON logging — access, error, warning, command |
Open the AevonX app → Plugins → Marketplace → AXGhost → Install on server. The app handles binary push, architecture selection, service user creation, systemd wiring, Telegram token prompt, and health verification. Zero shell required.
curl -LO https://github.com/aevonxapp/axghost/releases/latest/download/axghost-<version>.zip
unzip axghost-<version>.zip
cd axghost-<version>/
sudo ./setup.shsetup.sh will:
- Auto-detect architecture (amd64 / arm64) and install the correct binary to
/usr/local/bin/axghost. - Create the service user
aevonx-axghostwith scoped sudo. - Install config into
/etc/aevonx/plugins/axghost/config.avx(mode 0600). - Install hooks into
/etc/aevonx/hooks/axghost/. - Register and enable the systemd unit
axghost.service. - Prompt for Telegram bot token and authorized Telegram user IDs.
- Verify health by sending a test message.
git clone https://github.com/aevonxapp/axghost.git
cd axghost
make build # builds linux/amd64 and linux/arm64
make zip # produces a full release zip under build/Requires Go 1.22+.
Config lives at /etc/aevonx/plugins/axghost/config.avx (JSON with comments, mode 0600).
Critical: authorized_user_ids must not be empty. An empty list rejects every message — there is no first-come-first-served fallback. Get your Telegram user ID from @userinfobot.
Reload without restarting:
axghost exec config.reload
# or
sudo systemctl kill -s HUP axghost.serviceYou: شغل nginx
Bot: Starting nginx...
nginx started successfully
Status: active (running)
PID: 1234
Memory: 12.5 MB
You: create a website
Bot: Enter the domain name:
You: api.myapp.com
Bot: Web server detected: Nginx. What type of site?
[PHP] [Static HTML] [Reverse Proxy] [Node.js]
You: Reverse Proxy
Bot: Enter the upstream address:
You: 127.0.0.1:8080
Bot: Create Nginx reverse proxy for api.myapp.com → 127.0.0.1:8080?
[Yes] [Yes + SSL] [No]
You: Yes + SSL
Bot: Config created, tested, reloaded.
Let's Encrypt certificate issued.
Auto-renewal configured.
Live: https://api.myapp.com
Full command matrix — every intent, every parameter shape, every Arabic and English phrasing — is shipped inside the AevonX macOS app documentation panel.
AXGhost is also a CLI for admin tasks and AevonX integration:
axghost exec status # daemon status
axghost exec stats.overview # messages, commands, errors
axghost exec stats.sessions # active chat sessions
axghost exec stats.commands # last 100 commands
axghost exec config.show # dump current config
axghost exec config.reload # hot-reload config
axghost exec sessions.clear # wipe all chat state
axghost exec auth.revoke <id> # revoke a Telegram user ID
axghost exec test.send <id> <m> # send a test messageAXGhost runs with privileged access to a production server. Defense in depth, by design:
- Whitelist-based authorization. Silent drop for unknown Telegram IDs — no response, no error, no enumeration path.
- Four-tier safety classification.
ReadOnly/Reversible/Destructive/Forbidden. Destructive commands always require confirmation. - Hard-coded forbidden patterns.
rm -rf /, fork bombs,mkfs, raw disk writes,shadowaccess — blocked in compiled code, not in config. - Input validation. Every parameter (service name, port, domain, DB name, path) is regex-validated before any shell interpolation. SQL identifiers sanitized.
- Per-command timeout. Default 30s, configurable.
- Rate limiting. 30 messages/minute, 5 destructive/hour, 30s cooldown after three consecutive failures.
- JSONL audit log. Every execution logged synchronously with timestamp, user, intent, command, exit code, duration, safety level, result. Rotated daily or at 50 MB. 30-day retention.
- Token handling. Stored only in
config.avx(0600, owned byaevonx-axghost), masked in every log line, never echoed back to Telegram. - Network posture. Outbound HTTPS to
api.telegram.orgonly. Webhook mode uses a 32-character random secret URL component. Stats API binds only to127.0.0.1. - No credentials touched. AXGhost never reads, stores, or caches server credentials, private keys, or secrets. Database users get one-shot generated passwords shown once.
Full model → SECURITY.md.
| Item | Path |
|---|---|
| Binary | /usr/local/bin/axghost |
| Config | /etc/aevonx/plugins/axghost/config.avx (mode 0600) |
| Hooks | /etc/aevonx/hooks/axghost/ |
| Logs | /var/log/aevonx/plugins/axghost/ |
| Data | /var/lib/aevonx/axghost/ (sessions SQLite, audit log) |
| Service | axghost.service (systemd) |
| User | aevonx-axghost (dedicated, scoped sudo) |
| Stats API | 127.0.0.1:<random-port> (localhost only) |
- Linux (amd64 or arm64) with systemd
- Go 1.22+ (build only)
- Telegram bot token from @BotFather
- Outbound HTTPS to
api.telegram.org(polling mode) or inbound TLS port 8443 (webhook mode) - AevonX macOS app (for managed install / dashboard — optional for standalone CLI operation)
AXGhost is one of many plugins that plug into the AevonX macOS app — the control panel for your servers, databases, deployments, and automations. Every plugin in the ecosystem follows the same contract:
- Single static binary under
/usr/local/bin/ config.avxunder/etc/aevonx/plugins/<name>/exec <action>CLI contract for AevonX bridge- Local stats API on
127.0.0.1:<random-port> - Dedicated service user with scoped sudo
- JSONL audit log with rotation
- systemd unit, hooks directory, standard log layout
If you build plugins for sysadmin, DevOps, or server-automation tooling, you can ship on the AevonX Marketplace:
- Publish your own plugins — distribute paid or free plugins to AevonX users.
- Use the AevonX plugin contract — reference adapters, config spec, audit/logging helpers, CLI bridge, and UI manifest are documented in the developer portal.
- Monetize — revenue share on sales through the in-app marketplace, with secure license delivery and update channels.
- Buy and remix — license existing plugins (source or binary) to accelerate your own stack.
Apply / learn more: https://aevonx.app/developers · https://aevonx.app/marketplace
AXGhost is in active development as part of the AevonX suite. Distribution, configuration UI, and progress tracking are handled exclusively through the AevonX macOS app. Internal design specs are proprietary and not shipped with this repo.
Proprietary. Part of the AevonX product. Full terms: https://aevonx.app/license.
Please do not open public GitHub issues for security bugs. See SECURITY.md for the responsible-disclosure process and PGP key.
Built with care by the AevonX team. aevonx.app · Marketplace · Developers · License
{ "telegram_token": "123456:ABC-DEF...", // from @BotFather "listen_mode": "polling", // "polling" | "webhook" "webhook_url": "", // required if mode=webhook "webhook_port": 8443, "authorized_user_ids": "123456789,987654321", // REQUIRED — empty = reject all "default_lang": "en", // "en" | "ar" "session_ttl_minutes": 30, "execution_timeout_sec": 30, "rate_limit_per_minute": 30, "dangerous_per_hour": 5, "confirm_reversible": false, "log_level": "info" }