Interactive web-based monitoring and management dashboard for Xandeum pNodes. Monitor services, view logs, test pRPC API, diagnose network issues, track credits, view graphs, and access an embedded terminal - all from a single, secure web interface.
- First-time setup page: Create admin account on first run
- Login system: Secure session-based authentication
- Role-based access: Admin, Standard, and Demo users
- Password hashing: bcrypt with cost factor 10
- Session management: Configurable timeout, secure cookies
- User management: Admin can add/remove users
- Read-only demo mode: Locked safety toggle for demo users
- Real-time system stats: CPU, RAM, disk usage, uptime
- Service status cards: xandminer, xandminerd, pod
- Network connectivity status: External IP and public port accessibility
- Pod credits tracking: Earned credits + top earner leaderboard
- DevNet eligibility: 95th percentile threshold calculator
- Storage monitoring: Xandeum-Pages disk usage
- Health score: Composite score (0-100%) with detailed formula
- Auto-refresh: Every 10 seconds
- View status for all services
- Start/Stop/Restart individual services
- View detailed service logs
- Read-only safety toggle: Protects against accidental service changes
- Role-based permissions: Standard users can control services, demo users cannot
- View logs for any service with line selector pills (100, 2k, 5k, 10k lines)
- Filter logs with search terms
- Find Pubkey feature: Passive grep scan (no restart required)
- Automatic pubkey caching
- Built-in API call buttons (get-version, get-stats, get-pods)
- Custom RPC method input for testing
- Dual-pane display: Call format (curl command) + Response
- Formatted JSON response display
- Localhost checks: Ports 22, 80, 3000, 4000, 6000, 7000 (TCP)
- Public access tests: UDP 5000, 9001 + TCP 22, 80, 3000, 4000, 6000
- External IP detection
- Visual status indicators (β /β)
- 4 graphs in 2Γ2 grid: CPU, RAM, Disk, Credits
- Time ranges: 10m, 6h, 24h (CPU/RAM/Disk) + 40 days (Credits)
- Persistent storage: localStorage cache with 24h retention (40d for credits)
- Background data collection every 10 seconds
- Full interactive terminal using xterm.js
- Role-based access: Admin and standard users get root shell, demo users get restricted shell
- Read-only guard: Terminal access blocked when safety toggle is on
- Session management with timeouts
git clone https://github.com/T3chie-404/pod-man.git
cd pod-man
sudo bash install.shThe installer will:
- Check and install dependencies (Node.js, npm, git)
- Copy config.json.example to config.json
- Install npm packages
- Create and enable systemd service
- Start Pod Manager on port 7000
-
Access the setup page: Navigate to
http://127.0.0.1:7000(or via SSH tunnel) -
Create admin account:
- You'll see the setup page automatically on first visit
- Enter username and password for the admin account
- Optionally add additional users (standard or demo roles)
- Click "Complete Setup"
-
Login: After setup, you'll be redirected to the login page
- Use your admin credentials to log in
- You can manage users from the login page (admin only)
| Role | Service Control | Terminal Access | User Management | Read-Only Toggle |
|---|---|---|---|---|
| Admin | β Full | β Root shell | β Yes | Can toggle |
| Standard | β Full | β Root shell | β No | Can toggle |
| Demo | β Blocked | β Restricted shell | β No | π Locked protected |
The config.json file is created from config.json.example and contains:
{
"server": {
"host": "127.0.0.1",
"port": 7000
},
"security": {
"enableServiceControl": true,
"enableTerminal": true,
"dangerousCommandWarnings": true,
"confirmDestructiveActions": true,
"rateLimit": {
"enabled": true,
"maxRequestsPerMinute": 60
}
},
"authentication": {
"enabled": false, // Set to true after first setup
"sessionSecret": "", // Generated during setup
"sessionTimeout": 86400000, // 24 hours
"users": [] // Populated during setup
}
}config.json is in .gitignore and should NEVER be committed to git (contains hashed passwords and session secrets).
# SSH tunnel from your local machine
ssh -L 7000:localhost:7000 user@your-server
# Open browser
http://localhost:7000cd /root/pod-man
sudo bash setup-https.shThen access: https://YOUR-IP:443
- Passwords: Hashed with bcrypt (cost factor 10)
- Session secrets: Randomly generated 64-character hex
- Session cookies: HttpOnly, secure (if HTTPS)
- No default credentials: Must create admin on first setup
- Cannot delete last admin: Prevents lockout
- Localhost-only default: Binds to 127.0.0.1
- Rate limiting: 60 requests/minute
- Input sanitization: All user inputs validated
- Command whitelist: Only approved services/actions
- Read-only toggle: Defaults to protected mode
- Terminal restrictions: Demo users get restricted shell
- Use strong passwords for admin accounts
- Enable HTTPS if exposing publicly
- Keep read-only toggle ON when not making changes
- Review audit logs regularly
- Don't commit config.json to git
- Change passwords after setup if needed
/- Redirects to setup or login/setup.html- First-time setup (only if no users exist)/login.html- Login page/api/setup/status- Check if setup is complete/api/auth/login- Login endpoint
/api/dashboard- Dashboard data/api/services- Service management/api/logs/:service- Service logs/api/pod-credits- Credits data/api/prpc/:method- pRPC calls/api/network- Network diagnostics/api/system- System stats/terminal(WebSocket) - Terminal access
/api/users/*- User management
# Check service status
sudo systemctl status pod-manager
# Check logs
sudo journalctl -u pod-manager -n 50
# Verify config
cat /root/pod-man/config.json | grep "enabled"# Stop service
sudo systemctl stop pod-manager
# Reset config
cp /root/pod-man/config.json.example /root/pod-man/config.json
# Start service
sudo systemctl start pod-manager
# Access setup page again- Clear browser cache/cookies
- Check
config.json- ensureauthentication.enabled: true - Verify sessionSecret is set
- Check browser console (F12) for errors
- Ensure Read-Only toggle is OFF (terminal blocked when protected)
- Check WebSocket connection in browser console (F12)
- Ensure
enableTerminal: truein config.json
- Verify services are running:
systemctl status pod xandminer xandminerd - Check permissions: Monitor must run as root for systemctl access
- Check read-only toggle is OFF for service control
# Install dependencies
npm install
# Run in development
npm run dev
# Test authentication
curl -X POST http://127.0.0.1:7000/api/auth/login \
-H "Content-Type: application/json" \
-d '{"username":"admin","password":"yourpass"}'- OS: Linux (Ubuntu 20.04+ recommended)
- Node.js: v16.0.0 or higher
- RAM: 50MB (minimal footprint)
- Disk: 50MB
- Network: Localhost (no external dependencies)
- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
Apache License 2.0 - see LICENSE file for details
T3chie-404
- GitHub: @T3chie-404
- Repository: pod-man
- Xandeum Network - For the pNode software
- xterm.js - For the excellent terminal emulator
- node-pty - For PTY support
- Chart.js - For beautiful graphs
For issues, questions, or contributions:
- Open an issue on GitHub
- Star the repository if you find it useful!
Made with β‘ for the Xandeum community