Usulnet v26.5.2 released — privacy/security tier for self-hosted Docker (AGPL, single binary)

Self-hosted Applications
1

usulnet is a Portainer-style web UI for managing Docker, but written
as a single Go binary and shipped under AGPL with no biz gating. v26.5.2
is the release where the “privacy + security” tagline earns its keep.

What’s new vs v26.5.1:

Privacy + security

  • Shodan recon connector (bring your own key) — joins HIBP for OSINT
    scans against identifiers you own (with ownership verification).
  • L7 egress filter — in-process forward proxy with per-host allow/deny
    policies. Default-deny, audit log of denials.
  • YARA scanner against host files + container paths (ships
    linux-elf-suspicious ruleset).
  • Container forensics snapshot — one-click memory dump, process tree,
    open FDs, network connections, as a verifiable tarball.
  • Marketplace honeypots — Cowrie, Dionaea, Endlessh, one-click
    deployable.
  • Tor SOCKS5 proxy marketplace app for individual-workload anonymisation.

Operator UX

  • Host-side CLI binary (you run usulnet containers ls from your
    laptop against a remote server).
  • Sidebar regrouped 9 → 7 sections (Compute / Operations / Security /
    Privacy / Platform / Admin / Help).
  • First-run wizard for password change + host attach.
  • Uniform empty-states across 12 modules. a11y landmarks.

Recon sandbox

  • recon-toolkit container rebased on Arch (mat2, exiftool, yara,
    holehe, h8mail, oletools, pdfid). Weekly rebuild so the toolset
    stays current.

Reliability

  • Smoke E2E in CI boots the actual compose stack and walks the
    sidebar before any release.
  • govulncheck on every PR with empirically-pinned allowlist
    justifications.
  • Multi-arch images (amd64 + arm64) on GHCR and Docker Hub.

Zero breaking changes, no new external port, no new bind mount,
no new capability, no call-home.

Honestly deferred to v26.6: full per-page light-theme audit,
frontend animations, trufflehog volume secrets scanner, BlackArch
overlay for the recon-toolkit.

Install: GitHub - fran-olivares/usulnet: Open-source Docker infrastructure platform. One web UI — containers, security, DNS, VPN, monitoring, backups, reverse proxy, terminal, and multi-node orchestration. Replace a dozen tools with one. · GitHub
Release notes: Releases · fran-olivares/usulnet · GitHub