WEB HOSTING CONTROL PANEL

clay

A complete hosting control panel — written entirely in Rust.

clay manages the whole hosting stack from one server-rendered admin UI — websites, mail, DNS, databases, FTP, accounts, SSL and security — with no JavaScript build chain, at build time or runtime.

ONE PANEL · WHOLE STACK

Everything a host needs

Websites & Domains

Domains, subdomains and aliases with per-domain web / PHP / SSL settings, a file manager, and a generated web-server vhost preview.

Mail

Mailboxes with forwarding and autoresponders, mailing lists, and per-domain DKIM / SPF / DMARC / spam / antivirus.

DNS

Zones and records — A/AAAA/CNAME/MX/TXT/NS/SRV/CAA/PTR — with DNSSEC signing.

Databases

Relational databases and users — provisioned and managed in-panel across the major SQL engines.

Security

A host firewall, a bundled rban intrusion-prevention daemon, and a web application firewall (WAF) — built in, not bolted on.

Platform & Tools

Containers, Git deploy-on-push, managed application runtimes, one-click app installs, scheduled tasks, a backup manager, statistics, an audit log and full config history.

EVERYTHING INCLUDED

Full capability list

Every module clay ships, from one panel and one versioned store.

Websites & Domains

  • Domains, subdomains & aliases
  • Per-domain web, PHP & SSL settings
  • Multiple PHP versions
  • Built-in file manager
  • Generated web-server vhost preview

Mail

  • Mailboxes with forwarding
  • Autoresponders
  • Mailing lists
  • Per-domain DKIM / SPF / DMARC
  • Spam filtering & antivirus

DNS

  • Zones & records
  • A/AAAA/CNAME/MX/TXT/NS/SRV/CAA/PTR
  • DNSSEC signing

Databases & FTP

  • Relational databases & users (major SQL engines)
  • FTP accounts with quotas
  • Chrooted home directories

Accounts & Plans

  • Customers & resellers
  • Service plans & subscriptions
  • Panel users with RBAC
  • TOTP two-factor auth

SSL / TLS

  • Automated certificates (ACME)
  • Uploaded certificates
  • Self-signed certificates

Security

  • Host firewall
  • Bundled rban intrusion prevention
  • Web application firewall (WAF)

Platform

  • Containers
  • Git deploy-on-push
  • Managed application runtimes
  • One-click app installs & app toolkit

Tools & Settings

  • Statistics
  • Scheduled tasks (cron)
  • Backup manager
  • Services control
  • PHP version management
  • IP pool
  • Updates & extensions
  • Server settings
  • Audit log
  • Full configuration history

VERSIONED · DECLARATIVE

A config store, not a pile of scripts

Every change is a revision in a versioned TOML store. The same model renders the live service configs — and the CLI inspects exactly what the daemon runs.

Admin UIserver-rendered
Config modeldeclarative TOML
Versioned storerevision history
Renderweb · mail · DNS
Live servicesapplied on host
Built on the same foundations as the firewall appliance next door — an all-Rust control plane, a modular cargo workspace, and a server-rendered UI. cargo run -p clayd -- --demo → http://127.0.0.1:8880

UNDER THE HOOD

Technical profile

Language
100% Rust — no JavaScript build chain, at build time or runtime
Admin UI
Server-rendered, progressively enhanced — no client-side build step
Config
Declarative TOML model in a versioned store with full revision history
Security
Host firewall · bundled rban intrusion prevention · web application firewall
Accounts
Customers, resellers, service plans and subscriptions
SSL/TLS
Automated (ACME), uploaded, or self-signed certificates
Deploy
Container images — single, full, or clustered; end-to-end tested through a real browser flow
CLI
clay status · domains · export · render
DomainsDKIM/SPF/DMARCDNSSEC SQL databasesFTP quotasAutomated SSL App toolkitGit deploy-on-pushContainers Scheduled tasksBackup managerAudit log