ed27fb0da9
The Account.tsx page was removed in PR-2b and replaced by UsersPage.tsx with a UserDetailModal. Several E2E test sections still referenced UI elements that only existed in the deleted page, causing CI failures across shards. - admin-onboarding: update header profile link locator from /settings/account to /settings/users to match the new navigation target in Layout.tsx - account-settings: skip five legacy test sections (Profile Management, Certificate Email, Password Change, API Key Management, Accessibility) that reference deleted Account.tsx elements (#profile-name, #profile-email, #useUserEmail, #cert-email) or assume these fields are directly on the page rather than inside the UserDetailModal - Each skipped section includes an explanatory comment pointing to the PR-3 'Self-Service Profile via Users Page (F10)' suite as the equivalent coverage Verified: admin-onboarding 8/8 pass; account-settings 8 pass / 20 skipped
Charon
Your server, your rules—without the headaches.
Manage reverse proxies with a clean web interface.
No config files. No cryptic syntax. No networking degree required.
🚀 Why Charon?
You want your apps online.
You don’t want to edit config files or memorize reverse proxy syntax.
Charon gives you:
- ✅ Automatic HTTPS certificates
- ✅ Clean domain routing
- ✅ Built-in security protection
- ✅ One-click Docker app discovery
- ✅ Live updates without restarts
- ✅ Zero external dependencies
If you can use a website, you can run Charon.
🛡 Built-In Security
Charon includes security features that normally require multiple tools:
- Web Application Firewall (WAF)
- CrowdSec intrusion detection
- Access Control Lists (ACLs)
- Rate limiting
- Emergency recovery tools
Secure by default. No extra containers required.
⚡ Quick Start (5 Minutes)
1️⃣ Create docker-compose.yml
services:
charon:
image: wikid82/charon:latest
container_name: charon
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "443:443/udp"
- "8080:8080"
volumes:
- ./charon-data:/app/data
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- TZ=America/New_York
# Generate with: openssl rand -base64 32
- CHARON_ENCRYPTION_KEY=your-32-byte-base64-key
healthcheck:
test: ["CMD-SHELL", "curl -fsS http://localhost:8080/api/v1/health || exit 1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
Docker Socket Access: Charon runs as a non-root user. If you mount the Docker socket for container discovery, the container needs permission to read it. Find your socket's group ID and add it to the compose file:
stat -c '%g' /var/run/docker.sockThen add
group_add: ["<gid>"]under your service (replace<gid>with the number from the command above). For example, if the result is998:group_add: - "998"
2️⃣ Generate encryption key:
openssl rand -base64 32
3️⃣ Start Charon:
docker-compose up -d
4️⃣ Access the dashboard:
Open your browser and navigate to http://localhost:8080 to access the dashboard and create your admin account.
http://localhost:8080
Getting Started:
Full setup instructions and documentation are available at https://wikid82.github.io/Charon/docs/getting-started.html.
--- ## ✨ Top 10 Features
🎯 Point & Click Management
No config files. No terminal commands. Just click, type your domain name, and you're live. If you can use a website, you can run Charon.
🔐 Automatic HTTPS Certificates
Free SSL certificates that request, install, and renew themselves. Your sites get the green padlock without you lifting a finger.
🌐 DNS Challenge for Wildcard Certificates
Secure all your subdomains with a single *.example.com certificate. Supports 15+ DNS providers including Cloudflare, Route53, DigitalOcean, and Google Cloud DNS. Credentials are encrypted and automatically rotated.
🛡️ Enterprise-Grade Security Built In
Web Application Firewall, rate limiting, geographic blocking, access control lists, and intrusion detection via CrowdSec. Protection that "just works."
🔐 Supply Chain Security
Verifiable builds with cryptographic signatures, SLSA provenance attestation, and comprehensive SBOMs. Verify what you run with transparent, tamper-proof evidence.
🌐 Smart Proxy Headers
Automatically adds standard headers (X-Real-IP, X-Forwarded-Proto, etc.) so your backend applications see real client IPs, enforce HTTPS correctly, and log accurately—with full backward compatibility for existing hosts.
🐳 Instant Docker Discovery
Already running apps in Docker? Charon finds them automatically and offers one-click proxy setup. No manual configuration required.
📊 Real-Time Monitoring & Logs
See exactly what's happening with live request logs, uptime monitoring, and instant notifications when something goes wrong.
📥 Migration Made Easy
Already invested in another reverse proxy? Bring your work with you by importing your existing configurations with one click:
- Caddyfile — Migrate from other Caddy setups
- Nginx — Import from Nginx based configurations (Coming Soon)
- Traefik - Import from Traefik based configurations (Coming Soon)
- CrowdSec - Import from CrowdSec configurations
- JSON Import — Restore from Charon backups or generic JSON configs
⚡ Live Configuration Changes
Update domains, add security rules, or modify settings instantly—no container restarts needed.* Your sites stay up while you make changes.
🌍 Multi-App Management
Run dozens of websites, APIs, or services from a single dashboard. Perfect for homelab enthusiasts and small teams managing multiple projects.
🚀 Zero-Dependency Deployment
One Docker container. No databases to install. No external services required. No complexity—just pure simplicity.
💯 100% Free & Open Source
No premium tiers. No feature paywalls. No usage limits. Everything you see is yours to use, forever, backed by the MIT license. * Note: Initial security engine setup (CrowdSec) requires a one-time container restart to initialize the protection layer. All subsequent changes happen live. **
💬 Support
❤️ Free & Open Source
Charon is 100% free and open source under the MIT License.
No premium tiers. No locked features. No usage limits.
Built for the self-hosting community.