monoadmin/the-other-dude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
19 Commits 1 Branch 0 Tags
2605a97331805d85913dfe63833a9d712ccecbd1
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jason Staack 2605a97331 fix: use user.user_id instead of user.id in SMTP settings save 
CurrentUser object uses user_id attribute, not id. Caused AttributeError
on PUT /api/settings/smtp.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-09 21:08:21 -05:00
.github
ci: add feature request issue template
2026-03-09 17:50:45 -05:00
backend
fix: use user.user_id instead of user.id in SMTP settings save
2026-03-09 21:08:21 -05:00
docs
docs: add licensing and support contact info
2026-03-08 20:28:46 -05:00
frontend
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
infrastructure
fix: bump Node to 20 in frontend Dockerfile for Vite 7 compatibility
2026-03-09 20:39:51 -05:00
poller
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
scripts
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
.env.example
fix: use working dev defaults in .env.example
2026-03-09 20:46:33 -05:00
.env.staging.example
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
.gitignore
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
CODE_OF_CONDUCT.md
docs: add Code of Conduct
2026-03-09 12:59:05 -05:00
docker-compose.observability.yml
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
docker-compose.override.yml
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
docker-compose.prod.yml
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
docker-compose.staging.yml
feat: The Other Dude v9.0.1 — full-featured email system
2026-03-08 19:30:44 -05:00
docker-compose.yml
fix: use relative paths for bind-mount volumes
2026-03-09 20:51:33 -05:00
LICENSE
docs(license): update Additional Use Grant — free production use up to 1,000 devices
2026-03-08 20:24:23 -05:00
README.md
docs: add licensing and support contact info
2026-03-08 20:28:46 -05:00

README.md

The Other Dude

Self-hosted MikroTik fleet management for MSPs.

TOD is a multi-tenant platform for managing RouterOS devices at scale. It replaces the chaos of juggling WinBox sessions and SSH terminals across hundreds of routers with a single, centralized web interface -- fleet visibility, configuration management, real-time monitoring, and zero-knowledge security, all self-hosted on your infrastructure.

Key Features

  • Fleet Management -- Dashboard with device health, uptime sparklines, virtual-scrolled fleet table, geographic map, and subnet discovery.
  • Configuration Push with Panic-Revert -- Two-phase config deployment ensures you never brick a remote device. Batch config, templates, and git-backed version history with one-click restore.
  • Real-Time Monitoring -- Live CPU, memory, disk, and interface traffic via Server-Sent Events backed by NATS JetStream. Configurable alert rules with email, webhook, and Slack notifications.
  • Zero-Knowledge Security -- 1Password-style architecture. SRP-6a authentication (server never sees your password), per-tenant envelope encryption via Transit KMS, Emergency Kit export.
  • Multi-Tenant with PostgreSQL RLS -- Full organization isolation enforced at the database layer. Four roles: super_admin, admin, operator, viewer.
  • Internal Certificate Authority -- Issue and deploy TLS certificates to RouterOS devices via SFTP. Three-tier TLS fallback for maximum compatibility.
  • WireGuard VPN Onboarding -- Create device + VPN peer in one transaction. Generates ready-to-paste RouterOS commands for devices behind NAT.
  • PDF Reports -- Fleet summary, device detail, security audit, and performance reports generated server-side.
  • Command Palette UX -- Cmd+K quick navigation, keyboard shortcuts, dark/light mode, smooth page transitions, and skeleton loaders throughout.

Architecture

                        +----------------+
                        |    Frontend    |
                        |  React / Vite  |
                        +-------+--------+
                                |
                           /api/ proxy
                                |
                        +-------v--------+
                        |    Backend     |
                        |    FastAPI     |
                        +--+----+-----+--+
                           |    |     |
             +-------------+    |     +--------------+
             |                  |                    |
      +------v-------+  +------v------+  +----------v----------+
      |  PostgreSQL   |  |    Redis    |  |        NATS         |
      |  TimescaleDB  |  |   (locks,   |  |     JetStream       |
      |    (RLS)      |  |   caching)  |  |     (pub/sub)       |
      +------^-------+  +------^------+  +----------^----------+
             |                  |                    |
      +------+------------------+--------------------+------+
      |                   Go Poller                         |
      |         RouterOS binary API (port 8729 TLS)         |
      +---------------------------+-------------------------+
                                  |
                       +----------v-----------+
                       |    RouterOS Fleet    |
                       |    (your devices)    |
                       +----------------------+

The Go poller communicates with RouterOS devices using the binary API over TLS, publishing metrics to NATS and persisting to PostgreSQL with TimescaleDB hypertables. The FastAPI backend enforces tenant isolation via Row-Level Security and streams real-time events to the React frontend over SSE. OpenBao provides Transit secret engine for per-tenant envelope encryption.

Tech Stack

Layer Technology
Frontend React 19, TanStack Router + Query, Tailwind CSS, Vite
Backend Python 3.12, FastAPI, SQLAlchemy 2.0 async, asyncpg
Poller Go 1.24, go-routeros/v3, pgx/v5, nats.go
Database PostgreSQL 17 + TimescaleDB, Row-Level Security
Cache / Locks Redis 7
Message Bus NATS with JetStream
KMS OpenBao (Transit secret engine)
VPN WireGuard
Auth SRP-6a (zero-knowledge), JWT
Reports Jinja2 + WeasyPrint

Quick Start

# Clone and configure
git clone https://github.com/your-org/tod.git && cd tod
cp .env.example .env
# Edit .env -- set CREDENTIAL_ENCRYPTION_KEY and JWT_SECRET_KEY at minimum

# Build images sequentially (avoids OOM on low-RAM machines)
docker compose --profile full build api
docker compose --profile full build poller
docker compose --profile full build frontend

# Start the full stack
docker compose --profile full up -d

# Open the UI
open http://localhost:3000

On first launch, the setup wizard walks you through creating a super admin account, enrolling your Secret Key, adding your first organization, and onboarding your first device.

Documentation

Full documentation is available at theotherdude.net.

See the documentation site for screenshots and feature walkthroughs.

License

Business Source License 1.1

Free for production use managing up to 1,000 devices with no limitations. Deployments exceeding 1,000 managed devices require a commercial license. See the LICENSE file for full terms.

For commercial licensing inquiries: license@theotherdude.net

For support: support@theotherdude.net — support inquiries are best-effort unless covered by a support license.

The Name

"The Other Dude" -- because every MSP needs one. When the network is down at 2 AM and someone has to fix it, TOD is the other dude on the job. The Big Lebowski inspired, the rug really ties the room together.

Reference in New Issue View Git Blame Copy Permalink
Description
The Other Dude project
Readme 9.2 MiB
Languages
TypeScript 50.3%
Python 39%
Go 9.4%
PLpgSQL 0.4%
HTML 0.4%
Other 0.4%