Warpgate self-hosted bastion access gateway for SSH, HTTPS, MySQL and PostgreSQL on Ubuntu 24.04 LTS by cloudimg. One recorded, audited entry point into your infrastructure with a built-in web admin console for targets, roles, users and recorded sessions. Native HTTPS admin console on :443, separate SSH bastion gateway on :2222, MySQL/PostgreSQL wire proxies, per-VM admin password on first boot. Apache-2.0 licensed.
Warpgate is a self-hosted, transparent bastion / access gateway for SSH, HTTPS, MySQL and PostgreSQL: one recorded, audited entry point into your infrastructure, managed from Warpgate's own built-in web admin console. Administrators define targets (the servers and services users connect to), roles and users, and every session is logged - with optional full session recording and playback - for compliance and incident response. The cloudimg image installs the pinned Warpgate 0.26.1 single-binary release and runs it as a dedicated warpgate system user under systemd. Warpgate is HTTPS-native: its admin console and HTTPS target proxying are served directly on port 443 with a self-signed TLS certificate generated fresh on every VM - nginx is not in front of it. A separate SSH bastion gateway listens on port 2222 (Warpgate's own documented default), completely distinct from the VM's own OS management SSH on port 22. MySQL and PostgreSQL wire proxies listen on ports 33306 and 55432 for database targets. On first boot, Warpgate's own non-interactive unattended-setup bootstrap runs once: it generates a unique per-VM admin password (argon2id-hashed, never stored in plaintext), a fresh self-signed TLS certificate, and fresh SSH host and client keys. Warpgate's audit database, session recordings, TLS certificate and SSH keys all live on a dedicated, independently resizable 20 GiB Azure data disk, re-provisioned with every VM. Apache-2.0 licensed. Backed by 24/7 cloudimg support.