ProxGuard

Container Orchestration Made Simple.

OVERVIEW

ProxGuard is a universal, declarative application control plane. Define services once in YAML, simulate deployments to catch issues before they happen, then apply with confidence across any runtime — Docker, Kubernetes, or Nomad.

Every action is audited, every change is reversible, and there is zero vendor lock-in. Safety first: simulate before you deploy.

3 Runtimes Docker, K8s, Nomad

99.9% Uptime SLA Production-grade

<1s Simulation Instant dry-run

0 Vendor Lock-in Your infra, your rules

CORE CAPABILITIES

Service Manifest

One YAML file defines your entire service: image, ports, environment, resources, scaling, DNS. Runtime-agnostic, version-controlled, reproducible.

Simulation Engine

See exactly what will happen before you deploy. Catch port conflicts, resource limits, DNS issues, and policy violations. Risk-flagged evidence packs.

Multi-Runtime

Deploy to Docker, Kubernetes, or Nomad with the same manifest. No vendor lock-in, no runtime-specific leakage.

DNS Management

Automatic DNS records across Cloudflare, HE.net, or manual providers. Multiple providers per workspace, zero forced migration.

Immutable Audit Trail

Cryptographic log of every action: deployments, rollbacks, team changes. Append-only PostgreSQL with integrity verification.

RBAC & Teams

Owner, Admin, Operator, Viewer, Billing roles. Multi-user workspaces with granular permissions and workspace context.

HOW IT WORKS

Step 1

Define

Write a Service Manifest in YAML. One file, all configuration. Runtime-agnostic.

Step 2

Simulate

Run a dry-run simulation. See the full execution plan, risk flags, and cost estimates before touching production.

Step 3

Apply

Deploy with confidence. ProxGuard handles runtime details, DNS, TLS, and monitoring automatically.

SUPPORTED RUNTIMES

Docker

Single containers or Docker Swarm mode. Perfect for development and small production deployments.

Kubernetes

Full K8s support with Deployments, Services, and Ingress. Enterprise-grade orchestration.

Nomad

HashiCorp Nomad for lightweight, edge, and multi-region deployments. Simple yet powerful.

SECURITY

Native JWT Auth

Built-in authentication with no external dependencies

Enterprise RBAC

5 clearance levels with granular workspace scoping

TLS Everywhere

Automatic SSL certificates for all services and custom domains

Audit Everything

Append-only PostgreSQL audit log with cryptographic integrity

Secret Masking

Sensitive values never appear in logs, UI, or API responses

Reversible Operations

Every action is auditable and restorable. Restart ≠ Redeploy

TECHNOLOGY

Python + FastAPIOrchestrator

PostgreSQLDual-schema DB

OpenRestyEdge Gateway

LokiCentralized Logs

PRICING

Self-Hosted

$0/mo

Unlimited services. Community support. Full source access.

Starter

$9/mo

5 services. Email support. SSL, custom domains, GitOps.

Professional

$49/mo

25 services. Priority support. Multi-node, team collab, API.

Enterprise

$199+/mo

Unlimited. 24/7 support. SLA, on-premise, SSO/LDAP.

Ready to deploy with confidence?

Simulate first. Deploy safely. Audit everything.

Get Started Visit proxguard.io