Generate, configure and deploy Linux provisioning scripts to remote hosts all from your browser.
SWAPS is a self-hosted web application that takes the pain out of setting up new Linux servers. Pick the software and configuration you want, fill in your host details, and SWAPS generates a ready-to-run bash script — then deploys it over SSH directly from the browser.
No Ansible control node. No manual scripting. Just point, click, deploy.
- Generates clean, idempotent bash scripts for Ubuntu (amd64) and Raspberry Pi OS
- Live syntax-highlighted script preview
- Diff view to compare changes between generations
- Ansible playbook export
- One-liner cURL export
- Rollback script generation
| Category | Packages |
|---|---|
| Containers | Docker + Docker Compose, Portainer CE |
| Version Control | Git |
| Monitoring | Netdata, Prometheus Node Exporter, htop, duf, ncdu |
| Networking | curl, nmap, rsync |
| Terminal | tmux, vim, unzip |
| Security | Wazuh Agent |
| System Info | Neofetch (custom config + image) |
.bashrcbuilder — aliases, PS1 colour picker, SSH login menu, environment variables- SSH hardening — disable password auth, change port, restrict root login
- UFW firewall presets (Web Server, Docker Host, Minimal, Custom)
- fail2ban setup
- Custom APT repositories
- Cron jobs
- DNS / hosts entries
- Environment variables
- Portainer stack deploy
- SSH authorised keys
- Custom scripts
- Deploy over SSH directly from the browser (password or private key auth)
- Multi-host deploy tabs — manage several servers simultaneously
- Dry Run mode — echo commands without executing
- Live terminal output with progress tracking
- Post-deploy verification checks
- Deploy history log
- AES-GCM encrypted credential storage in the browser (Web Crypto API)
- Master password protected — credentials never leave the browser unencrypted
- Per-host save/load from vault
- Save and load named host profiles
- Shareable config URLs (encodes settings, never passwords)
- Import settings from a live host via SSH scan
- Ansible export for CI/CD integration
- Docker + Docker Compose
git clone https://github.com/pqpxo/swaps.git
cd swaps
docker compose up -d --buildThen open http://your-server-ip:8080 in your browser.
swaps/
├── src/
│ ├── index.html # Source (JSX) — edit this
│ └── logo.png
├── public/ # Compiled output — generated by build
├── build.js # JSX pre-compiler (runs at Docker build time)
├── server.js # Express + SSH + WebSocket backend
├── Dockerfile # Multi-stage build
└── docker-compose.yml
Note: Always edit
src/index.html. The Docker build compiles it topublic/index.htmlautomatically via Babel. Never editpublic/directly.
To update the running container without a full rebuild:
node build.js
docker cp public/index.html swaps:/app/public/index.html && docker restart swapsBrowser ──HTTP──▶ Express (server.js) ──SSH──▶ Remote Linux Host
◀──WS─── WebSocket ◀────── (stdout stream)
- Frontend: React 18 (pre-compiled, no runtime Babel)
- Backend: Node.js + Express, ssh2, ws
- Auth: SSH password or private key, passed at deploy time
- Credential storage: Browser-side AES-GCM (Web Crypto API)
services:
swaps:
image: swaps:2.0.0
build: .
container_name: swaps
ports:
- "8080:8080"
restart: unless-stopped- SSH credentials are never stored server-side. They live only in the browser's encrypted vault or in memory during a session.
- The app has no authentication layer of its own — run it on a private network or behind a reverse proxy with auth (e.g. Nginx + Basic Auth, Authelia, Authentik).
- Dry Run mode is recommended for first-time deploys on production systems.
Pull requests welcome. For major changes please open an issue first.
MIT